last executing test programs:

1m3.214445142s ago: executing program 4 (id=214):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000083850000002d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="38010000100013070000000000000000ffffffff000000000000000000000000fe8000000000000000000000000000bb0000000000000000ffffffffffffff80", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1e00010000000000000000000000000000000032000000ff010000000000000000000000000001000000000000000000000000b902c6a5000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}, 0x1, 0xe}, 0x0)

1m3.158026597s ago: executing program 4 (id=216):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x0, &(0x7f0000000240)=ANY=[], 0xfd, 0x11f3, &(0x7f0000001b80)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=") (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="850000004f000000350000000000000085000000070000009500000000000000f7670880271e3503200ffa95a2c8c037c5a142dfa86a620e77d192ba6287066c5197fabd5f7010e80001000000000000dc39cd340101000000000000e22ff5dde54704d25c79949c04000000000000000ea7c0aac28de194f4480000000098d3712ca47044e06324637e93363e5bccbaa2bb755af3d576090c4867a7b4393e366c6386d5ec7209d0310010000000000000a7f550afc852003bad0742c62f7846c744ae6af3c04143cca8d95c2c505d5e37102124d85cec074c6949e1c768fb9c5ea38ee9fe5f170f4104dbaba408ac3abe6c4d7f47ef6d02ba5388dacecf7eb6baaa4a9779f8555eaea768c1f2c221c110ef050000000e575874ffffff7f000000000000004004b8c5a660459ac9ae0b21675a324812696a62d992a4f8dc8dcba00b1b2d2547c45b0c52087b5efabf84d6b9a95166bd008ea0327b56c0ebfb19a34268335648e1f844ce328c10752a42dca52fb98c1452b651ebf942f7297f7b2744419a2f238f173d0cd46dafc6e95500f53e53090000000000000075d9c07d591019c4da7aea2487d677eb49f8982b6ce629b3b20000000000000000000000000900000000000000000000004e41ffd11d41614f0fa1bd91245d6bd59ef2dc12ca89be9196deffa79f388202637595fef57b7f0c45ed12dc24fbb3c7d3eb03d3d8cf9faa8a97dcf608fa767d9169444c759c3045c6a3777b6aba5fd7c76ff5565ad3bfe59182593182b36fc29865c66e61d81be1afd3462da5a18136a4f79c1af28844b5010000000aed9821b1e4c6f2e2f96e69f37b82dff2693a38c98bc46ea286bd6b74d7817de8b61d28b052b1bb195190c07d4fc61a4002b56497d37803f5c328e236d1f86b25ff27dad249afd2cca8663d4c06efd9e96c6be5daabf68f5434690d8ca3bec085dd3a1e94c1dba6353e6ac4437cb955afb2a559ce95e5c0a0352e012000"/722], &(0x7f0000000140)='GPL\x00', 0x0, 0xffffffffffffff9f, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
socket$nl_route(0x10, 0x3, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) (async, rerun: 64)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0) (rerun: 64)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) (async)
io_uring_enter(r1, 0x11af, 0x0, 0x0, 0x0, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0xfffff000, 0xe, 0x2000000, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x8000}, 0x28)
truncate(&(0x7f0000000000)='./file2\x00', 0x2328)

1m3.13023128s ago: executing program 4 (id=221):
mkdirat(0xffffffffffffff9c, 0x0, 0x8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d214"], 0x68}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000004844000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

1m3.073924885s ago: executing program 4 (id=222):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000280)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="1e00000000000000040000000180000008000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="72ef1d4b000000000000001000000000a03db40bd11d9dd65add067bae3a511e3523bb19df729b45057d6cc817b35a4c393617d1f88af36e1af7d42ad512c8087fc31fbe61e6e7098878ccd98ea00870fc8d2fd0ee806804d89558274862fbf9729b374508d077d92ec543d38263e8817a5cb87b4396a1b3b4efbcdd9a6b3b9efabb71b58d05d0cf70d7a1d647d25b6a3298b2"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @multicast1}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'geneve1\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000080)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14)
bind$packet(r3, &(0x7f0000000380)={0x11, 0x3, r4, 0x1, 0x53, 0x6, @link_local}, 0x14)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000140), 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
pipe(&(0x7f0000000100)={<r5=>0xffffffffffffffff})
unshare(0x20000400)
ppoll(&(0x7f0000000000), 0x20000000000000a4, 0x0, 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r6, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x31, 0x0, 0x0)
recvmmsg(r6, 0x0, 0x0, 0x10162, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
inotify_init()
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})

1m2.958090496s ago: executing program 4 (id=227):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x5, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000012000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

1m1.801714446s ago: executing program 4 (id=240):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48) (async, rerun: 64)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) (async, rerun: 64)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000000)={'pim6reg1\x00', &(0x7f0000000a00)=@ethtool_perm_addr={0x20, 0x1000, "0cdfbb94b74d568cf7286d4fdc5d2be5b4808bd422891110090e644d1a638499e4d837755c7e720fd0972ca742cd4061512607376b1c47328c7b13dba586b1b2f17cd2ee43162c69ca55070a54c1c5d802493e151799857bcc2eceb5f11a581e706a19657f5fe70ae3423835f495404e6cb46f9329d23bb13ff406ff19fdbd532d79354caf09c5fa1abbce99de9fbfb980b3ddb199c5e6008a615c14de4e1b2e2d0af2a67acb315ccc6d866f1f7d05a248dae371243aedfc8b211786a9d6f9e0c9f6146ca0973f64cab1dbf8d5b39d188df983b96040f365b2555a5b4a68e89ba3de2c2dfdc36d906462a008a5c13713fcc1d9a7f45c5976c52d84576b858c79e8e1075578537b8581f43846110b9cfe4fbd1f8edd3540bee8dc2dc9b4e0aff5e2239d3c492fb0c80438991b31e03dd48620a87b2b3446ca12f88302be9eeb93299f359b20f84ed92f158a4c4530126d34a59f4e75e44eed9fdc57caf679ca3bafe261ce009231f3b316344f336bf12fccb14fd6aae509894f711a644fbf8465cbe071c786375407344ff2e54ba5f5845f33498167527519c2b72e479394fce3f13c60d1907b73c0c04aa34356d8046f81c5b65e14667dde6eeb8e792ac62912bd469c3232a8f4e53214d8f7b7c82a10bc72fdf64f0554a9cae23e1137bfab5d85963f5b5943eaf0fc7818fbc93f15c3e9190bda12943e9f9cce837994b143e1387470f46b5ee764a28af2f8670083b0635899d29f42171fd79aac782b5b918c46b6cf7b8b8e5c713dcfc1ee1dba2c01c4a5d5311a4c68c1a79708ed55128c9f7ef6a6c32470942267b22083b86b7c730d5d34e09dda078c1ac60862dad9851e4cf039569bcc7046150d2c3328225e7fbc3ab6835711a23a0118634fb2b804d6080326ab551df5da207c185c318f20d68cd218dde4ce6ae083472b986cfc58e60132228c9794bc3f6fcac28309596cff2c3051776b15f740ef8e00945daef674d99b2a35bdfc716021a621830e6a1495c72ddac6046d5a33da3914f1f4751c588af1bfacff15ff6f65997b1cb1f7782c106248d9203f437551588df64ae46e42cddcbf86a543f00a0c223da2f69a548cbc1ce5952e595b7386b9109bcf61e14ca777c5396adfa6e1d1b392822bc8741e86ca7030bb7ef30fc7972b0b570656d0dff0d3d2f487ddcd24489faeaf8d268961589e9a207ee75950eb098b0845e5645414b2ad3319608981530d1a6e77d8d4dc6c7e168bdb8a592243d6e013d71841a2597700b307daa6729a33952ff08d8af7b07f52e09be808d2a47ed7fa1d234a75c16d38d533a899f60d9470c87e6a8c8ba0809871e6815b1bc695b9fdd4941ce28dfe520a9c08aa5623de34004fddc3252871d51ac785c0d23b0a714293cfdf7639f560fd58758f83cc1f5f97eafa7b8cd47326ff742fc22794e10fb0adda6a687033d85594ff04c0f49be3ce4e53f007843ad4ed22225ff69b9c686820ad12d2594e173d233e8d875eb1c864fa729ebfa46d153fbf8971c30fc4ca41d725f9b5c625c974a56eef88df93f44b6cca40eaebcae5673227799ba7c1345ff26f5ffdd14c0af807e289e342e4718c8cf649bdeee751ef4a3937232dcb3876ff041e8bace709a4e84dc828e331f49b40d8dce7788a924d1cc9823d7b8888a8bc900b819d74a3c274be4fbaf3273743779030a7aaa20b13ddc0c360ff706f4a4d9cb67cc5f71b64e22c976847fabddc5b53515799115664acd60ac3ba7290ec0525e6c64cd4c6f210a1a63cea973c0162695cb28f16d92f6839f9d7ae658b5cefd0fcadae610abbbbb39f8cea17ea681dad079abae89fee4cd4ee93c089f991c5c22c8b32b9f8d15e834306181faad27db6743fac1f5385985619c79b50a53d8053fc8f7f516c2a3e2fef0b3f2c76c1ba03355bfe9f4609b81abf4815d6ddd9b9af971caa726f29583d349cd949b8cfb47e2b7be2667b63537a6843f4deb4d36dd89dc082275231962c0aeab6b0f701ea1e8ae8fbdca28798f8145f54ef89fbf111b8cdba4a7f192ae9edcbdd293715ce45f16420379421a9cd0e3bc37e2f7c29dbe4455957d625736641166e1adfe622227923fbdb82f7ef3b4fdb3f280d94f49df6aacf99c45d3e5349a5f64fa28179901c96459eb462da18744abbc2925a24addf1e20c8eb0dd70230066c1f2e0ac67c5c9c2d47d2f03d17cf6521a314befd398f95980cf23bf7f72b1271f489496f89e855fd07d4bf561f557e1189613ea25d2cae340d1dacfb28dae6e6fae79038fcdfd003a651e05a015683ec4edc249c246ba68ed7f4da08bcdab4e4f8a52b2da9b71c577f60924bb733d03841b2d87cc65185c9faa49ea2e101c7f4bc42af450b98412d976711bb08f01aaf80f1ce26e3d3510ec55148f68880f4f2483af6c531fca397a0b2b141a485958c12882a842e43c3b12b309b0333b1501f340bbb727298d22cab47215eab896fe2a690deea41ad250a05806b44b864320d34c44e6dd1856e3561e6e027c190c42e7ff75e118511b90be961292029d26771f20509ea55548ac02bdbc8cd9a632f77db6a7ca77cf9219449acb41dd480175fdf8070114e9028a6ee709f1202bae58402e18e6f554f342ac4f9e461fc5c40164e8bc4a8fe0fbbc40e3c85e5f4ff894b7257d76034a98d310d610c94f98d409ad6b7fad1a3bf258f2ec541aff74f9b3ddd896aed5a35e9d54f50bf158fbe4befe314308ef105fea41c7f3df5bba89d179afac302419b17939ac1a640aa132f462542acd25c3fd2f054ce0963b6d095cad022f4a55d4ea71607c90aef75405fdf45e13ca8b0a925292d8e83166c76a62fd40779940f321bfa7edcde4d6996401fd9a77bfc7529a902ad8d19635917b822962fb560259e3fb8b57b10ca158c6eee6595c6a403ea32f19f0a0bf62f6496e6a16e2ee5cf9aade197504f2e0fb1d14956c18d9e20a0f4fd17409bef6cb0bf406d73740e07f960c16b4caff25ca7b03527835a1e8cec95d3df26d4fcd5471702a9a8b071881c3084af1b148816fb6ba8797c1d54bcd1d7d504fd9e24645eafe4af95b533603857328269bd38da09c090c627f9f3d6af32f0a90ea7de6a0ed0d55121b68dbb9f3a0bc2c87a65cfa18f98ff2a33bfe2129ebde47b1ba7962dff7d2349ded03d03cea9e52fd6c53e6ab48e6ffb4f9e5d79a526769915c2224578a1921e5d03fa357320cecb316418336b6372834d842c5160b2629098e63e8345c011a8ce5ed0c6376e53f583a1e34d0a015d8cf4e75cc936e06a66bcb44fab198177901af4e8c69c5d213b0e3ea88084cbf15de1a07ea2c65829b8affbb87e9377da35abce4c45aafa7e828554549fbdf404bce14593752fc1a74c74708321d52f2d8695e03045f77e340847fecf3db80a07b39205c512dd5c5f78e9aeeb45724713f6239a4dde652181b81a73a47cbe8e6420a604c488df46a3217cbff2c08ec27155964e430bdaf7ea8e6fa43bab251e6116c9b59d7763484847ae6f6558ed01efd78b67696f44ac1ff1101534d7c8d6351d1b82906392fc6f26dece14d9a79218dae9a9d4464ef47735afa4806e355bb5c2ac4e09f8da8f9f0bc0ed0db64a055d35868f2044e4fb7408d042f96dca6b02bd7a2b9ea2b68c3c5c5939727918da235232523603e03da9755532f4ae8a5e63b439ca9e0df0c9eca5527ab54eaf59d36af2f0d3999d453507061891f89d6c1f553221f7f647588797e5df6b0cc15323ba1c06e3d32ee43cb8168afdf20f3bc4f42a98ca6237978940ff766365235a793698629f73f474adafa7f95fbc8ec908a094433a42db7c621da8872364bd2c01d82eaefd244a4b935214d866a3f5b546cc73223bd9deb91dbf8a45eb53adcec7118752d1cdfb13645dd0c46ad001677d0c2b4739414548aabd157573e4bb786bea517bbae89615652c5fb9d8d5696db911cebf590737f8031e141ab35044867c6b5068ee43049c581a71908f9c4e492f90f568a1bf01c97690af6770f9ebedb5e08eb82e6c4c9cbb132197a3270887d672f08fcbdb2a56d7bf3778776c4f1d7dc1b73300112dbe941d0a6aae21b121dd20ef1f41334cffd5cded449cd7b9ae14eeb403e72f659b4d0b39c92c760d1fe018a279d01ab3994bf86c6535167386cbdee9135e66bf58d2987fa7f6e83015b85ad6170466cc1d2d5cab6077f33468feb46ee189e53c59ffe871fc26e158c2e8e31ec1242de5f19708c397f93cd2233bdbaca368325813c265bd5a82a45db58159164d64af295b8b4e0bbb0adc18145da1a779269e62c601c431b9f132721f9812ee16049a2e3937e1eb51796798dbc2506011ca34fe228673c34fc5d86fa59c4620eddf518c4de40789d6e87c9d3d21baf85ed8e66b21ba86a5e43e39cf200bd0621e1cc168bbc39ae236704bb92061bf1cc5d51ad0a18c8664b7e7adc804df290fc02cdaa1cdca550a1720f8260f5663af1063262ec007a610e7b26642bb6c8e1952a69ebba1f7a744ab4344513171126ad87cb0575d0fa12a6114c075d63a04a987204e2fabfd241334f6a6410480aa4aa9b1a1ac012434743c59155f53be30d566d7d13dc4f0e5c7dd09e7347b7d05e90295531222a9ad92c08909779717667377069fcae253c1dc20bfa6ffd6eb1abcb6c15823d60a32476b7899a621b4f2e5e1bb011bc5e3a94c551daf5e74f8c6c0ec3a4ee5c28b4bba52f46f1cdfa736729beba9ed1ce111b8aea272a636b72498f2bada64f0aab4ccf4a7eae31b4a4c0231a01d2e15decffb19c8fab13b0a5c4b1d06b2d7cee72254bb0cdab973322f7f75cc0d12d3c0a0a017082b3344702f92fe033076f9e83ce599b36f4256a04ccc51d065efa550b60d81e19e54f79cfa4648bef23a76b5193ee8d24bcc28a462a135b4a6072f1c461aa2ce63ddf297f237a9984e0dc4c9088fc156a8c71e2470c98cddfda182cf1279101312c474427233bd953c6c8bcf2aaff453170614941f7eba1c48ed5d1a1613c8d7fd9043760079d2dec6f89c7ad269d208f0bcb731c232c11d8d765132b693bf5fac02a4d523d36ec6f85a1bad54a57236757147571788e519203f7cca4fe2b48ec79258ba54dadbce43bdb0819e6b3b5300272890cd72fda1e336f03fb66fd6d1bffe41bdf1c528d003e42fda1089ed4b3a1a4a4df97250b835eb0eb0d373cd22a5b57bc392414aa9ca30994683f066ef78d1d08b911d714f907e5a017212ce1651ac631199aaa5373b86a92bf59b4cbab1be60c7ff18620926adfd11984faf348c6b2ee7c027774f844893b681fe014f9668bd1ca7b26383391cd819d31fb0ba7cb81e82d3802cb30cbda828e0fa2b7756ce30035bc4d95b50de643214d5f238a5487827fff8fb6b74a6fcff457828884dd3cb4820879a210e71f6c18e075f784af43c617b6be362c98f9b85a7f2ecd5be00c0d5ab8aab3f03bc4b017431af5a6bf1ee4c41191d392b43e92a5d106bbd065fa9be2ecce07a982510715dbf2be152d713434c843355c5ba41238722e76f77e0b333a2d3812aecc8c7d92665a79caaaf12100ee5ad9e9df877596a25683c3f845cb2362d2cf397e711aaff3193d896ae88f42483d74cb481280ece66bab8fa6df7b014cb4bc266516579270e63466cecc9bc131d1f15e0f5952065535c89edff9d5e6736f384625808345698072c83dbd9edafa5b694fa330514fe6dd31ffdd3596a4e255092a2b10e5f3661dbc9cc4d6b2b49a382cc95c7947d70fda83d05cdecdac835aca272a3c34219e8478b65406bbd80ca1fe92f"}}) (async)
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='cmdline\x00') (async, rerun: 64)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') (rerun: 64)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c7334a0e3da30110b8194711bb6d7076e6f", @ANYRESHEX=r2, @ANYBLOB=',\x00'])
r4 = syz_io_uring_setup(0x4973, &(0x7f0000000380)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000340)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x1000000, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000280), r7)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000400000010000000050010000000000008000100", @ANYRES32=0x0, @ANYBLOB="05000f0000000000060011"], 0x6c}}, 0x0)
io_uring_enter(r4, 0x567, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18) (rerun: 64)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = io_uring_setup(0x253d, &(0x7f0000000080)) (async)
r10 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r10, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) (async, rerun: 64)
bind$tipc(r10, &(0x7f00000004c0)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x1, 0x1}}, 0x10) (async, rerun: 64)
close_range(r9, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000002000000000000000000000000070200006111960884fc57f0532d6bbfd3ac1144a81714d8c76790b9e5beef8421c8b08937dd741474175608bcd18c03f1d7c30b844b6175581d56b8aca9bb7aa34a327469eae6c23621577c7b75e47e37a89b33e42bdaa8c947ba"], 0x18}, 0x1, 0x5502000000000000}, 0x0) (async)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x1a, &(0x7f0000000240)=ANY=[@ANYBLOB="180500f1a1d74a470d0000000000000000000001", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018200000", @ANYRES32=r11, @ANYBLOB="00000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000017010000f8ffffffb702000008000000b70300000000000085000000060000000500000010000000"], 0x0, 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94) (async)
write$UHID_CREATE2(r11, &(0x7f00000002c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r11, 0x0) (async)
r12 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r12, 0xc0481273, &(0x7f0000000000)) (async)
pipe2$9p(&(0x7f0000002180), 0x0)

1m1.692557077s ago: executing program 32 (id=240):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48) (async, rerun: 64)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) (async, rerun: 64)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000000)={'pim6reg1\x00', &(0x7f0000000a00)=@ethtool_perm_addr={0x20, 0x1000, "0cdfbb94b74d568cf7286d4fdc5d2be5b4808bd422891110090e644d1a638499e4d837755c7e720fd0972ca742cd4061512607376b1c47328c7b13dba586b1b2f17cd2ee43162c69ca55070a54c1c5d802493e151799857bcc2eceb5f11a581e706a19657f5fe70ae3423835f495404e6cb46f9329d23bb13ff406ff19fdbd532d79354caf09c5fa1abbce99de9fbfb980b3ddb199c5e6008a615c14de4e1b2e2d0af2a67acb315ccc6d866f1f7d05a248dae371243aedfc8b211786a9d6f9e0c9f6146ca0973f64cab1dbf8d5b39d188df983b96040f365b2555a5b4a68e89ba3de2c2dfdc36d906462a008a5c13713fcc1d9a7f45c5976c52d84576b858c79e8e1075578537b8581f43846110b9cfe4fbd1f8edd3540bee8dc2dc9b4e0aff5e2239d3c492fb0c80438991b31e03dd48620a87b2b3446ca12f88302be9eeb93299f359b20f84ed92f158a4c4530126d34a59f4e75e44eed9fdc57caf679ca3bafe261ce009231f3b316344f336bf12fccb14fd6aae509894f711a644fbf8465cbe071c786375407344ff2e54ba5f5845f33498167527519c2b72e479394fce3f13c60d1907b73c0c04aa34356d8046f81c5b65e14667dde6eeb8e792ac62912bd469c3232a8f4e53214d8f7b7c82a10bc72fdf64f0554a9cae23e1137bfab5d85963f5b5943eaf0fc7818fbc93f15c3e9190bda12943e9f9cce837994b143e1387470f46b5ee764a28af2f8670083b0635899d29f42171fd79aac782b5b918c46b6cf7b8b8e5c713dcfc1ee1dba2c01c4a5d5311a4c68c1a79708ed55128c9f7ef6a6c32470942267b22083b86b7c730d5d34e09dda078c1ac60862dad9851e4cf039569bcc7046150d2c3328225e7fbc3ab6835711a23a0118634fb2b804d6080326ab551df5da207c185c318f20d68cd218dde4ce6ae083472b986cfc58e60132228c9794bc3f6fcac28309596cff2c3051776b15f740ef8e00945daef674d99b2a35bdfc716021a621830e6a1495c72ddac6046d5a33da3914f1f4751c588af1bfacff15ff6f65997b1cb1f7782c106248d9203f437551588df64ae46e42cddcbf86a543f00a0c223da2f69a548cbc1ce5952e595b7386b9109bcf61e14ca777c5396adfa6e1d1b392822bc8741e86ca7030bb7ef30fc7972b0b570656d0dff0d3d2f487ddcd24489faeaf8d268961589e9a207ee75950eb098b0845e5645414b2ad3319608981530d1a6e77d8d4dc6c7e168bdb8a592243d6e013d71841a2597700b307daa6729a33952ff08d8af7b07f52e09be808d2a47ed7fa1d234a75c16d38d533a899f60d9470c87e6a8c8ba0809871e6815b1bc695b9fdd4941ce28dfe520a9c08aa5623de34004fddc3252871d51ac785c0d23b0a714293cfdf7639f560fd58758f83cc1f5f97eafa7b8cd47326ff742fc22794e10fb0adda6a687033d85594ff04c0f49be3ce4e53f007843ad4ed22225ff69b9c686820ad12d2594e173d233e8d875eb1c864fa729ebfa46d153fbf8971c30fc4ca41d725f9b5c625c974a56eef88df93f44b6cca40eaebcae5673227799ba7c1345ff26f5ffdd14c0af807e289e342e4718c8cf649bdeee751ef4a3937232dcb3876ff041e8bace709a4e84dc828e331f49b40d8dce7788a924d1cc9823d7b8888a8bc900b819d74a3c274be4fbaf3273743779030a7aaa20b13ddc0c360ff706f4a4d9cb67cc5f71b64e22c976847fabddc5b53515799115664acd60ac3ba7290ec0525e6c64cd4c6f210a1a63cea973c0162695cb28f16d92f6839f9d7ae658b5cefd0fcadae610abbbbb39f8cea17ea681dad079abae89fee4cd4ee93c089f991c5c22c8b32b9f8d15e834306181faad27db6743fac1f5385985619c79b50a53d8053fc8f7f516c2a3e2fef0b3f2c76c1ba03355bfe9f4609b81abf4815d6ddd9b9af971caa726f29583d349cd949b8cfb47e2b7be2667b63537a6843f4deb4d36dd89dc082275231962c0aeab6b0f701ea1e8ae8fbdca28798f8145f54ef89fbf111b8cdba4a7f192ae9edcbdd293715ce45f16420379421a9cd0e3bc37e2f7c29dbe4455957d625736641166e1adfe622227923fbdb82f7ef3b4fdb3f280d94f49df6aacf99c45d3e5349a5f64fa28179901c96459eb462da18744abbc2925a24addf1e20c8eb0dd70230066c1f2e0ac67c5c9c2d47d2f03d17cf6521a314befd398f95980cf23bf7f72b1271f489496f89e855fd07d4bf561f557e1189613ea25d2cae340d1dacfb28dae6e6fae79038fcdfd003a651e05a015683ec4edc249c246ba68ed7f4da08bcdab4e4f8a52b2da9b71c577f60924bb733d03841b2d87cc65185c9faa49ea2e101c7f4bc42af450b98412d976711bb08f01aaf80f1ce26e3d3510ec55148f68880f4f2483af6c531fca397a0b2b141a485958c12882a842e43c3b12b309b0333b1501f340bbb727298d22cab47215eab896fe2a690deea41ad250a05806b44b864320d34c44e6dd1856e3561e6e027c190c42e7ff75e118511b90be961292029d26771f20509ea55548ac02bdbc8cd9a632f77db6a7ca77cf9219449acb41dd480175fdf8070114e9028a6ee709f1202bae58402e18e6f554f342ac4f9e461fc5c40164e8bc4a8fe0fbbc40e3c85e5f4ff894b7257d76034a98d310d610c94f98d409ad6b7fad1a3bf258f2ec541aff74f9b3ddd896aed5a35e9d54f50bf158fbe4befe314308ef105fea41c7f3df5bba89d179afac302419b17939ac1a640aa132f462542acd25c3fd2f054ce0963b6d095cad022f4a55d4ea71607c90aef75405fdf45e13ca8b0a925292d8e83166c76a62fd40779940f321bfa7edcde4d6996401fd9a77bfc7529a902ad8d19635917b822962fb560259e3fb8b57b10ca158c6eee6595c6a403ea32f19f0a0bf62f6496e6a16e2ee5cf9aade197504f2e0fb1d14956c18d9e20a0f4fd17409bef6cb0bf406d73740e07f960c16b4caff25ca7b03527835a1e8cec95d3df26d4fcd5471702a9a8b071881c3084af1b148816fb6ba8797c1d54bcd1d7d504fd9e24645eafe4af95b533603857328269bd38da09c090c627f9f3d6af32f0a90ea7de6a0ed0d55121b68dbb9f3a0bc2c87a65cfa18f98ff2a33bfe2129ebde47b1ba7962dff7d2349ded03d03cea9e52fd6c53e6ab48e6ffb4f9e5d79a526769915c2224578a1921e5d03fa357320cecb316418336b6372834d842c5160b2629098e63e8345c011a8ce5ed0c6376e53f583a1e34d0a015d8cf4e75cc936e06a66bcb44fab198177901af4e8c69c5d213b0e3ea88084cbf15de1a07ea2c65829b8affbb87e9377da35abce4c45aafa7e828554549fbdf404bce14593752fc1a74c74708321d52f2d8695e03045f77e340847fecf3db80a07b39205c512dd5c5f78e9aeeb45724713f6239a4dde652181b81a73a47cbe8e6420a604c488df46a3217cbff2c08ec27155964e430bdaf7ea8e6fa43bab251e6116c9b59d7763484847ae6f6558ed01efd78b67696f44ac1ff1101534d7c8d6351d1b82906392fc6f26dece14d9a79218dae9a9d4464ef47735afa4806e355bb5c2ac4e09f8da8f9f0bc0ed0db64a055d35868f2044e4fb7408d042f96dca6b02bd7a2b9ea2b68c3c5c5939727918da235232523603e03da9755532f4ae8a5e63b439ca9e0df0c9eca5527ab54eaf59d36af2f0d3999d453507061891f89d6c1f553221f7f647588797e5df6b0cc15323ba1c06e3d32ee43cb8168afdf20f3bc4f42a98ca6237978940ff766365235a793698629f73f474adafa7f95fbc8ec908a094433a42db7c621da8872364bd2c01d82eaefd244a4b935214d866a3f5b546cc73223bd9deb91dbf8a45eb53adcec7118752d1cdfb13645dd0c46ad001677d0c2b4739414548aabd157573e4bb786bea517bbae89615652c5fb9d8d5696db911cebf590737f8031e141ab35044867c6b5068ee43049c581a71908f9c4e492f90f568a1bf01c97690af6770f9ebedb5e08eb82e6c4c9cbb132197a3270887d672f08fcbdb2a56d7bf3778776c4f1d7dc1b73300112dbe941d0a6aae21b121dd20ef1f41334cffd5cded449cd7b9ae14eeb403e72f659b4d0b39c92c760d1fe018a279d01ab3994bf86c6535167386cbdee9135e66bf58d2987fa7f6e83015b85ad6170466cc1d2d5cab6077f33468feb46ee189e53c59ffe871fc26e158c2e8e31ec1242de5f19708c397f93cd2233bdbaca368325813c265bd5a82a45db58159164d64af295b8b4e0bbb0adc18145da1a779269e62c601c431b9f132721f9812ee16049a2e3937e1eb51796798dbc2506011ca34fe228673c34fc5d86fa59c4620eddf518c4de40789d6e87c9d3d21baf85ed8e66b21ba86a5e43e39cf200bd0621e1cc168bbc39ae236704bb92061bf1cc5d51ad0a18c8664b7e7adc804df290fc02cdaa1cdca550a1720f8260f5663af1063262ec007a610e7b26642bb6c8e1952a69ebba1f7a744ab4344513171126ad87cb0575d0fa12a6114c075d63a04a987204e2fabfd241334f6a6410480aa4aa9b1a1ac012434743c59155f53be30d566d7d13dc4f0e5c7dd09e7347b7d05e90295531222a9ad92c08909779717667377069fcae253c1dc20bfa6ffd6eb1abcb6c15823d60a32476b7899a621b4f2e5e1bb011bc5e3a94c551daf5e74f8c6c0ec3a4ee5c28b4bba52f46f1cdfa736729beba9ed1ce111b8aea272a636b72498f2bada64f0aab4ccf4a7eae31b4a4c0231a01d2e15decffb19c8fab13b0a5c4b1d06b2d7cee72254bb0cdab973322f7f75cc0d12d3c0a0a017082b3344702f92fe033076f9e83ce599b36f4256a04ccc51d065efa550b60d81e19e54f79cfa4648bef23a76b5193ee8d24bcc28a462a135b4a6072f1c461aa2ce63ddf297f237a9984e0dc4c9088fc156a8c71e2470c98cddfda182cf1279101312c474427233bd953c6c8bcf2aaff453170614941f7eba1c48ed5d1a1613c8d7fd9043760079d2dec6f89c7ad269d208f0bcb731c232c11d8d765132b693bf5fac02a4d523d36ec6f85a1bad54a57236757147571788e519203f7cca4fe2b48ec79258ba54dadbce43bdb0819e6b3b5300272890cd72fda1e336f03fb66fd6d1bffe41bdf1c528d003e42fda1089ed4b3a1a4a4df97250b835eb0eb0d373cd22a5b57bc392414aa9ca30994683f066ef78d1d08b911d714f907e5a017212ce1651ac631199aaa5373b86a92bf59b4cbab1be60c7ff18620926adfd11984faf348c6b2ee7c027774f844893b681fe014f9668bd1ca7b26383391cd819d31fb0ba7cb81e82d3802cb30cbda828e0fa2b7756ce30035bc4d95b50de643214d5f238a5487827fff8fb6b74a6fcff457828884dd3cb4820879a210e71f6c18e075f784af43c617b6be362c98f9b85a7f2ecd5be00c0d5ab8aab3f03bc4b017431af5a6bf1ee4c41191d392b43e92a5d106bbd065fa9be2ecce07a982510715dbf2be152d713434c843355c5ba41238722e76f77e0b333a2d3812aecc8c7d92665a79caaaf12100ee5ad9e9df877596a25683c3f845cb2362d2cf397e711aaff3193d896ae88f42483d74cb481280ece66bab8fa6df7b014cb4bc266516579270e63466cecc9bc131d1f15e0f5952065535c89edff9d5e6736f384625808345698072c83dbd9edafa5b694fa330514fe6dd31ffdd3596a4e255092a2b10e5f3661dbc9cc4d6b2b49a382cc95c7947d70fda83d05cdecdac835aca272a3c34219e8478b65406bbd80ca1fe92f"}}) (async)
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='cmdline\x00') (async, rerun: 64)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') (rerun: 64)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c7334a0e3da30110b8194711bb6d7076e6f", @ANYRESHEX=r2, @ANYBLOB=',\x00'])
r4 = syz_io_uring_setup(0x4973, &(0x7f0000000380)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000340)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x1000000, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000280), r7)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000400000010000000050010000000000008000100", @ANYRES32=0x0, @ANYBLOB="05000f0000000000060011"], 0x6c}}, 0x0)
io_uring_enter(r4, 0x567, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18) (rerun: 64)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x40000, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = io_uring_setup(0x253d, &(0x7f0000000080)) (async)
r10 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r10, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) (async, rerun: 64)
bind$tipc(r10, &(0x7f00000004c0)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x1, 0x1}}, 0x10) (async, rerun: 64)
close_range(r9, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000002000000000000000000000000070200006111960884fc57f0532d6bbfd3ac1144a81714d8c76790b9e5beef8421c8b08937dd741474175608bcd18c03f1d7c30b844b6175581d56b8aca9bb7aa34a327469eae6c23621577c7b75e47e37a89b33e42bdaa8c947ba"], 0x18}, 0x1, 0x5502000000000000}, 0x0) (async)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x1a, &(0x7f0000000240)=ANY=[@ANYBLOB="180500f1a1d74a470d0000000000000000000001", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018200000", @ANYRES32=r11, @ANYBLOB="00000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000017010000f8ffffffb702000008000000b70300000000000085000000060000000500000010000000"], 0x0, 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94) (async)
write$UHID_CREATE2(r11, &(0x7f00000002c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r11, 0x0) (async)
r12 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r12, 0xc0481273, &(0x7f0000000000)) (async)
pipe2$9p(&(0x7f0000002180), 0x0)

57.408731706s ago: executing program 3 (id=348):
pipe(&(0x7f0000000080)) (async)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000003f00)=[{&(0x7f0000000000)={0x14, 0x14, 0x1, 0x0, 0x0, "", [@typed={0x2}]}, 0x14}], 0x1}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) (async)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
sendmsg$inet(r2, &(0x7f0000001400)={&(0x7f00000000c0)={0x2, 0x4e21, @broadcast}, 0x10, &(0x7f0000001340)=[{&(0x7f0000000100)="eb616dbc14485eec989866ebba29864f83d623402bb608230d32882209afe5403755f205ba46d4204f0cb4b7dd8b9ebad523515d9b4408a19645aacee425d6012aa7cb288b45e943cc4efeaaea25ba1a0ce5adeda05bf9e5ce99c481edac7b0bc4910a68dcda18c86a07c4515653fd2bddb7ea20c6b313807a9e432300a597ebe075ef7b6e672f3bd6c23e7fcbf0c3dc9948005016e0f0c4a3768f49686a0aa0db8aca9caa", 0xa5}, {&(0x7f00000001c0)="f0c8a664771d947c717c5323b19ade052e988b69f122661350094e2f102d25b270ee5e3df8d0a6148c2a04829cb7d6ee0aba5e4e752be73e65bb2f765ce2c1ebbb35e802f3dff7ab731b7a8dd291f8b326cbd87c888ece89a4ed32f38ff0b9c99b170d1cf95198fb2aa5f90e2addd04ea1eea1858ce5e65b50daf61b16b554216fceef0cfa1e9a7e120859796c640dd2eb29a35ca67f174b0e2a3c7a54fdb148ba7d487c7b05431438e03a0e5c434e9320d20890174bb50a056438e87f29051b404ccab3fde0d3128b43e62159757012b5da847a8de4b43b8ea69cbce09a3dac60ce404c047925b162918a7fe37561df4f1e7800d838cf07fb5cd7259a21a3ccfdb7a5a7b55c04b10e5f954dcb1797f53bfa5365788a6e5bc348263596737cd446d9c3ce1c07191ba938dbed81f0143359cc469c234b0fe49992069d5e7e900e6c4f8de919f29ec47bf5b1601e3681c9b303cf124aa5a79900abd3c0cdeabd725e1730760ea0d6599c9af2b55cfebbd8cfb657cd97774d71ab4f2ba770f7cb3bbc9db00c1a5f7deba5b212a7846de5113b8892007a6149537d97ce7a8bfd5db1121a224f2818626470b6363adfeec74afc31cbb6c013ab2f76a69d4f56bb30e62b87bec2b99d9b38e129a5639e884c134dc96ed362e2200a677e49a0672d96bf1e6a9261052c9f8a5edf043701e83bd4f10a9c2571da7a4f582eb916c5ccb82e2e4dc862259352dceda949778193077166c13893533168c94218c77127e3df02fd004ca9b875b64c13ae68ede8a9f4f77289fcc374b4f3fa9098b44a55b02ceaf5974c128ce728a92d99e21d7d4e433385fc99f65324927a4e45915bb426f872915968462fdf21181553ce845babf0eb0be980229975b42663eaca03e282b02cc62df44f9d3e8cda9cafd2c85e46e5d5f61aec2538029ee2a7d4296e8a4558a146238b86df710dbc6ef725a10b83b0847cea96abdef7a20652a2aac52a99b863620a4dc507580fd5d570b5c72d2709d2d5cd0c4ba79ff8eb13d744bc18f2a9bce13cd569f1fc603312c0f8b60575ff81e8c2c738e11d77adb49a5a5935b330f6513a87182ab5efb230933d155a1360d90137dde0aeda9d58412591c9a087ae47be307535732643f30d283a21e798f595dd817bda8e6db044f3af6b4887265654c5b3d6013c9965568b1b1897bfb7907b096d98244b5cef230504bf7d3f211b41ea2aa44e5258d5a0d9e3925c724c1c346de5bee0d19e3ae5603c8964f8d77f36c4ceb79d2ab2905d5f3ed84bf4f6b50af90dc9189bad22256ca34c3046ef55522583040617d7c619d7583448a50b0e0ba41536d62b860a0d6842b8f28cc8f60e9bad61a44cb5513ea1445807c4e671871ab9d7e53d54caba24001725bef863c66f85da27aa258b9e9e257fc829fd04e544743c4fca3a50ddcbe13a83b36226119c0b11ef514482e764ead43a48fcfe2d271df0472cd5e46559cde394d18afa8c61bffa967d49137f81e6882f51ed9afb112c03d8179431ab7156c9a14e7d5714ff6fe381062df70f24f8e76c31c3fa485f62d847dcb6e9be854432dd6478e6bec8d2d0bdb89e39dccc4f7b41104693810223bef87fbb2118b9a155ba40524f1a35b98e775688ea4e93c92a720eeccef1c0c1912c521eac21f613892efb20e1aba2451f56ffc3564fbf4fc1ca7f8a23db4ebe7a582aa951145f68b4e96f9d7ea0650d5c66b64c9f206036c6149e7cb401f71cd0fa1a01dcb5296b483a89741338b50e097523c92f676af6c8766ca4ce59e05caa122948073372c794090e829e4b09d0fa1cc1d8f7bed5f183460663e6a3fc32b7f0e7f34bd58a0eb0ffd3005f603875e3f7a03baab9d60e9510bbda5ccf596d0ba23676352756c5a2a122fba97c38e796f5d477c8446c690dce164efe3fd6c6a8c59f7edbabaa7e511c1f62b94c82e67b03fdcc691951c25a8cf1c451e7f6a6b27e9755f67a025e191cc8be8e51b17858311ec3ae2f41f4c23c5236e82c9cb0941de407cddefdff11b199654194a596c3cec5b774383d0eab48e58b9bea183a6a6bb3eee65c547fcc00ec9acb0d06f30dcdb1004a2bf8f1c527358bd2eb8523ee2e04f132005cea9bbfeb1db378cfafb9faadaa5e3cf401b73c313e7f0c457f26a42246ee9b0ab6270f65c1f6f4dde562c2e9ef62de8ba70f39151d8e436140a626a3cce55f008ee30f0ffd7282505dd704a63832ec19e21575e544887a190f5a204c6bf6cfb9ed3453091ea1cc543395b5c7c114d34cd68ecc9e26e1eef17537603025559325a7edc0313d609b4be8b6f90921663f967fb899191e90e169722ea7d9e132c3e734562b16eb50b2a7f13c2fc8aad477618b8d6b0963ba9f7eb55070c6506f20850a9511baaa4ae79b7f319a4adb16f1d6e46b437593ada0f77ddd9f85ae76f97c6feb0fc0cc4a64bce9f72209eccbb3accfc0dc477f1bcd31c4eb8d88d21904cc4eac057a84a607a5149a44b7ef3fc6c9865caaacba0f733a61db0c185acc55507d2fb25c12ea215165d626677995aeeacb81a799889c45b3573d8d6c3b04c14740907ed793bdf351bda65d7242ec4696c7a2818cc3fe699e2058f10582ed5b58621c9eeaf87d3d8823847ee97bd260c68263a0f7d8788228ff45befdcef5869ae1df9c4f3d71eabeec92f83827e32b84a9edf42417e05cce03d89dec54f6f04d477e8c9a787ec8564c6acfe3849b08d17d45110673baaa20b29373a6fdd12b3d032cb067b2dff38614aa25e88e94db8992d9ac5fb9ea20ae4344d0192587c16f27018ba52fe02f877281da6befc8c7bbd7fbdcd412b4410b6e688f780066cd11c5ec899bd5d0cd4689f60a5137015af88e8bff3b62b142b839317f4b84cd3cc5db38f50fed4fb409fd30a1c38d920a63fbc5153ef8fc025bbbd089154dd6ea2db7cc6d416496a238c125ee8db666fcb30c68c60aaa7f43173fecab4ea542493032878e9f403ccd19581b059c64bee25d0f9e4edd6904c2bdafc7a7c4d817dd17ee91c961eecd55678ac12fae60ad812eaa1bf4b9dd81d32b651235c41e87e4ba68b9fdf1969a30baa5077ed61f4110d263bc63d122f298d7b06db73ad95355f606d04f30a73f0eddb5685b35bad01e01ccd0cad748a0d168bd75db4a3d22ba8276530aeabf543508653d4ef27f651d4028c11aa9351049a2b51a5abc9eb2b0fc120212c825c55c32489e30394c78c7589f30f5ec55754e8296fabc5ac05787658ea045a9864a4cc2e9d47c5a6275a321311ead89bc8e4631e79db5503a860e794f0b86e1895db9ec52ddda76e10182b9ed9313ed5d32c767234fadc1a6bb334b6012e24ab0b12457b283a39b8d6b0bcf8cdc3349aeb3762ff464335f69b90f5f8cc2fb60c78a562793d62e215a8602a999952b51fe3380ada4172d6bb221f4c1be29f28777d1d291d1c28577b1641eac5cea45c1efff385112970c01c47b9972ef02a75c4e607bbb5c2f57330d3a1ad759a6c827a829680d2374662a2a416b00e1691f0849335fbdfbb6ae032e69a664706a7722ca1b2239e1022aa2e96fb365beb45c9328fd66960d84fdde57a6842d4223098682cfe50fc6bb442e0b78b5cb844f97a8cc48fc632dbbe24aef9be01a3e3bfffe93a6f89006baeea1e224e5cb22bcc3dd69ec15b9b2c209a4190142e6752cdf9995ca692754e155daddae1248a5772ee9bd2a78515d2da0e4c301b4c2d65f4d44fbf3695e8931cf2769c931e60882ec219862bd745f9528c0f1731c0a25a100f45dcae511f81deb7cf844b4b97606d68fe7a16b41d393a5e4d2afd4012985349c07bae9127d7d102ab9fa945033eb8986fdbd18916c183471c0a6d8a9113ddf1061101d2b8304f32f4aeb5208692208b6f4fe91f2cf5322c6d8ab70161bd523fd8a1c5ec5cf307bcc8b13230f1d6d5b0ebcfbd6c84060d949e3fa42162222857e86c1d51704c4bfd732ad9c8afe9154b1c691ac9b7722f0ffff2a7a829c4f26e0499db1bad80905206caa1e576e4925be52c9af5dce54ad6d0700640e8d3c66f9edb38fcad30c7ea757c9fe55e888f4045ef1fdb1c5851ba252a407b2789b64845e0cad0e4b1988603b4b6643621c09d38e48b55333058c329d0deb6204b60ba8afdf94a41215e6624700ed6b16ab838a5216b638eed393cc7e7afea14c89f434c2af088e9080554c9f05fa34130bcfe44e2b129b9521189d96c5ca212d6734373a74ed0df59f779e2acf05656b0c9ea79ab738b101b2254eb64d95eb9e947406e975ac360afcbed4e7cd6d2e400e5d9acf5dad308754a72c30a9bf80f9632e4b0ef54ce8604d629dc47d6d3218c97fd3df017d32465bf8cd124c85f631c7b9fdda2e9ed00fdd4d1b416b2b5bebbc586f13a85bac70860c338a130e8ec2e66bf0da74029160f8f797ddba6523c2e9cf8ff7544a9c4fd1ebd64ddbf74078f10f76d44400c46d0ab3271a08708c01104430cc5a6fdbca2e6477fc1c66a57f611a9d7a87d9bb0e21a76e5683d80e1fc8937595c59946661bbaff648ae66298f5451854bb3e0b1a44ad707b90c2a4197b72b15f3a0065bc3165184d54c7d1946150cbd7b88a9bcd65498167c7acd2a41989cc99f7e84ca31e60691146da2b076b01fb7180c831cfed2f1d926a060bf274245ca854b77fc9b0e19084bcce97b374ab6455b86f2aad987f6126c5faf36b82e92c082686b90094be22449d267e70f8d9e0e4fd2c00363a8b43b86455ee19397daefc6c216e2432a425c7b18146310eb9e28b726d2adceb529746ad232bfc1ef428ebb03c43f13a41da9120d1874648685650cd6c4e610fa81d83ea66f5d2cda2d50781e077e65d09b351958a0cdc28f08dce7e1447e5cf4ed1221b74d4eea5206d6729e5a710bb8eae6ebb91664a85c2812825906d53e5c211c862dfcfeb8cfaa409526c049036e6001583423b3f7dffd0be0d494c7f4492a164b49729ed9e34de148d0bbda05a98e68e532ab088afc239ac2d9cfa628980a76afeb2f0d78af6531228b9b70462b9ad98900c5394e6a9e60bb0e348001ffc81967ff1e1a38359f9906753054cc6361526f1e7285ba0b923a0f5347c597832e8f24a02918b0e9f74981cae2eb35c8841904e4ff3838d3f6724a9a22c6be2078cf234e0c2558ea9884039a2f57f84188341062e1c8e2b69021d37999c9053d80657fe52e951c51c4857ceffb3a95adcba6a08e097bc8bca7d04a651f05534794a1e7df075c835980436292a85cef103d8e530aa36ba5a95fae16abb46a007526c69d4de54501a14b9d672c2e03e3fbc10edbfa358c1fa03cee80a17d90e445d0108860f444b84adcc2b2ee8137ae3bc8ebdca59178a073baf65ee4819df48c9ee6a676149791c2558fe457403161c88e53251614be61ca24a0e5033d3fcb2d3353e5b3525cf079808210b169f7966374ad55d508642f34f31b21b03216a95489eddd3c38b41e46d531a8942d89ab9e2442fcd7509fd8c0910f4614d7d1be27a1aac96594268a7e9e7bcdb296cdc4c738b48c1cb943600f3fe41af63508dfee53f493bfa9a9f77577229a4f19a314f761da37e7dc2e12aa6004584cf35ed349d951fbff7f9d03a3ac7ea25157522f95940fca0c3228482182476a454077120894a86085ba654af8280ab1eadac80e1e2e48c3a5c259cb870658742c123efe75c40fb53b5752564cf0b4fc982fe3718f8af979393ec6d3c117c4a4076cee3c9b4deaa319e48bcab75a3d94b9659d56ef637a9fbceaccf3b9e4d7d8eb2c8e8d92d514711204cd8e0c0ac9d7b54", 0x1000}, {&(0x7f00000011c0)="b2e9b8819775a2ced857156a5895e40c079bff6d863e2477d264bebed8a47b037cd7f107834c3b041d1981b684a4611b614c43e2be4c93f3df1c38ad1852e0d58f12abb9eaee28118ef498a024298bd9cd090a3aa26f188ffa846695b4af16c4130c303063553a599af8685e204a1364376967a60f08d0819e3e1df3b3829275762de36fb37b8710a15e708d51805829854c75dc6219b12d0b585d1999d38b89a4ca51b524ead2bdb19fb845bb3e0059e83ae2df24adebb800c83386f66a7dcca1c649dbea7201f0e2d3b2a0b9d832b163162c87095c21054048a675c544bfe7a2990e", 0xe3}, {&(0x7f00000012c0)="a251a6560d9491366127da5f0c884f1ec7e4f574c03f6ef107a5e91a11ea69e246dbafa9b6b455620967e4bb70c8c5e3f9509b0385fe7ed278a09ac565598411456027375207d8b8ec44f1e63f5351fd69605c1c5ff5ba9ac0", 0x59}], 0x4, &(0x7f0000001380)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0xb}}}}], 0x50}, 0x200480d0)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

56.548575668s ago: executing program 3 (id=373):
r0 = socket$inet6(0xa, 0x6, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

56.524450771s ago: executing program 3 (id=375):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/cgroups\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$kcm(0xa, 0x6, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = inotify_init1(0x0)
inotify_add_watch(r3, &(0x7f0000000100)='./file0\x00', 0x40000582)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r1, 0x8982, &(0x7f0000000100)={0x0, 'pim6reg1\x00', {0x4}, 0x9})
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000800)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be2566cd0723043c47c896ce0bce66a245ad98a6f77ef26dcca5582054d54d53cd2b6db714e4b2557eb3c5ca683a4b6fc89398f2b9000f224891060017cfaa7a34700de60beac671e8e8fdecb03588aa623fa71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f7098696afb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a032de54a2ad9cdac2e981ab59016f81860324b8003029e938858ffa30ce8a55129fa207d2513b711d83d366a7e0df0667a2c8dd2b0665de28cd407db6f8ef6082cb509b628203fab234cef6a77d6016a6cbf19f9687717d399233ef170b5bfdb55cab50aab08c8ddebd55654ea4d0caf2a2409db567260721a9b731cb58810978b60f930b7c92475c3483b06855d3b6ebde0092e67c0020000000000000067badf02c28f8cd94d347888a769591ce0dbb84a7aa02bff13398335aefbd1e874a6568d3f3d96dd30211bd963a45bca24a231d4f0b468a1667762972cdfde32ae7a69c23c50911a3c8a24622889f8aebce8e0bc88f35f5e40e21e4f2bf4b90655667acc84d84d67d6b240ddceafc5cd4fe94b79a00058566f49787d426ce3aae17094ab0078770155481c86c8e9e6ddb9a680af2d65ed710e3e9e370b711f31f865f2c1c5684e834ce38ff08bcc7429a596a7b1b3f45ffd6e2431f101189b00540986c22232521c8a87aecc3131595bac7c28076b55f071459adedd5953e4bde7c5e679739b07baa099338777899d54f13de88e5bdcd671c1742b0fabd0f40d1302e554090649eb2ec27f7b5afd721dab34"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000d00)='kfree\x00', r5}, 0x10)
r6 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
io_setup(0x8, &(0x7f0000000340))
keyctl$KEYCTL_MOVE(0x1e, r6, 0xfffffffffffffffe, r6, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10d, 0xa, &(0x7f0000000000)=r4, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="070000000400000000080000f7ffffff20000000", @ANYRES32, @ANYBLOB="0000000000e4ffffffffffffff00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, 0x0)
sendto$packet(r9, &(0x7f00000000c0)="24d41ef2502c6b8d356d236c0800", 0xe, 0x0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r0, 0x20, &(0x7f0000000580)={&(0x7f0000000640)=""/234, 0xea, <r10=>0x0, &(0x7f0000000a80)=""/251, 0xfb}}, 0x10)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/12, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r11}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x5, 0x10, &(0x7f0000000c40)=@raw=[@alu={0x4, 0x0, 0x4, 0xa, 0x8, 0xffffffffffffffc0, 0x10}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x594}}, @ldst={0x1, 0x0, 0x1, 0x2, 0x3, 0x6, 0x1f}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}], &(0x7f0000000480)='syzkaller\x00', 0x8, 0x1d, &(0x7f00000004c0)=""/29, 0x41000, 0x4, '\x00', 0x0, @fallback=0x11, r0, 0x8, &(0x7f0000000500)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000540)={0x4, 0x9, 0xb1f}, 0x10, r10, 0xffffffffffffffff, 0x0, &(0x7f0000000740)=[r11], &(0x7f0000000780), 0x10, 0xfffffff2, @void, @value}, 0x94)
r12 = socket$kcm(0x10, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x493)
sendmsg$kcm(r12, &(0x7f0000000600)={0x0, 0xffffffc1, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181014100000000010000000000000e000a000f00000002800200121f", 0x2e}], 0x1}, 0x0)
pipe2(0x0, 0x4000)

56.344625758s ago: executing program 3 (id=383):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./bus\x00', 0xc0ed0006, &(0x7f0000000300)={[{@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@dioread_lock}]}, 0x1, 0x449, &(0x7f0000000e00)="$eJzs3LtvHMUfAPDv3vkS5/WzfyE8YhIwBITFw46dByloQBQUICHRBFEZ24lMnBjFRiKRBaYxJYpEjyiR+AuooEFAhUQLPYoUITcJVIf2bte52He2L3fOJeznI208493NzHdn52525s4BFNZw+k8SsT8ifo+IgXr2zgOG6z9urS5N/b26NJVEtfrOX0ntuJurS1P5ofl5++qZajXL725S7sp7EZNzczOXs/zY4sUPxxauXH1p9uLk+ZnzM5cmzpw5eeLortMTp7oSZxrXzaFP5o8cfuPda29Nnb32/s/fpvXdn+1vjKNbhutXt6lnK90urbcONKSTvh5WhLaUIyJtrkqt/w9EOfbku0q9rRmw06rVarXZ+3NmuQr8hyXR6xoAvZG/0afPv/l2j4Ye94Ubr9YfgNK4b2VbfU/f2gNQZd3zbTcNR8TZ5X++SrfYoXkIAIBG36fjnxebjf9K8UjDcf/L1lAGI+L/EXEwIh6KiEMR8XBE7dhHI+KxNstfv0KycfxTut767M6nqNPx3yvZ2tad47+1/3uwnOUO1OKvJOdm52aOZ9dkJCq70/z4JmX88PpvX7Ta1zj+S7e0/HwsmNXjet+6CbrpycXJTmJudOOziKG+ZvEnkS/jJBFxOCKG7rKM2ee/OdJq39bxb6IL60zVryOeq7f/cqyLP5e0XJ8cf/n0xKmx/pibOT6W3xUb/fLrytutyu8o/i5I239v0/t/Lf7BpD9i4crVC7X12oX2y1j54/OWzzR3d//PrlVuV/bz48nFxcvjEbuSNzf+fuL2uXk+Pz6Nf+RY8/5/MG5ficcjIr2Jj0bEExHxZFb3pyLi6Yg4tkn8P732zAftx7/JrHwXpfFPb9X+0dj+7SfKF378rv34c2n7n6ylRrLfbOf1b7sV7OTaAQAAwIOiVPsMfFIaXUuXSqOj9c/wH4q9yzG/sPjCufmPLk3XPys/GJVSPtM10DAfOp7NDef5iXX5E9m88ZflPbX86NT83HSvg4eC29ei/6f+LPe6dsCO830tKC79H4pL/4fi0v+huPR/KK5m/f/THtQDuPe8/0Nx6f9QXPo/FJf+D4XU8rvxpY6+8t9pIulFoRLtJKLUwenV3fdJFA9Aom/bf8yiWaJ/62Oat0WvX5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6498AAAD//1/O4lI=")
setresgid(0x0, 0x0, 0xee01)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(r0, 0x0, 0x0, 0x0)
timerfd_create(0x7, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x1}]}]}}, 0x0, 0x5a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
setresuid(0xee01, 0x0, 0xffffffffffffffff)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
pread64(r1, &(0x7f0000001200)=""/99, 0x63, 0x0)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x64842, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r2, 0x4004662b, &(0x7f0000000000)=0x5)

56.090146882s ago: executing program 3 (id=392):
getdents64(0xffffffffffffffff, &(0x7f0000000340)=""/79, 0x4f)
getpid()
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, &(0x7f0000000000), &(0x7f0000000200)}, 0x20)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@empty, @in=@remote}, {@in6=@remote, 0x0, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x800}, {0x0, 0xfffffffd}, 0x0, 0x0, 0x2, 0x1}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r6}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000100)=@v1={0x0, @aes128, 0x1, @desc1})
sendmsg$nl_route_sched(r7, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000180)={&(0x7f0000000800)=@ipv6_newroute={0x44, 0x18, 0x1, 0x0, 0x0, {}, [@RTA_ENCAP={0x18, 0x16, 0x0, 0x0, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0xa, {0x0, 0x0, 0x10}}}}}, @RTA_OIF={0x8, 0x4, r1}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x7}]}, 0x44}}, 0x0)
syz_open_dev$MSR(&(0x7f0000000000), 0xa, 0x0)

55.402310198s ago: executing program 3 (id=407):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b6fffec850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x2, 0x230, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="000000000000000000000000007f0000000000000000000000000000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000002000000000007465616d300000000000000000000000766c616e30000000000000010001000000000068307b746f5f7465616d000000aaaaaaaaaabb000000000000aaaaaaaaaabb0000000000000000d0000000d000000000010000766c616e0069df4e5100000000000000000000079ba31300000000000000000008000000000001010000000000000700636f6e6e6c6162656c0000000000000000000000000000000000000020000000080000000000000000000000000000004e46515445554500000000000000000000000000000000000000000000000000080000000000000000000000000000040000000000000000000000004b5d0000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000004000000000000000000000000000000000000000000000000000001000000feffffff010000000b000000000000000000626f6e643000000000000000000000007465616d300000000000000000000000626f6e64300000000000006c73c387735cc18268315f746f5f62726964676500aaaaaaaaaabb000000000000ffffffffffff00000008000000007000000070000000a0000000434f4e4e5345434d41524b0000000000827900000000000000000000000000000800"/560]}, 0x2a8)

55.37657917s ago: executing program 33 (id=407):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b6fffec850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x2, 0x230, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="000000000000000000000000007f0000000000000000000000000000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000002000000000007465616d300000000000000000000000766c616e30000000000000010001000000000068307b746f5f7465616d000000aaaaaaaaaabb000000000000aaaaaaaaaabb0000000000000000d0000000d000000000010000766c616e0069df4e5100000000000000000000079ba31300000000000000000008000000000001010000000000000700636f6e6e6c6162656c0000000000000000000000000000000000000020000000080000000000000000000000000000004e46515445554500000000000000000000000000000000000000000000000000080000000000000000000000000000040000000000000000000000004b5d0000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000004000000000000000000000000000000000000000000000000000001000000feffffff010000000b000000000000000000626f6e643000000000000000000000007465616d300000000000000000000000626f6e64300000000000006c73c387735cc18268315f746f5f62726964676500aaaaaaaaaabb000000000000ffffffffffff00000008000000007000000070000000a0000000434f4e4e5345434d41524b0000000000827900000000000000000000000000000800"/560]}, 0x2a8)

29.133346917s ago: executing program 6 (id=1102):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000003c0)={[{@nobh}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noquota}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x85c5}}, {@nojournal_checksum}, {@jqfmt_vfsv1}]}, 0xfe, 0x576, &(0x7f00000024c0)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRdBlNOtY62PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH3yJ3PSmzdqk6bK41ubzgbudc+9Nzj0553t6Tm5CAhhYY9k/hYhXI+KbJOJoy7HhyA+OrZ638uTmdLYlUa9/9mcSSb6veX6S/384z7wSEb9+FXG6sLnc6tLyXKlcThfy/Hht/tp4dWn5zJX50mw6m16dnJo6987U5Pvvvdu3ur558e/vP33w0bmvT6589/OjY/eSOB9H8mOt9XgOt1szYzGWvyYjcX7DiRN9KGw3SXb6AujJUB7nI5GNAUdjKI96YO+7FRF1YEAl4h8GVHMe0Fzbb7EO3pNLvMcfri6ANtd/ePW9kTjQWBsdWkmeWhllL8ZoH8rPyvjlj/v3si369z4EQFe370TE2eHhzeNfko9/vTu7jXM2lmH8gxfnQTb/eavd/KewNv+JNvOfw21itxfd47/wqA/FdJTN/z5oO/9du2k1OpTnXmrM+UaSy1fKaTa2vRwRp2Jkf5bf6n7OuZWH9U7HWud/2ZaV35wL5tfxaHj/04+ZKdVKz1PnVo/vRLzWdv6brLV/0qb9s9fj4jbLOJHef73Tse71b+vgNovuqv5TxBtt2399uZNsfX9yvNEfxpu9YrO/7p74rVP5G+f/kef7Vb9usvY/tHX9R5PW+7XVZy/jxwP/pJ2O9dr/9yWfN9L78n03SrXawkTEvuSTzfsn1x/bzDfPz+p/6uTW41+7/p91wC+2Wf+7x+92PLXH/t83Wf1n1to/29Ot/dcTyaY97RMPP/7yh+aT1ev1W89W/6z9326kTuV7tjP+bee6euvNAAAAAAAAsHsVIuJIJIXiWrpQKBZXP99xPA4VypVq7fTlyuLVmWh8V3Y0RgrNO91HWz4PMZF/HraZn9yQn4qIYxHx7dDBRr44XSnP7HTlAQAAAAAAAAAAAAAAAAAAYJc4HHGg3ff/M78P7fTVAf85P/kNg6tz/OdH+vFLT8Cu5O8/DC7xD4NL/MPgEv8wuMQ/DC7xD4NL/MPgEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxcvXMi2+sqTm9NZfub60uJc5fqZmbQ6V5xfnC5OVxauFWcrldlyWpyuzHd7vnKlcm1iMhZvjNfSam28urR8ab6yeLV26cp8aTa9lI68kFoBAAAAAAAAAAAAAAAAAADA/0t16XyUyuV0obq0PCch8cyJ4d1xGXsoUc/t7GXs9MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//+HxTdZ")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r6, 0x0, 0x6}, 0x18)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="93630100200501001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x4c}, 0x1, 0x0, 0x0, 0x1000000}, 0x0)

28.982006802s ago: executing program 6 (id=1111):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a050000000000ef000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f7461000000100002800c000140000000"], 0x118}}, 0x0)

28.980772212s ago: executing program 6 (id=1113):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getxattr(0x0, 0x0, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x3c, r1, 0x431, 0x0, 0x20000, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_TX={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x51}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, 0x0, 0x800, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2f0}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x24d}]]}, 0x3c}, 0x1, 0x0, 0x0, 0x802}, 0x6881acbdc061c780) (rerun: 32)

28.8976633s ago: executing program 6 (id=1116):
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f00000000c0), 0x10, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
mount$bind(&(0x7f00000001c0)='.\x00', &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x905891, 0x0)
mount$bind(&(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x2a58a4, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x212f4d1, 0x0)
mount$bind(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000880)='./file0\x00', 0x0, 0x1809483, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8924, &(0x7f0000000000)={'bond0\x00', 0x1})
socket$netlink(0x10, 0x3, 0x8000000004)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000480)='./file0\x00', 0x18002, &(0x7f0000002b00)=ANY=[@ANYRES32=0x0, @ANYRESOCT=r2, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb21423e61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=@newlink={0x54, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_FLOWINFO={0x8, 0xc, 0xf2f}, @IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0x97c19}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e20}]}}}]}, 0x54}}, 0x48000)
r6 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r6, 0x4, 0x6000)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x2012, r7, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_setup(0x251, &(0x7f0000000080)=<r8=>0x0)
ftruncate(r6, 0x81fd)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_submit(r8, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x4000}])

28.598129249s ago: executing program 6 (id=1120):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000dfff0000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="540100001a001307000000000000001cac1414000000000000000000000000000000000000000000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141417000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x154}}, 0x0)

28.459713532s ago: executing program 6 (id=1128):
fcntl$notify(0xffffffffffffffff, 0x402, 0x26)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x6, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r3}, 0xc)
r4 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r4})
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x8c08, &(0x7f0000000cc0)=ANY=[], 0x1, 0x5c2, &(0x7f0000000e00)="$eJzs3M1u3MYdAPChLMULpXULBI0dx0AYJwf3YGV3VcsQ0oO3FCUx2V0uSCqQT0VQy6lQKS3qFmh88yVt0BY99Vzk2ifoG/Rp8gwquB+2vteKY29b/H6ANMPlf2b+QxEciFgyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhStaazVYUull/azs+W7JW5L1z9k/6+1f43r+HxUkLh36HKISo/gmNRrg2+ujaG89if1T/uhmujrauhkZdNMLj19/84YdvzM/VDReiKJyT0Cvx6IvHv/p0b2/nt7NO5DtwEF28zUbaz8o863U20jgr83h1ZaX5weZ6Ga9n3bS8X1ZpL06KtFPlRXwruRdCWF2O06X7+VZ/Y63TTeNbyY/j1urq3dvtZnMl/mhpkHaKMu9/8NFSmWxm3e4P5kKoY+rdt9vvhLv1ifhxVsVV2unF8cPdvZ3laUnWQa3nCWpPC2o32+1Wq91urdxZvXO32WyMz9anH8w3jwnHm8zP/qTllXstNP5cnyjDjck17rXv+loOF3WQ/G3WKQAAAAAvWTS8xx4N78tfG9bWs27aPBJzEJ3WsvGqUgQAAABe0PBf+6vjGwAhXAvRyf//AQAAgP9tfzr3GbsQRaEcXI4mj6oMtt+P9jt1rbN/afTRpeM9VuvXoyvjTobFyvx4K0lvRG+Ngt6aRH8zLh5OyyMqioXoyXMnMB9COJFA+Eu4Poq5/mBUPpjsGY2yuJ5106Uk737YCp3Olbkq3a5+//nuH0IoioNLX/V7V6LwcHdvZ+kXv957MMzlSd3Lk/3xNyROfFHi6MG4HA7l8runzz2OZ3zv6IwXhjdi6ll/1e8tjsZtHp7/3LD1wYk/6dl/gPBleHsU8/biqFw8Ov9GPWZr6ZTZH86iNdh+//J4sPHMFy6WxY1RzI1b79XFe7fGexYOZdGelkX78PEfHYswd4Ests7K4vCxWD4ni4Owu7ez/IJZAMzKw+Or0GjdDc/W/xPr7re4yk1Z3eslfOrq/supo3wZ3h3FvHt9/tlafOyK3py2rjSfc10P4fQs/hlu/uPvIWyFm5Pgs9bYety/HllVo/2v6wZfnxh38mXLstuO6o1Ll/d/E9589MXj27v7n36289nO5+328krzJ83mnXZYGE5jXFh7ADhFWnwTLVZ/jIoiG/y8tbra6lSbaVzkycdxka1tpHHWr9Ii2ez0N9J4UORVnuTduvJJtpaWcbk1GORFFa/nRTzIy2x7+OaXePzqlzLtdfpVlpSDbtop0zjJ+1UnqeK1rEziwdbPulm5mRbDxuUgTbL1LOlUWd6Py3yrSNKlOC7T9FBgtpb2q2w9q6v9eFBkvU5xP/4k72710ngtLZMiG1T5qMPJWFl/PS96w26XZn2wAeC/xKMwfoPd01fZXbgSGlNiThv3xN0DAOCVOb5KX551QgAAAAAAAAAAAAAAwAmHH9f76fihvBd+IvDcSiO8rJ7HlXuvn7brnZc76EUrIYT5lzrE5MVJM5/p/0elUVfmwqzTmLxn8dv2E4UQpgd/v46Z1RUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM72nwAAAP//TqmPYw==")
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
iopl(0x3)
io_setup(0x3, &(0x7f0000000000))
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x0)
writev(r8, &(0x7f0000000140)=[{&(0x7f0000000000)="3900000013000b4700bb65e1c3e4ffff010000004000000056001f022500000019000a001000000007fd17e5ffff080004000000000000000a", 0x39}], 0x1)

28.445869273s ago: executing program 34 (id=1128):
fcntl$notify(0xffffffffffffffff, 0x402, 0x26)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x6, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r3}, 0xc)
r4 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r4})
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x8c08, &(0x7f0000000cc0)=ANY=[], 0x1, 0x5c2, &(0x7f0000000e00)="$eJzs3M1u3MYdAPChLMULpXULBI0dx0AYJwf3YGV3VcsQ0oO3FCUx2V0uSCqQT0VQy6lQKS3qFmh88yVt0BY99Vzk2ifoG/Rp8gwquB+2vteKY29b/H6ANMPlf2b+QxEciFgyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhStaazVYUull/azs+W7JW5L1z9k/6+1f43r+HxUkLh36HKISo/gmNRrg2+ujaG89if1T/uhmujrauhkZdNMLj19/84YdvzM/VDReiKJyT0Cvx6IvHv/p0b2/nt7NO5DtwEF28zUbaz8o863U20jgr83h1ZaX5weZ6Ga9n3bS8X1ZpL06KtFPlRXwruRdCWF2O06X7+VZ/Y63TTeNbyY/j1urq3dvtZnMl/mhpkHaKMu9/8NFSmWxm3e4P5kKoY+rdt9vvhLv1ifhxVsVV2unF8cPdvZ3laUnWQa3nCWpPC2o32+1Wq91urdxZvXO32WyMz9anH8w3jwnHm8zP/qTllXstNP5cnyjDjck17rXv+loOF3WQ/G3WKQAAAAAvWTS8xx4N78tfG9bWs27aPBJzEJ3WsvGqUgQAAABe0PBf+6vjGwAhXAvRyf//AQAAgP9tfzr3GbsQRaEcXI4mj6oMtt+P9jt1rbN/afTRpeM9VuvXoyvjTobFyvx4K0lvRG+Ngt6aRH8zLh5OyyMqioXoyXMnMB9COJFA+Eu4Poq5/mBUPpjsGY2yuJ5106Uk737YCp3Olbkq3a5+//nuH0IoioNLX/V7V6LwcHdvZ+kXv957MMzlSd3Lk/3xNyROfFHi6MG4HA7l8runzz2OZ3zv6IwXhjdi6ll/1e8tjsZtHp7/3LD1wYk/6dl/gPBleHsU8/biqFw8Ov9GPWZr6ZTZH86iNdh+//J4sPHMFy6WxY1RzI1b79XFe7fGexYOZdGelkX78PEfHYswd4Ests7K4vCxWD4ni4Owu7ez/IJZAMzKw+Or0GjdDc/W/xPr7re4yk1Z3eslfOrq/supo3wZ3h3FvHt9/tlafOyK3py2rjSfc10P4fQs/hlu/uPvIWyFm5Pgs9bYety/HllVo/2v6wZfnxh38mXLstuO6o1Ll/d/E9589MXj27v7n36289nO5+328krzJ83mnXZYGE5jXFh7ADhFWnwTLVZ/jIoiG/y8tbra6lSbaVzkycdxka1tpHHWr9Ii2ez0N9J4UORVnuTduvJJtpaWcbk1GORFFa/nRTzIy2x7+OaXePzqlzLtdfpVlpSDbtop0zjJ+1UnqeK1rEziwdbPulm5mRbDxuUgTbL1LOlUWd6Py3yrSNKlOC7T9FBgtpb2q2w9q6v9eFBkvU5xP/4k72710ngtLZMiG1T5qMPJWFl/PS96w26XZn2wAeC/xKMwfoPd01fZXbgSGlNiThv3xN0DAOCVOb5KX551QgAAAAAAAAAAAAAAwAmHH9f76fihvBd+IvDcSiO8rJ7HlXuvn7brnZc76EUrIYT5lzrE5MVJM5/p/0elUVfmwqzTmLxn8dv2E4UQpgd/v46Z1RUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM72nwAAAP//TqmPYw==")
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
iopl(0x3)
io_setup(0x3, &(0x7f0000000000))
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x0)
writev(r8, &(0x7f0000000140)=[{&(0x7f0000000000)="3900000013000b4700bb65e1c3e4ffff010000004000000056001f022500000019000a001000000007fd17e5ffff080004000000000000000a", 0x39}], 0x1)

1.661857321s ago: executing program 1 (id=1384):
socket$inet_tcp(0x2, 0x1, 0x0)
socket(0x2a, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
mlockall(0x7)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
munlockall()
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x3ff, 0x0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
syz_clone(0x82000000, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x0, &(0x7f0000000000), 0x0, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.430303373s ago: executing program 2 (id=1397):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r2=>0x0})
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="93630100200501001c00128009000100766c616e000000000c000280060003000000000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x4c}}, 0x0)

1.35795246s ago: executing program 2 (id=1399):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000f89db4a64edf7000000013000018110000", @ANYRES32=r0, @ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000004000000990000000b00000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000001305913e6bf04517e87b32290673a32de5038c58561cd836d8016b24d91202d5a5116d47ad70bfecceb3aeb7c070859d4dea99b4de41d23d4ffea59863dbb9a2ff0e821f284d4f95599a00310f230056f9fee5fc6a3d6d83d01692fdec50bde9355f5bc89e8720864dacecd441625f69a92d6d1caf4de8d721843b2341fd94671a90944255d61c3993aca845ab5d9423b1", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r5 = socket(0xa, 0x2400000001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000034000)={0xfe, {{0xa, 0xfff7, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}}}, 0x88) (async)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
getsockopt$inet6_buf(r5, 0x29, 0x10000000000030, &(0x7f0000034000)=""/144, &(0x7f0000e5f000)=0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) (async, rerun: 32)
r6 = socket$packet(0x11, 0x2, 0x300) (rerun: 32)
setsockopt$packet_tx_ring(r6, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) (async)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r9=>0x0})
sendto$packet(r8, &(0x7f0000000180)="02030e00d3fc02000000ab5d71acedd7c9560385dcb186dd84d7dc039806112405ce811cc352", 0xff88, 0x0, &(0x7f0000000140)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async)
r10 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r11 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="0902000000000000000001000000050002000a00"], 0x38}}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00'})

1.35486556s ago: executing program 2 (id=1402):
timer_delete(0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="2c00000018000100000000000000dec300001400000000000000000008002edb291700ffffffff0800060008"], 0x2c}}, 0x0)
r0 = socket$kcm(0x10, 0x100000000002, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
pipe(&(0x7f0000000600)={<r2=>0xffffffffffffffff})
r3 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp(r3, r3, 0x0, r2, r2)
bind$unix(r1, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c0005000156016185", 0x13}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000480), 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f00000005c0)=@abs={0x1}, 0x6e)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000003070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f7461000000100002800c000140000000"], 0x118}}, 0x0)

1.341980092s ago: executing program 2 (id=1404):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1)
r1 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x152, 0x0)
mq_timedsend(r1, 0x0, 0xff7f, 0x0, 0x0)
ioctl$FIOCLEX(r0, 0x5451)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x5, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x2000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
r4 = socket(0x28, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x50, 0x10, 0x609, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_BROADCAST={0xa, 0x2, @random="e1b9039926cc"}]}, 0x50}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000380)='kfree\x00', r3}, 0x18)
mlockall(0x3)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x22020400)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000ff7f00001100c2", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='kfree\x00', r9, 0x0, 0x400000000000}, 0x18)
r10 = socket$unix(0x1, 0x1, 0x0)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r11=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r11, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
open(&(0x7f0000000180)='./bus\x00', 0x16d27e, 0x0)

1.077976297s ago: executing program 7 (id=1406):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x4f3a18e00ee31cc0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
close(0xffffffffffffffff)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000002000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000000000000000000000000000000000000300000006"], 0x34c}}, 0x0)

1.034171551s ago: executing program 7 (id=1409):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @remote}, r1, 0xfffffffc}}, 0x48)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x2, 0xc}}, 0x20)
syz_open_dev$vcsn(&(0x7f0000000140), 0x5, 0x40)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r3 = socket(0x40000000015, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000cc0)={{0x1, 0x1, 0x18, <r4=>r3, {0x1}}, './file0\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x90140, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000080)='.\x00\x00\x00', 0x4}], 0x1}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000d40), r3)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="010700000000000000002000000008000300", @ANYRES32=r10], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_CQM(r4, &(0x7f0000000ec0)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000d80)={0xc4, r7, 0x8, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x80000000, 0x7f}}}}, [@NL80211_ATTR_CQM={0x60, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0xfffffffb}, @NL80211_ATTR_CQM_RSSI_THOLD={0x2c, 0x1, [0x3, 0x9, 0x7fffffff, 0xe, 0x467, 0x8, 0x40, 0x7, 0x0, 0x3b]}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0xe}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x34}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x2}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x190}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x5e}]}, @NL80211_ATTR_CQM={0x24, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x101}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x54}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x6}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x3}]}, @NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x1}, @NL80211_ATTR_CQM_RSSI_THOLD={0x4}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x56}]}]}, 0xc4}}, 0x4008080)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7ff, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x9}, r2, 0xb}}, 0x48)

993.876675ms ago: executing program 7 (id=1410):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = dup(r0)
ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0403d11, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
clock_nanosleep(0xfffffff2, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x200c840, &(0x7f0000000300)={[{@sb={'sb', 0x3d, 0x1}}, {@usrquota}]}, 0x64, 0x537, &(0x7f0000000f80)="$eJzs3U9vI2cZAPBnvHZIdrN1Chygh1JoUXYFaycNbSMObREITpWAcl9C4kRRnDhKnHYTVTQRH4ALAiROcOGCxDdAlbhwrJCK4AyiCIRgCwcO0EFjj9Ns1o6zwbFD8vtJs/PO3+d57Z3xvJ434wCurKci4uWIeD9N09sRUc7nF/Ih9ttDtt57999YzIYk0vTVvyWR5PM6+0ry8Y18s/GI+PpXIr6VPBx3e3dvbaFer23l09Xm+mZ1e3fvzur6wkptpbYxNzf7/PwL88/Nzwyknjcj4sUv/en73/3pl1/8xWdf/8Pdv9z6dpbWF/PlR+vxiIonLWxXvdR6LY5usBXx0hnjXTjFVg1zE6fb5uAc8wEAoLfsGv/DEfGpiLgd5bh28uUsAAAA8H8ofWky/p1EpN2NdZs5Hj3XBwAAAC6gQkRMRlKo5H0BJqNQqFTafXg/GtfTNyOan1lu7GwsZcsipqJUWF6t12byvsJTUUqy6dlW+YPpZ9vTB+9GtKbnIuLxiPheeaI1XVls1JdG/eUHAAAAXBE3jrX//1lut/8BAACAS2Zq1AkAAAAA5077HwAAAC4/7X8AAAC41L76yivZkHZ+/3rptd2dtcZrd5Zq22uV9Z3FymJja7Oy0mistJ7Zt95vf/VGY/NzsbFzr9qsbTer27t7d9cbOxvNu6sP/AQ2AAAAMESPf+Kt3yURsf/5idaQGeux7rWhZgact+JhKcnHXY7+3z/WHr87pKSAoej3mf6b8pASAYauOOoEgJEpPcrK/k4ALqWkz/KenXfezsefHGw+AADA4E1/vPf9/8KJW+6fvBi48BzEcHV17v8/NuI8gOFr3f/v1eH3OBcLcKmU9OqHK6/v/f9eHQDePm2ENH20jAAAgEGbbA1JoZJ/vTcZhUKlEnGz1d2/lCyv1msz+f2B35ZLH8qmZ1tbJn3bDAAAAAAAAAAAAAAAAAAAAAAAAABAW5omkQIAAACXWkThz8kv28/yny4/M3n8+4Gx5F/lyH8i9PUfvfqDewvN5tZsNv/vh/ObP8znPzuKbzAAAACA4zrt9E47HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG6b37byx2hs68tHz+cf/6hYiY6ha/GOOt8XiUIuL6P5IoHtkuiYhrA4i/fxARH+sWP8nSOgzZLf7E+cePqfxV6Bb/xgDiw1X2Vnb+eTk7/sYi4ujxV4inWuPux18x4oHps2qd/7ITXJfzb+f8d63H8X/z2L6mesR44p2fV3vGP4h4otj9/NOJn/SI//Qp6/jNb+zt9VqW/jhiuuvnT/JArGpzfbO6vbt3Z3V9YaW2UtuYm5t9fv6F+efmZ6rLq/Va/u9D+y/1yS2r//Ue8af61P+ZU9b/P+/cu/+RHulk8W893SX+r36Sr/Fw/EL+2ffpvJwtn+6U99vlo5782a+fPKn+Sz3q3+/9v3XK+t/+2nf+GBHvH3lLAYAR2t7dW1uo12tbJxayy5Z+61zUQtZKvwBpKJytcNr/omcqvDnQHaZpmsb/dqQkMfIXvFMY9ZkJAAAYtA8u+kedCQAAAAAAAAAAAAAAAAAAAFxdw3ic2PGY+4elZBCP0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGIj/BgAA//8ZadLP")

813.803542ms ago: executing program 2 (id=1412):
setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x29)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000640)='xprtrdma_op_connect\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000380)='./file2\x00', 0x404, &(0x7f0000000740)={[{@block_validity}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@minixdf}, {@journal_dev={'journal_dev', 0x3d, 0x4}}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x0, 0x18c, 0x203, 0x4d000000, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@private, 'veth1_macvtap\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='comm\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r0, 0xc038943b, &(0x7f0000000080)={0xb283, 0x0, '\x00', 0x1, 0x0})
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x0, &(0x7f0000000180)}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
sendmsg$NFT_BATCH(r3, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$netlink(0x10, 0x3, 0x4)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r5, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000252a14399dddee747bf7656ac85826efef6e9eefac0fcc4fbabea5"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110004", @ANYRES32=r6, @ANYBLOB="0000000000000000b708e2ff000000007b8a190001000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
syz_emit_ethernet(0x33, &(0x7f0000000580)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x25, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x11, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}, "9d0078eeac"}}}}}}, 0x0)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x800, 0x0)

813.315502ms ago: executing program 7 (id=1413):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="85101000000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_open_dev$vcsn(&(0x7f0000000000), 0xa, 0x4040)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000100000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000400"/20, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRESOCT=r0, @ANYBLOB="6da7be5445e1c01ca17e3d32a7e9e2f2700ff17fa65f4624822f74a0dc0001d371eae8c7a79abd80dc5c06f0e91050076ace39eb960927937dd374f0b014745022a3d78b274f553ee9e85049000bc245a6c658f14e7dbc366e", @ANYRESOCT=r3], 0x50)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r8, 0x0, 0x100001)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r9, &(0x7f00000000c0)={0x6000001f})
read$char_usb(r9, &(0x7f00000004c0)=""/185, 0xb9)
preadv(r9, &(0x7f00000007c0)=[{&(0x7f00000003c0)=""/72, 0x48}], 0x1, 0x100, 0xfffffff8)
epoll_pwait(r5, &(0x7f0000000200)=[{}], 0x1, 0x0, 0x0, 0x0)
r10 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x91c, 0x4156, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xfffffffffffffffc, 0x1}, 0x18404, 0x0, 0xfffffffe, 0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r10, 0x5386, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0x0)

813.027852ms ago: executing program 1 (id=1414):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000050000000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

770.836676ms ago: executing program 1 (id=1415):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0xe)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000188d02800c0004000100000100c280000500030004"], 0x48}}, 0x40000)

742.228419ms ago: executing program 1 (id=1416):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x400000000000000, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="020f000015000000000000000000000005000500000000000a000000000000000000000000000000000000000000000000040000000000000800120000000200000000000200000006000000000000000900000000000080ff000000000000000000000000000000ff01000000000000000000000000000105000600000000000a000002ffffffffff0200000000000000000000000000010000000000000000010018"], 0xa8}}, 0x0)

666.171626ms ago: executing program 1 (id=1417):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002f00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0x7ffff000}], 0x1}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000001440)={'\x00', 0x2})
ioctl$TUNSETOFFLOAD(r6, 0x400454c9, 0x9)
ioctl$TUNSETLINK(r6, 0x400454cd, 0x335)
close(r6)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r7 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, 0x0, 0x0, 0x0, 0x99, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
close(0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r5}, 0x10)
unshare(0x22020400)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r8, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
ioprio_set$pid(0x2, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)

602.965232ms ago: executing program 7 (id=1418):
r0 = syz_io_uring_setup(0x24f7, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, &(0x7f00000001c0))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000ffff0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
io_uring_enter(r0, 0x2d3e, 0x200, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x1000407, &(0x7f0000000040)={[{@abort}, {@norecovery}, {@orlov}, {@nomblk_io_submit}]}, 0x4, 0x5cd, &(0x7f0000001400)="$eJzs3b1vHEUbAPBn19/2+772GyFBKJAFgkSC2LGToPBRJH0UhY+OBhM7UcglsWIjcEDCkQIFEqKhiERFQfgvIIKWComCgoYKRQoIpQEhdGjvwz6f7+yz4/MG7+8nbTyzs/bMxn5uZ2dn7gIorPHsnzRif0TMJxGjDWW9USscrx537/f3zmZbEuXyK78l8VRtX/34pPZ1pPbNf49GfP9NEvt61te7sHTt4kypNHe1lp9cvDQ/ubB07dCFSzPn587PXZ5+dvr4saPHjk8dvq/zSxvSp268+fboR6df++Kzv5KpL386ncSJ+PVctazxPHbKeIzHH+Xy+837s//X4ztdWU56Vv5OViXNO3hwJdUY6YuIh2M0ehp+m6PxwUu5tg3oqnISUQYKKhH/UFD1fkD93r6z++C0y70SYDfcPRmVu//18d9bHRuMscrYwPC9ZM04T4shvW3J6vju29M3si26NA4HtLZ8faCWao7/pBKbYzFYyQ3fS9fEf9YDOFP7mu1/eZv1jzflxT/snuXrEfFIq/7/5vH/ekP8v7HN+sU/AAAAAAAA7JzbJyPimVbP/9Las7nBeLxx/s8PqysET+xA/Zs//0vv7EA1QAt3T0a8uHb+b9J0yFhP7Tn/f6uzAZNzF0pzhyPifxFxMPoGsvzUBnUc+njfzXZljfP/si1rQ30uYFV6p3dg7ffMzizObPd8gVV3r0c82tt+/k/M91bW9TfP/81eD+Y7rGPfk7fOtCvbPP6Bbil/HnGg5fqf1W5AsvH7c0xW+gOT9V7Beo+9+8lX7eoX/5Cf7Po/vHH8jyWN79ezsLWf3x8RR5Z6y+3K28b/Smejdf+/P3m1p/7zM+/MLC5enYroT06t3z+9tTbDXlWPh3q8ZPF/8ImNx/9W+v8NcTgUEcsd1jkUIz+3K3P9h/xk8T+7pev/1hPTt8a+bld/Z+N/RyvX9IO1Pcb/YGOdBmje7QQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6M0Iv4TSTqxkk7TiYmIkYh4KIbT0pWFxafPXXnr8mxWVvn8/7T+Sb+j1XxS//z/sYb8dFP+SET8PyI+7Rmq5CfOXinN5n3yAAAAAAAAAAAAAAAAAAAA8IAYabP+P/NLT96tA7ptsJ4Q71A8vXk3AMiN+IfiEv9QXOIfikv8Q3FtM/49LoA9wPUfiqqvs8MGu90OIA+dXv+HutwOAAAAAABgR9x+4bmbSUQsPz9U2TL9tbKVB4PG/WFPSvNuAJAbc3ihuEz9heLqcPIvsIclK6k/y63K28/+T7rTIAAAAAAAAAAAAABgnQP7b/+46fp/YE+y/h+Ka836/4H82gHsPuv/objc4wObreK3/h8AAAAAAAAAAAAA8rewdO3iTKk0d7Ugifp6xwelPRIbJPoiot0x9T/g+6/ryIetipJcA6Q///Dc/dciAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgtX8CAAD//1xGGqM=")

464.209835ms ago: executing program 7 (id=1419):
r0 = io_uring_setup(0x2e34, &(0x7f0000000180))
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
unshare(0x2a020400)
r3 = syz_open_dev$evdev(&(0x7f0000000340), 0x245e047, 0x80)
ioctl$EVIOCGVERSION(r3, 0x80044501, &(0x7f0000000800)=""/186)
r4 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004", @ANYBLOB, @ANYRES32=0x0], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
io_uring_enter(0xffffffffffffffff, 0x2def, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x2d)
unshare(0x62040200)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
splice(r1, 0x0, r9, 0x0, 0x4ffe2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

405.912951ms ago: executing program 1 (id=1420):
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x10, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = eventfd2(0x0, 0x0)
write$eventfd(r3, &(0x7f0000000000)=0xfffffffffffffffe, 0x8)
r4 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
mount$9p_fd(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r2, 0x58, &(0x7f0000000300)}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)={'sit0\x00', &(0x7f0000000380)={'ip_vti0\x00', 0x0, 0x80, 0x8000, 0xf74, 0x43, {{0x17, 0x4, 0x2, 0x1, 0x5c, 0x65, 0x0, 0x2, 0x2f, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x42}, {[@end, @rr={0x7, 0xf, 0x55, [@private=0xa010100, @empty, @empty]}, @generic={0x94, 0x4, "d7e7"}, @ra={0x94, 0x4}, @rr={0x7, 0x27, 0xed, [@empty, @loopback, @multicast1, @multicast1, @multicast1, @multicast1, @remote, @multicast1, @loopback]}, @end, @rr={0x7, 0x7, 0xd7, [@empty]}]}}}}})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r7=>0x0})
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r8, 0x0, 0xca, &(0x7f00000000c0)={0x0, 0x8, 0x1, 0xfffffffa, @vifc_lcl_ifindex=r7, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r7], 0x20}}, 0x0)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000006c0), 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000680)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400), 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000059c0), 0x111}}, 0x20)
r10 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r11 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000005880), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r11, &(0x7f0000000a00)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000009c0), 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000940)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r11, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x111}}, 0x20)

189.794981ms ago: executing program 5 (id=1427):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x4b31, 0x0)

183.377982ms ago: executing program 0 (id=1428):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="540100001a001307000000000000001cac1414000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141417000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x154}}, 0x0)

134.079597ms ago: executing program 5 (id=1429):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61158c000000000061138c0000000000bfa00000000000001503000008004e002d35010003fffc0095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

133.889647ms ago: executing program 0 (id=1430):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="9a9217410000000000000000000000009500000000002000"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

133.412857ms ago: executing program 5 (id=1431):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="000000000000f0ff280012800b0001006d61637365630000180002800c0004000100000100c28000050003"], 0x48}}, 0x40000)

133.124687ms ago: executing program 5 (id=1432):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @remote}, r1, 0xfffffffc}}, 0x48)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x2, 0xc}}, 0x20)
syz_open_dev$vcsn(&(0x7f0000000140), 0x5, 0x40)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r3 = socket(0x40000000015, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000cc0)={{0x1, 0x1, 0x18, r3, {0x1}}, './file0\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x90140, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1006}, 0x4)
setsockopt$packet_fanout_data(r4, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000080)='.\x00\x00\x00', 0x4}], 0x1}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000d40), r3)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7ff, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x9}, r2, 0xb}}, 0x48)

132.849587ms ago: executing program 0 (id=1433):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a31f5ff000040000000030a01020000000000000000010000000900030073797a300000000014000480080002400000000008000140000000050900010073797a310000000040000000050a01020000000000000000010020000c00024000000000000000010900010073797a310000000014000480080002"], 0xc8}}, 0x0)

125.426348ms ago: executing program 0 (id=1434):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000001070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f7461000000100002800c000140000000"], 0x118}}, 0x0)

124.197588ms ago: executing program 5 (id=1435):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000040000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x626a90ecd43299b8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x8000}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000700)=ANY=[@ANYBLOB="b601000000000000bd110000000000008510000002000000850000007600000095000000000000009500a5050000d40077d8f3b4000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03bf3a48dfe3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f631cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc36b3d7c734a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9d74aa222038994dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b223ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bf050c719661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebe646302bf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc02846ac5791278f18c6759e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb5d5505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6ddeb67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff82794203da18db6fcf89715c2d338f78d8b9220171b41f528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef0000000000000000000037fcffffffffffffff8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03d0e119c963a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac038e9e17136e7c698f73faaabb3d00000000000080014573789425c4c32da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767cd755783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a47464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f916b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf07000000eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac80574fa3ea312997ab81bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d40837dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b86670000000000000000b27a2616c03cdf6c009447a652bca9b325e73c0737d5b717945e4fe7a169c5e2c54fc71a4104aa7cf0f5d30e2fcd9503650edbd8a5971a9a1fde5e5df37469ae204a6e899eacc1e63034cbabc5604739881cb82604bed3e53696a0606b26b879ef232a1a038291389593d1575cb79aa8284cf01a7e1a456acab9d8d608ad69d4c4b56492af7004e7ed9d47c5db3d76a00bea7c804f3a3638408bc1636f1009b7f185f51606918eaa0ab6bef11ae3d300"], &(0x7f0000000080)='GPL\x00', 0x9, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

109.307009ms ago: executing program 5 (id=1436):
perf_event_open(&(0x7f0000000400)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x20}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000240)={0xfffffffe, <r0=>0x0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18000c00000000001000c2890b6f0878d56b0000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nouid32}, {@minixdf}]}, 0x1, 0x504, &(0x7f0000001480)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9sCWE0KoEqJHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lAMSPyJQg8TBaMaT1E3tJtokdhR/PtJo3ps3nu97cea9+Dn2C2BoXY2I3YgYi4h7ETGdHc9lW9xqb8l5z/ceLe3vPVrKRat155+5tDw5Fh2PSVzJrlmMiB9+N+InuVfjNrZ31har1cpmlp9t1jZmG9s7N1ZriyuVlcp6ubwwvzD3yc2Py2fW1vdqY1nqq8/+sPutnyXVmsqOdLbjLLWbXjiMkxiNiO+fR7ABGMnaMzboivC55CPi7Yh4P73/p2MkfTYBgMus1ZqO1nRnHgC47PLpHFguX8rmAqYiny+V2nN478RkvlpvNK/fr2+tL7fnymaikL+/Wq3MZXOFM1HIJfn5NP0iXz6SvxkRb0XEL8Yn0nxpqV5dHuQfPgAwxK4cGf//M94e/wGAS6446AoAAH1n/AeA4WP8B4DhY/wHgOHTHv8nBl0NAKCPvP4HgOFj/AeAofKD27eTrbWfff/18oPtrbX6gxvLlcZaqba1VFqqb26UVur1lfQ7e2rHXa9ar2/MfxRbD2e+vdFozja2d+7W6lvrzbvp93rfrRTSs3b70DIAoJe33nv651wyIn86kW7RsZZDYaA1A85bftAVAAZmZNAVAAbGal8wvE7xGt/0AFwSXZbofUmx2weEWq1W6/yqBJyza18y/w/DqmP+338Bw5Ax/w/Dy/w/DK9WK3fSNf/jpCcCABebOX6gx/v/b2f732ZvDvx4+egZT7o+bjfrXs6uggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHABHaz/W8rWAp+KfL5UingjImaikLu/Wq3MRcSbEfGn8cJ4kp8fcJ0BgNPK/y2Xrf91bfrDqZeK3r1ymByLiJ/+6s4vHy42m5t/jBjL/Wv84HjzSXa83P/aAwDHOxin033HC/nne4+WDrZ+1ufv34mIYjv+/t5Y7B/GH43RdF+MQkRM/juX5dtyHXMXp7H7OCK+2K39uZhK50DaK58ejZ/EfqOv8fMvxc+nZe198rP4whnUBYbN06T/udXt/svH1XTf/f4vpj3U6WX9X3Kppf20D3wR/6D/G+nR/109aYyPfv+9dmri1bLHEV8ejTiIvd/R/xzEz/WI/+EJ4//lK+++36us9euIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m85Rz/YeDf7x6fU3e5Ul7Z/sEb94TPu/fsL2/+Z/9370tdfE/+YH3eLn453XxE/GxG+cMP7i5O+KvcqS+Ms92n/c83/9hPGf/XXnlWXDAYDBaWzvrC1Wq5VNCYmLn0h+ZS9ANbomPutXrLHoXvTzD9r39JGiVuv1F/yse1GvHuMsZt2Ai+Dwpo+I/w66MgAAAAAAAAAAAAAAQFf9+MTSoNsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5fX/AAAA//+YXdZi")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x74, &(0x7f0000000280)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x62, 0x2, 0x1, 0x2, 0xa0, 0x9, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "79236aad2fa6"}, {0x5, 0x24, 0x0, 0x200}, {0xd, 0x24, 0xf, 0x1, 0x7, 0x3, 0x2, 0x3}, {0x6, 0x24, 0x1a, 0x400, 0x21}}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0x11, 0x9, 0x3}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0x8, 0x9, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff, 0x9, 0x9, 0x4}}}}}}}]}}, &(0x7f00000003c0)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x310, 0x2, 0x8, 0x7, 0x20, 0x10}, 0x45, &(0x7f0000000300)={0x5, 0xf, 0x45, 0x2, [@ssp_cap={0x20, 0x10, 0xa, 0x3, 0x5, 0x2, 0xf000, 0x0, [0xf, 0x0, 0xc000, 0x0, 0x0]}, @ssp_cap={0x20, 0x10, 0xa, 0xae, 0x5, 0xdc24, 0xf0f, 0xfff9, [0x30, 0xff000f, 0x3f27, 0xc0f0, 0xc000]}]}, 0x3, [{0xcc, &(0x7f0000000480)=@string={0xcc, 0x3, "fecfcc39780c595e33c9f79e3ba22bcec490dfb296be43cc86b6a79831dc6d8ec9d1743ef3035ac51b30b76ef77c3c09ea935a968bf1749780f8bbb8a7497ca99c7abef2c1060bc7744e46470cce8d14d6d164853945013bbda14793af50f6bd0bc5f3333c29f2fbf2cc1c589d4ff6da5d5b5bc352baf75073ed5d9aafd280bcbf51451d4a3191459d98cab3a572f1ad12e835d2a03b7618db3cf4a78a260d1dc7c1535179d7c71f42efd6b2018b00c9686037cf297277d8a46241871927f39638266bec60b13cdf3f7a"}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x807}}, {0x24, &(0x7f0000000380)=@string={0x24, 0x3, "2ae1e9cdd35e9121573de16803e0e9a78cb61a902b2c217dfd9bd53325e680c76666"}}]})
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/sockstat6\x00')
write$UHID_INPUT(r3, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0)

66.064114ms ago: executing program 0 (id=1437):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket(0xa, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0200000005000000000000000000766574683098c76f5f7465616d00000064756d6d79300000000000000000000064756d0004300000000000000000000073797a6b616c6c8279a7e00000000000ffffffffffff000000000000ffffffff7fff00000000000000087000000070000000a000000072656469726563740000000000000000000000000000000000000000000000000800000000000000ffffffff000000000b00000000000000000073797a6b616c6c65723100000000000067726574617030000000000000000000766c616e30000000000000000000000064756d6d7930000000000000000000000180c2000000000000000000aaaaaaaaaabb00000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000001b700000000000010000000000000000000000000000000ffffffff00000000"]}, 0x280)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000080400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00000000"]}, 0x3c0)

59.204864ms ago: executing program 0 (id=1438):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x6, 0x0)
r3 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x3)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r4, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
r5 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg(r5, &(0x7f0000001500), 0x588, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

0s ago: executing program 2 (id=1439):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x220, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000500], 0x7, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000001000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000000006eff369df4880000145b41fe6900000079616d3000000000000000000000000079616d3000000000000000000000000076657468315f742f5f626f6e640000000180c20000000000000000000180c20000000000000000000000b0000000670100009001000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000646e61740000000000000000ff0300000000000000000000000000000000000010000000000000000180c20000000000ffffffff000000006e666c6f670000000000000000007124653b48a2601bf5ce1a222a243bb900000000000000000000000000000000000050000000121b6eb2e833e7a394a873495fdd3844d4f0fffbf04a000000007e4b000022d4e27ebdf3b9dc569e338e2c551c2fc4a19597ba4c501c8b1f16fb7809c40aee86f4fe16383d2afb577ed2bb6dd99f024b3f54ba00000000415544495400"/544]}, 0x298)

kernel console output (not intermixed with test programs):

182401][ T4862] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   53.195710][ T4862] CPU: 1 UID: 0 PID: 4862 Comm: syz.0.469 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[   53.207874][ T4862] Tainted: [W]=WARN
[   53.211778][ T4862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   53.221839][ T4862] Call Trace:
[   53.225196][ T4862]  <TASK>
[   53.228134][ T4862]  dump_stack_lvl+0xf2/0x150
[   53.232746][ T4862]  dump_stack+0x15/0x20
[   53.236995][ T4862]  should_fail_ex+0x223/0x230
[   53.241693][ T4862]  should_fail+0xb/0x10
[   53.245956][ T4862]  should_fail_usercopy+0x1a/0x20
[   53.250988][ T4862]  _copy_to_user+0x20/0xa0
[   53.255607][ T4862]  __se_sys_ustat+0x1d8/0x200
[   53.260316][ T4862]  __x64_sys_ustat+0x31/0x40
[   53.264955][ T4862]  x64_sys_call+0x1f3a/0x2d60
[   53.269687][ T4862]  do_syscall_64+0xc9/0x1c0
[   53.274199][ T4862]  ? clear_bhb_loop+0x55/0xb0
[   53.278949][ T4862]  ? clear_bhb_loop+0x55/0xb0
[   53.283633][ T4862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.289688][ T4862] RIP: 0033:0x7ffb2132e719
[   53.295395][ T4862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.315115][ T4862] RSP: 002b:00007ffb1ffa1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000088
[   53.323548][ T4862] RAX: ffffffffffffffda RBX: 00007ffb214e5f80 RCX: 00007ffb2132e719
[   53.331764][ T4862] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000100000001
[   53.339804][ T4862] RBP: 00007ffb1ffa1090 R08: 0000000000000000 R09: 0000000000000000
[   53.347780][ T4862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.355849][ T4862] R13: 0000000000000001 R14: 00007ffb214e5f80 R15: 00007ffcb0c36668
[   53.364015][ T4862]  </TASK>
[   53.383810][ T4864] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   53.392083][ T4864] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   53.476078][ T4875] netlink: 96 bytes leftover after parsing attributes in process `syz.1.475'.
[   53.476161][ T4872] netlink: 28 bytes leftover after parsing attributes in process `syz.6.473'.
[   53.485123][ T4875] netlink: 8 bytes leftover after parsing attributes in process `syz.1.475'.
[   53.667818][   T29] kauditd_printk_skb: 106 callbacks suppressed
[   53.667832][   T29] audit: type=1400 audit(1730632912.766:895): avc:  denied  { wake_alarm } for  pid=4898 comm="syz.6.483" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   53.712604][ T4899] loop6: detected capacity change from 0 to 512
[   53.725776][ T4899] EXT4-fs: Ignoring removed mblk_io_submit option
[   53.739264][ T4899] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[   53.756193][ T4899] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b042c118, mo2=0002]
[   53.769673][ T4899] System zones: 1-12
[   53.777380][ T4899] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2240: inode #15: comm syz.6.483: corrupted in-inode xattr: e_value size too large
[   53.802935][ T4899] EXT4-fs error (device loop6): ext4_orphan_get:1393: comm syz.6.483: couldn't read orphan inode 15 (err -117)
[   53.822146][ T4899] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.867287][   T29] audit: type=1400 audit(1730632912.966:896): avc:  denied  { setattr } for  pid=4898 comm="syz.6.483" path="/6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop6" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   53.970383][ T4899] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2240: inode #15: comm syz.6.483: corrupted in-inode xattr: e_value size too large
[   54.033582][ T4670] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.548570][   T29] audit: type=1400 audit(1730632913.636:897): avc:  denied  { create } for  pid=4941 comm="syz.2.499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[   54.586109][   T29] audit: type=1400 audit(1730632913.656:898): avc:  denied  { remount } for  pid=4941 comm="syz.2.499" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   54.746199][ T4970] loop6: detected capacity change from 0 to 1764
[   54.846585][ T4982] loop6: detected capacity change from 0 to 128
[   54.862119][ T4986] syz.2.515 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   54.874363][ T4982] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   54.887640][ T4982] ext4 filesystem being mounted at /16/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   55.165566][ T5012] netlink: 'syz.5.525': attribute type 4 has an invalid length.
[   55.191229][   T29] audit: type=1400 audit(1730632914.286:899): avc:  denied  { setopt } for  pid=4994 comm="syz.2.519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   55.221378][ T5012] netlink: 'syz.5.525': attribute type 4 has an invalid length.
[   55.325822][ T5017] loop5: detected capacity change from 0 to 1024
[   55.327929][ T5017] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   55.327963][ T5017] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[   55.328066][ T5017] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   55.328260][ T5017] EXT4-fs error (device loop5): ext4_get_journal_inode:5762: comm +}[@: inode #1: comm +}[@: iget: illegal inode #
[   55.335964][ T5017] EXT4-fs (loop5): no journal found
[   55.335978][ T5017] EXT4-fs (loop5): can't get journal size
[   55.343632][ T5017] EXT4-fs (loop5): failed to initialize system zone (-22)
[   55.343671][ T5017] EXT4-fs (loop5): mount failed
[   55.637652][ T4670] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   55.669372][ T5036] loop6: detected capacity change from 0 to 1024
[   55.695006][ T5036] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.695095][ T5036] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.736283][ T5044] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   55.744808][ T5044] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   55.750439][ T5046] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[   55.765613][ T4670] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.816381][ T5053] SELinux: failed to load policy
[   55.820775][   T29] audit: type=1400 audit(1730632914.916:900): avc:  denied  { load_policy } for  pid=5052 comm="syz.6.537" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   55.856120][ T5053] loop6: detected capacity change from 0 to 512
[   55.871399][ T5053] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   55.885884][ T5059] netlink: 'syz.2.541': attribute type 29 has an invalid length.
[   55.886583][ T5059] netlink: 'syz.2.541': attribute type 29 has an invalid length.
[   55.900912][ T5053] EXT4-fs error (device loop6): ext4_orphan_get:1388: inode #17: comm syz.6.537: iget: bad i_size value: -6917529027641081756
[   55.901280][ T5053] EXT4-fs error (device loop6): ext4_orphan_get:1393: comm syz.6.537: couldn't read orphan inode 17 (err -117)
[   55.935678][ T5053] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.952448][ T4670] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.080767][   T29] audit: type=1326 audit(1730632915.176:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5074 comm="syz.2.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   56.104308][   T29] audit: type=1326 audit(1730632915.176:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5074 comm="syz.2.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   56.104345][   T29] audit: type=1326 audit(1730632915.176:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5074 comm="syz.2.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   56.104452][   T29] audit: type=1326 audit(1730632915.176:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5074 comm="syz.2.547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   56.295722][ T5099] __nla_validate_parse: 17 callbacks suppressed
[   56.295757][ T5099] netlink: 104 bytes leftover after parsing attributes in process `syz.0.549'.
[   56.363244][ T5116] syz.2.553[5116] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.363354][ T5116] syz.2.553[5116] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.374902][ T5116] syz.2.553[5116] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   56.478955][ T5124] netlink: 60 bytes leftover after parsing attributes in process `syz.1.560'.
[   56.506254][ T5124] netlink: 60 bytes leftover after parsing attributes in process `syz.1.560'.
[   56.526833][ T5124] netlink: 60 bytes leftover after parsing attributes in process `syz.1.560'.
[   56.536133][ T5124] netlink: 60 bytes leftover after parsing attributes in process `syz.1.560'.
[   56.547750][ T5127] netlink: 'syz.5.561': attribute type 29 has an invalid length.
[   56.557613][ T5127] netlink: 'syz.5.561': attribute type 29 has an invalid length.
[   56.566457][ T5127] netlink: 500 bytes leftover after parsing attributes in process `syz.5.561'.
[   56.586818][ T5124] netlink: 60 bytes leftover after parsing attributes in process `syz.1.560'.
[   56.598142][ T5124] netlink: 60 bytes leftover after parsing attributes in process `syz.1.560'.
[   56.633640][ T5134] netlink: 36 bytes leftover after parsing attributes in process `+}[@'.
[   56.642305][ T5134] netlink: 36 bytes leftover after parsing attributes in process `+}[@'.
[   56.843376][ T5148] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   56.857612][ T5148] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   56.869947][ T5148] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[   56.880589][ T5148] bridge0: left promiscuous mode
[   56.888427][ T5148] bond0 (unregistering): Released all slaves
[   57.181643][ T5188] bridge0: entered promiscuous mode
[   57.192719][ T5188] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[   57.263576][ T5203] loop2: detected capacity change from 0 to 512
[   57.275231][ T5203] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.591: invalid block
[   57.287491][ T5203] EXT4-fs (loop2): Remounting filesystem read-only
[   57.294306][ T5203] EXT4-fs (loop2): 2 truncates cleaned up
[   57.300835][ T5203] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.314589][ T5203] SELinux: (dev loop2, type ext4) getxattr errno 5
[   57.324059][ T5203] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.379709][ T5217] loop6: detected capacity change from 0 to 1024
[   57.403845][ T5217] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.908415][ T5241] netlink: 'syz.5.605': attribute type 4 has an invalid length.
[   57.934500][ T5241] netlink: 'syz.5.605': attribute type 4 has an invalid length.
[   58.243290][ T4670] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.430930][ T5273] vlan2: entered promiscuous mode
[   58.436494][ T5273] team0: Device vlan2 is already an upper device of the team interface
[   58.513426][ T5278] loop6: detected capacity change from 0 to 512
[   58.527581][ T5278] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   58.540916][ T5278] EXT4-fs (loop6): warning: maximal mount count reached, running e2fsck is recommended
[   58.552342][ T5278] EXT4-fs error (device loop6): ext4_orphan_get:1388: comm syz.6.620: inode #15: comm syz.6.620: iget: illegal inode #
[   58.570388][ T5278] EXT4-fs (loop6): Remounting filesystem read-only
[   58.579754][ T5278] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.593659][ T5278] SELinux: (dev loop6, type ext4) getxattr errno 5
[   58.601380][ T5278] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.648670][ T5283] syz.1.622[5283] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.649953][ T5283] syz.1.622[5283] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.666947][ T5283] syz.1.622[5283] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   58.678832][   T29] kauditd_printk_skb: 139 callbacks suppressed
[   58.678849][   T29] audit: type=1326 audit(1730632917.786:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5284 comm="syz.6.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f5f92d6e719 code=0x7ffc0000
[   58.753186][   T29] audit: type=1400 audit(1730632917.786:1045): avc:  denied  { mounton } for  pid=5284 comm="syz.6.623" path="/syzcgroup/cpu/syz6/cgroup.procs" dev="cgroup" ino=347 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[   58.777977][   T29] audit: type=1326 audit(1730632917.786:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5284 comm="syz.6.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f92d6e719 code=0x7ffc0000
[   58.801516][   T29] audit: type=1326 audit(1730632917.786:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5284 comm="syz.6.623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f92d6e719 code=0x7ffc0000
[   58.921473][ T5292] loop5: detected capacity change from 0 to 1024
[   58.970965][ T5292] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.996775][ T5313] team0: Device ipvlan1 failed to register rx_handler
[   58.999505][ T5292] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.023562][   T29] audit: type=1400 audit(1730632918.126:1048): avc:  denied  { mounton } for  pid=5291 comm="syz.5.626" path="/61/file1/file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   59.031302][ T5292] 9pnet_fd: Insufficient options for proto=fd
[   59.101731][   T29] audit: type=1400 audit(1730632918.206:1049): avc:  denied  { create } for  pid=5291 comm="syz.5.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   59.131909][   T29] audit: type=1400 audit(1730632918.236:1050): avc:  denied  { connect } for  pid=5291 comm="syz.5.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   59.151920][   T29] audit: type=1400 audit(1730632918.246:1051): avc:  denied  { connect } for  pid=5291 comm="syz.5.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   59.171834][   T29] audit: type=1400 audit(1730632918.256:1052): avc:  denied  { mount } for  pid=5322 comm="syz.0.638" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   59.193974][   T29] audit: type=1400 audit(1730632918.256:1053): avc:  denied  { unmount } for  pid=5322 comm="syz.0.638" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   59.227844][ T5324] loop6: detected capacity change from 0 to 512
[   59.256672][ T5328] loop2: detected capacity change from 0 to 128
[   59.265911][ T5330] FAULT_INJECTION: forcing a failure.
[   59.265911][ T5330] name failslab, interval 1, probability 0, space 0, times 0
[   59.278651][ T5330] CPU: 0 UID: 0 PID: 5330 Comm: syz.0.640 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[   59.290783][ T5330] Tainted: [W]=WARN
[   59.294620][ T5330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   59.304697][ T5330] Call Trace:
[   59.307993][ T5330]  <TASK>
[   59.310996][ T5330]  dump_stack_lvl+0xf2/0x150
[   59.315645][ T5330]  dump_stack+0x15/0x20
[   59.319896][ T5330]  should_fail_ex+0x223/0x230
[   59.324658][ T5330]  ? shmem_initxattrs+0x1b7/0x2f0
[   59.329716][ T5330]  should_failslab+0x8f/0xb0
[   59.334384][ T5330]  __kmalloc_noprof+0xa5/0x370
[   59.339214][ T5330]  shmem_initxattrs+0x1b7/0x2f0
[   59.344116][ T5330]  ? __pfx_shmem_initxattrs+0x10/0x10
[   59.349504][ T5330]  security_inode_init_security+0x257/0x330
[   59.355444][ T5330]  shmem_mknod+0xa8/0x180
[   59.359856][ T5330]  shmem_mkdir+0x33/0x70
[   59.364146][ T5330]  vfs_mkdir+0x1f4/0x320
[   59.368431][ T5330]  do_mkdirat+0x12f/0x2a0
[   59.372792][ T5330]  __x64_sys_mkdir+0x42/0x50
[   59.377485][ T5330]  x64_sys_call+0x2729/0x2d60
[   59.382198][ T5330]  do_syscall_64+0xc9/0x1c0
[   59.386728][ T5330]  ? clear_bhb_loop+0x55/0xb0
[   59.390732][ T5321] dvmrp2: entered allmulticast mode
[   59.391518][ T5330]  ? clear_bhb_loop+0x55/0xb0
[   59.391548][ T5330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.399250][ T5328] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   59.401438][ T5330] RIP: 0033:0x7ffb2132e719
[   59.401461][ T5330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.410905][ T5328] ext4 filesystem being mounted at /126/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   59.419444][ T5330] RSP: 002b:00007ffb1ffa1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   59.419471][ T5330] RAX: ffffffffffffffda RBX: 00007ffb214e5f80 RCX: 00007ffb2132e719
[   59.419488][ T5330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100
[   59.419504][ T5330] RBP: 00007ffb1ffa1090 R08: 0000000000000000 R09: 0000000000000000
[   59.429938][ T5321] pimreg: entered allmulticast mode
[   59.443565][ T5330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.443585][ T5330] R13: 0000000000000000 R14: 00007ffb214e5f80 R15: 00007ffcb0c36668
[   59.443611][ T5330]  </TASK>
[   59.513372][ T4162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.526939][ T5324] ext4 filesystem being mounted at /35/file0 (deleted) supports timestamps until 2038-01-19 (0x7fffffff)
[   59.535030][    T8] IPVS: starting estimator thread 0...
[   59.631535][ T5334] IPVS: using max 1920 ests per chain, 96000 per kthread
[   59.710553][ T5344] loop5: detected capacity change from 0 to 128
[   59.736272][ T5344] sg_write: process 160 (syz.5.641) changed security contexts after opening file descriptor, this is not allowed.
[   59.769792][ T5356] loop6: detected capacity change from 0 to 512
[   59.833018][ T5361] netlink: 'syz.1.650': attribute type 10 has an invalid length.
[   59.847477][ T5363] xt_socket: unknown flags 0x58
[   59.859740][ T5361] team0: Port device geneve0 added
[   59.910177][ T5365] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[   60.079881][ T5384] loop6: detected capacity change from 0 to 512
[   60.194278][ T5397] SELinux: security_context_str_to_sid (u) failed with errno=-22
[   60.300304][ T5409] loop6: detected capacity change from 0 to 256
[   60.350169][ T5418] xt_socket: unknown flags 0x58
[   60.356690][ T5416] netlink: 'syz.6.673': attribute type 1 has an invalid length.
[   60.454170][ T5430] No such timeout policy "syz0"
[   60.477702][ T5426] No such timeout policy "syz0"
[   60.546901][ T5439] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.554061][ T5439] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.666404][ T5451] qrtr: Invalid version 71
[   60.699621][ T5462] xt_socket: unknown flags 0x58
[   60.727588][ T5464] loop0: detected capacity change from 0 to 256
[   60.943994][ T5491] syz.2.698[5491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.944103][ T5491] syz.2.698[5491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.947611][ T5489] loop0: detected capacity change from 0 to 1024
[   60.973282][ T5491] syz.2.698[5491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   60.981901][ T5489] EXT4-fs (loop0): unable to read superblock
[   61.080235][ T5503] loop2: detected capacity change from 0 to 256
[   61.158131][ T5505] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   61.515358][ T5508] loop5: detected capacity change from 0 to 512
[   61.534883][ T5508] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.535232][ T5512] __nla_validate_parse: 27 callbacks suppressed
[   61.535249][ T5512] netlink: 8 bytes leftover after parsing attributes in process `syz.6.706'.
[   61.564707][ T5512] bridge0: port 3(macvlan2) entered blocking state
[   61.571597][ T5512] bridge0: port 3(macvlan2) entered disabled state
[   61.578650][ T5512] macvlan2: entered allmulticast mode
[   61.584114][ T5512] bridge0: entered allmulticast mode
[   61.601269][ T5512] macvlan2: left allmulticast mode
[   61.606536][ T5512] bridge0: left allmulticast mode
[   61.693009][ T5522] loop2: detected capacity change from 0 to 8192
[   61.711089][ T5522] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5522 comm=syz.2.708
[   61.952224][ T5558] FAULT_INJECTION: forcing a failure.
[   61.952224][ T5558] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   61.965647][ T5558] CPU: 0 UID: 0 PID: 5558 Comm: syz.0.719 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[   61.977862][ T5558] Tainted: [W]=WARN
[   61.981688][ T5558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   61.991825][ T5558] Call Trace:
[   61.995137][ T5558]  <TASK>
[   61.998087][ T5558]  dump_stack_lvl+0xf2/0x150
[   62.002716][ T5558]  dump_stack+0x15/0x20
[   62.006898][ T5558]  should_fail_ex+0x223/0x230
[   62.011702][ T5558]  should_fail_alloc_page+0xfd/0x110
[   62.017051][ T5558]  __alloc_pages_noprof+0x109/0x340
[   62.022336][ T5558]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   62.027800][ T5558]  alloc_pages_noprof+0xe1/0x100
[   62.032897][ T5558]  __pmd_alloc+0x4c/0x3c0
[   62.037270][ T5558]  handle_mm_fault+0x1a32/0x2a80
[   62.042438][ T5558]  exc_page_fault+0x296/0x650
[   62.047175][ T5558]  asm_exc_page_fault+0x26/0x30
[   62.052170][ T5558] RIP: 0010:rep_movs_alternative+0x33/0x70
[   62.058029][ T5558] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[   62.077665][ T5558] RSP: 0018:ffffc900038e3df8 EFLAGS: 00050216
[   62.083762][ T5558] RAX: 0000000000000000 RBX: 0000000020000020 RCX: 0000000000000020
[   62.091858][ T5558] RDX: 0000000000000000 RSI: ffffc900038e3e30 RDI: 0000000020000000
[   62.099888][ T5558] RBP: 0000000000000000 R08: 0000000080000000 R09: 0000000000000000
[   62.107887][ T5558] R10: 0001c900038e3e30 R11: 0001c900038e3e4f R12: 0000000000000020
[   62.115890][ T5558] R13: 00007fffffffefff R14: 0000000020000000 R15: ffffc900038e3e30
[   62.124119][ T5558]  _copy_to_user+0x7c/0xa0
[   62.128720][ T5558]  __se_sys_ustat+0x1d8/0x200
[   62.133484][ T5558]  __x64_sys_ustat+0x31/0x40
[   62.138123][ T5558]  x64_sys_call+0x1f3a/0x2d60
[   62.142842][ T5558]  do_syscall_64+0xc9/0x1c0
[   62.147421][ T5558]  ? clear_bhb_loop+0x55/0xb0
[   62.152119][ T5558]  ? clear_bhb_loop+0x55/0xb0
[   62.156873][ T5558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.162828][ T5558] RIP: 0033:0x7ffb2132e719
[   62.167336][ T5558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.187026][ T5558] RSP: 002b:00007ffb1ffa1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000088
[   62.195453][ T5558] RAX: ffffffffffffffda RBX: 00007ffb214e5f80 RCX: 00007ffb2132e719
[   62.203622][ T5558] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000100000001
[   62.211671][ T5558] RBP: 00007ffb1ffa1090 R08: 0000000000000000 R09: 0000000000000000
[   62.219746][ T5558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.227723][ T5558] R13: 0000000000000001 R14: 00007ffb214e5f80 R15: 00007ffcb0c36668
[   62.235723][ T5558]  </TASK>
[   62.246391][ T5579] tmpfs: Unknown parameter 'nr_'
[   62.333802][ T5591] netlink: 16 bytes leftover after parsing attributes in process `syz.0.723'.
[   62.439847][ T5599] netlink: 36 bytes leftover after parsing attributes in process `syz.0.726'.
[   62.505728][ T5605] netlink: 68 bytes leftover after parsing attributes in process `syz.1.729'.
[   62.545107][ T5607] infiniband sy{0: RDMA CMA: cma_listen_on_dev, error -98
[   62.589870][ T5614] netlink: 68 bytes leftover after parsing attributes in process `syz.5.732'.
[   62.644308][ T5618] loop5: detected capacity change from 0 to 128
[   62.690182][ T5626] netlink: 8 bytes leftover after parsing attributes in process `syz.6.737'.
[   62.708894][ T5626] bridge0: port 3(macvlan2) entered blocking state
[   62.715989][ T5626] bridge0: port 3(macvlan2) entered disabled state
[   62.724375][ T5626] macvlan2: entered allmulticast mode
[   62.729996][ T5626] bridge0: entered allmulticast mode
[   62.736801][ T5626] macvlan2: left allmulticast mode
[   62.742258][ T5626] bridge0: left allmulticast mode
[   62.746841][ T5630] netlink: 36 bytes leftover after parsing attributes in process `syz.1.736'.
[   62.924390][ T5641] netlink: 'syz.0.743': attribute type 4 has an invalid length.
[   62.938553][ T5641] netlink: 'syz.0.743': attribute type 4 has an invalid length.
[   63.012787][ T5643] netlink: 12 bytes leftover after parsing attributes in process `syz.6.742'.
[   63.069707][ T5651] netlink: 12 bytes leftover after parsing attributes in process `syz.6.742'.
[   63.080135][ T5648] loop2: detected capacity change from 0 to 8192
[   63.090010][ T5648] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   63.161593][ T5660] loop2: detected capacity change from 0 to 256
[   63.178237][ T5660] netlink: 4 bytes leftover after parsing attributes in process `syz.2.748'.
[   63.227433][ T5663] loop2: detected capacity change from 0 to 256
[   63.324482][ T5667] IPVS: Error joining to the multicast group
[   63.346956][ T5670] netlink: 'syz.2.753': attribute type 29 has an invalid length.
[   63.355801][ T5670] netlink: 'syz.2.753': attribute type 29 has an invalid length.
[   63.498337][ T5685] loop2: detected capacity change from 0 to 136
[   63.498710][ T5687] FAULT_INJECTION: forcing a failure.
[   63.498710][ T5687] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.517962][ T5687] CPU: 1 UID: 0 PID: 5687 Comm: syz.1.761 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[   63.530058][ T5687] Tainted: [W]=WARN
[   63.533869][ T5687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   63.544245][ T5687] Call Trace:
[   63.547544][ T5687]  <TASK>
[   63.550567][ T5687]  dump_stack_lvl+0xf2/0x150
[   63.555192][ T5687]  dump_stack+0x15/0x20
[   63.559383][ T5687]  should_fail_ex+0x223/0x230
[   63.564092][ T5687]  should_fail+0xb/0x10
[   63.568271][ T5687]  should_fail_usercopy+0x1a/0x20
[   63.573369][ T5687]  _copy_to_user+0x20/0xa0
[   63.577881][ T5687]  simple_read_from_buffer+0xa0/0x110
[   63.583360][ T5687]  proc_fail_nth_read+0xf9/0x140
[   63.588412][ T5687]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   63.593998][ T5687]  vfs_read+0x1a2/0x700
[   63.598325][ T5687]  ? __fget_files+0x1d4/0x210
[   63.603151][ T5687]  ksys_read+0xeb/0x1b0
[   63.604804][ T5692] loop0: detected capacity change from 0 to 256
[   63.607371][ T5687]  __x64_sys_read+0x42/0x50
[   63.618247][ T5687]  x64_sys_call+0x27d3/0x2d60
[   63.622984][ T5687]  do_syscall_64+0xc9/0x1c0
[   63.627577][ T5687]  ? clear_bhb_loop+0x55/0xb0
[   63.632355][ T5687]  ? clear_bhb_loop+0x55/0xb0
[   63.637128][ T5687]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.643124][ T5687] RIP: 0033:0x7fedbaf4d15c
[   63.647673][ T5687] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   63.667362][ T5687] RSP: 002b:00007fedb9bc7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   63.675935][ T5687] RAX: ffffffffffffffda RBX: 00007fedbb105f80 RCX: 00007fedbaf4d15c
[   63.683931][ T5687] RDX: 000000000000000f RSI: 00007fedb9bc70a0 RDI: 0000000000000003
[   63.691993][ T5687] RBP: 00007fedb9bc7090 R08: 0000000000000000 R09: 0000000000000000
[   63.700039][ T5687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.708123][ T5687] R13: 0000000000000001 R14: 00007fedbb105f80 R15: 00007ffe5fedf458
[   63.716203][ T5687]  </TASK>
[   63.728502][   T29] kauditd_printk_skb: 434 callbacks suppressed
[   63.728517][   T29] audit: type=1400 audit(1730632922.826:1488): avc:  denied  { write } for  pid=5688 comm="syz.5.762" name="udplite" dev="proc" ino=4026533397 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   63.778225][   T29] audit: type=1400 audit(1730632922.876:1489): avc:  denied  { create } for  pid=5694 comm="syz.1.764" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   63.798215][   T29] audit: type=1400 audit(1730632922.876:1490): avc:  denied  { ioctl } for  pid=5694 comm="syz.1.764" path="socket:[12426]" dev="sockfs" ino=12426 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   63.830913][   T29] audit: type=1400 audit(1730632922.906:1491): avc:  denied  { sys_module } for  pid=5694 comm="syz.1.764" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   63.870637][   T29] audit: type=1400 audit(1730632922.966:1492): avc:  denied  { name_bind } for  pid=5708 comm="syz.0.768" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   63.892468][   T29] audit: type=1400 audit(1730632922.966:1493): avc:  denied  { node_bind } for  pid=5708 comm="syz.0.768" saddr=fe80::aa src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   63.914726][   T29] audit: type=1326 audit(1730632922.996:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5711 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedbaf4e719 code=0x7ffc0000
[   63.938153][   T29] audit: type=1326 audit(1730632922.996:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5711 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedbaf4e719 code=0x7ffc0000
[   63.961522][   T29] audit: type=1326 audit(1730632922.996:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5711 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fedbaf4e719 code=0x7ffc0000
[   63.964837][ T5713] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   63.984826][   T29] audit: type=1326 audit(1730632922.996:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5711 comm="syz.1.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedbaf4e719 code=0x7ffc0000
[   64.034574][ T5723] netlink: 'syz.6.770': attribute type 29 has an invalid length.
[   64.043057][ T5723] netlink: 'syz.6.770': attribute type 29 has an invalid length.
[   64.119971][ T5737] loop6: detected capacity change from 0 to 512
[   64.127528][ T5737] EXT4-fs (loop6): blocks per group (71) and clusters per group (20800) inconsistent
[   64.141958][ T5737] syz.6.772[5737] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.142024][ T5737] syz.6.772[5737] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.154386][ T5737] syz.6.772[5737] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.279807][ T5759] loop6: detected capacity change from 0 to 512
[   64.352553][ T5771] bridge0: entered promiscuous mode
[   64.359467][ T5771] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[   64.369324][ T5773] netlink: 'syz.2.777': attribute type 4 has an invalid length.
[   64.387985][ T5773] netlink: 'syz.2.777': attribute type 4 has an invalid length.
[   64.530268][ T5801] netlink: 'syz.2.787': attribute type 4 has an invalid length.
[   64.562614][ T5803] macsec0: entered promiscuous mode
[   64.568885][ T5803] veth1_macvtap: left promiscuous mode
[   64.577561][ T5803] macsec0 (unregistering): left promiscuous mode
[   64.739900][ T5812] loop5: detected capacity change from 0 to 512
[   64.750430][ T5809] loop0: detected capacity change from 0 to 512
[   64.758915][ T5812] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.763163][ T5809] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.865296][ T5822] loop0: detected capacity change from 0 to 2048
[   64.977708][ T5829] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[   65.269474][ T5844] syz.1.800[5844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.269538][ T5844] syz.1.800[5844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.295727][ T5844] syz.1.800[5844] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   65.417150][ T5857] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[   65.447432][ T5857] lo: entered allmulticast mode
[   65.520736][ T5879] loop6: detected capacity change from 0 to 128
[   65.529248][ T5879] ext4 filesystem being mounted at /78/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   65.567120][ T5885] loop6: detected capacity change from 0 to 512
[   65.590502][ T5885] EXT4-fs (loop6): orphan cleanup on readonly fs
[   65.597662][ T5885] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.815: bg 0: block 248: padding at end of block bitmap is not set
[   65.607798][ T5889] loop5: detected capacity change from 0 to 512
[   65.614105][ T5885] EXT4-fs error (device loop6): ext4_acquire_dquot:6879: comm syz.6.815: Failed to acquire dquot type 1
[   65.630882][ T5885] EXT4-fs (loop6): 1 truncate cleaned up
[   65.639505][ T5889] ext4 filesystem being mounted at /77/file0 (deleted) supports timestamps until 2038-01-19 (0x7fffffff)
[   65.696754][ T5902] loop6: detected capacity change from 0 to 512
[   65.735920][ T5902] ext4 filesystem being mounted at /80/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.827792][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x1
[   65.835309][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.842771][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.850344][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.857779][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.865203][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.872649][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.880068][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.887601][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.895090][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.902514][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.909934][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.917370][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.924840][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.932289][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.932317][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.932345][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.932368][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.932464][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.932491][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.932520][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.932548][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.932575][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.944053][ T5925] loop2: detected capacity change from 0 to 2048
[   65.947440][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.968824][ T5922] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[   65.969571][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   65.985619][ T5928] EXT4-fs error (device loop6): ext4_ext_check_inode:524: inode #12: comm syz.6.820: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   65.991763][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.054462][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.054493][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.069274][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.069304][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.084292][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.091798][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.091831][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.091852][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.091877][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.121431][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.128866][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.136359][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.143884][ T1034] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   66.151976][ T1034] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   66.349297][ T5968] FAULT_INJECTION: forcing a failure.
[   66.349297][ T5968] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.362645][ T5968] CPU: 0 UID: 0 PID: 5968 Comm: syz.6.843 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[   66.374809][ T5968] Tainted: [W]=WARN
[   66.378713][ T5968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   66.388849][ T5968] Call Trace:
[   66.392230][ T5968]  <TASK>
[   66.395162][ T5968]  dump_stack_lvl+0xf2/0x150
[   66.399805][ T5968]  dump_stack+0x15/0x20
[   66.404029][ T5968]  should_fail_ex+0x223/0x230
[   66.408821][ T5968]  should_fail+0xb/0x10
[   66.412995][ T5968]  should_fail_usercopy+0x1a/0x20
[   66.418078][ T5968]  _copy_from_user+0x1e/0xb0
[   66.422697][ T5968]  copy_msghdr_from_user+0x54/0x2a0
[   66.428006][ T5968]  __sys_sendmsg+0x171/0x270
[   66.432619][ T5968]  __x64_sys_sendmsg+0x46/0x50
[   66.437413][ T5968]  x64_sys_call+0x2689/0x2d60
[   66.442166][ T5968]  do_syscall_64+0xc9/0x1c0
[   66.446726][ T5968]  ? clear_bhb_loop+0x55/0xb0
[   66.451473][ T5968]  ? clear_bhb_loop+0x55/0xb0
[   66.456151][ T5968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.462129][ T5968] RIP: 0033:0x7f5f92d6e719
[   66.466577][ T5968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.486214][ T5968] RSP: 002b:00007f5f919e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   66.494728][ T5968] RAX: ffffffffffffffda RBX: 00007f5f92f25f80 RCX: 00007f5f92d6e719
[   66.502751][ T5968] RDX: 0000000000000800 RSI: 0000000020000400 RDI: 0000000000000006
[   66.510999][ T5968] RBP: 00007f5f919e1090 R08: 0000000000000000 R09: 0000000000000000
[   66.518990][ T5968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.526998][ T5968] R13: 0000000000000000 R14: 00007f5f92f25f80 R15: 00007ffc022c7728
[   66.535059][ T5968]  </TASK>
[   66.560395][ T5974] validate_nla: 2 callbacks suppressed
[   66.560412][ T5974] netlink: 'syz.2.846': attribute type 1 has an invalid length.
[   66.643936][ T5993] loop2: detected capacity change from 0 to 512
[   66.651559][ T5993] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   66.662132][ T5993] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e12c, mo2=0002]
[   66.670303][ T5993] System zones: 1-12
[   66.675041][ T5993] EXT4-fs (loop2): orphan cleanup on readonly fs
[   66.682028][ T5993] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.854: invalid indirect mapped block 12 (level 1)
[   66.696486][ T5993] EXT4-fs (loop2): Remounting filesystem read-only
[   66.696603][ T5993] EXT4-fs (loop2): 1 truncate cleaned up
[   66.697072][ T5993] SELinux: (dev loop2, type ext4) getxattr errno 5
[   66.722534][ T5993] loop2: detected capacity change from 0 to 1024
[   66.743106][ T5993] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.685187][ T6041] loop2: detected capacity change from 0 to 512
[   67.701406][ T6045] loop0: detected capacity change from 0 to 256
[   67.741934][ T6041] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.865: Failed to acquire dquot type 1
[   67.754843][ T6041] EXT4-fs (loop2): 1 truncate cleaned up
[   67.760961][ T6041] EXT4-fs mount: 27 callbacks suppressed
[   67.766773][ T6041] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.807965][ T6041] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.845408][ T6059] __nla_validate_parse: 19 callbacks suppressed
[   67.845423][ T6059] netlink: 8 bytes leftover after parsing attributes in process `syz.0.871'.
[   67.884702][ T6063] FAULT_INJECTION: forcing a failure.
[   67.884702][ T6063] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   67.898106][ T6063] CPU: 1 UID: 0 PID: 6063 Comm: syz.0.873 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[   67.910209][ T6063] Tainted: [W]=WARN
[   67.914031][ T6063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   67.924184][ T6063] Call Trace:
[   67.927548][ T6063]  <TASK>
[   67.930552][ T6063]  dump_stack_lvl+0xf2/0x150
[   67.935265][ T6063]  dump_stack+0x15/0x20
[   67.939538][ T6063]  should_fail_ex+0x223/0x230
[   67.939580][ T6063]  should_fail_alloc_page+0xfd/0x110
[   67.949560][ T6063]  __alloc_pages_noprof+0x109/0x340
[   67.949598][ T6063]  alloc_pages_mpol_noprof+0xb1/0x1e0
[   67.949639][ T6063]  alloc_pages_noprof+0xe1/0x100
[   67.965183][ T6063]  pte_alloc_one+0x32/0xf0
[   67.969621][ T6063]  __pte_alloc+0x33/0x270
[   67.974051][ T6063]  handle_mm_fault+0x1b05/0x2a80
[   67.979045][ T6063]  exc_page_fault+0x296/0x650
[   67.983766][ T6063]  asm_exc_page_fault+0x26/0x30
[   67.988690][ T6063] RIP: 0010:rep_movs_alternative+0x33/0x70
[   67.994530][ T6063] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[   68.014216][ T6063] RSP: 0018:ffffc900001e3df8 EFLAGS: 00050216
[   68.020334][ T6063] RAX: 0000000000000000 RBX: 0000000020000020 RCX: 0000000000000020
[   68.028328][ T6063] RDX: 0000000000000000 RSI: ffffc900001e3e30 RDI: 0000000020000000
[   68.036326][ T6063] RBP: 0000000000000000 R08: 0000000080000000 R09: 0000000000000000
[   68.044404][ T6063] R10: 0001c900001e3e30 R11: 0001c900001e3e4f R12: 0000000000000020
[   68.052401][ T6063] R13: 00007fffffffefff R14: 0000000020000000 R15: ffffc900001e3e30
[   68.060461][ T6063]  _copy_to_user+0x7c/0xa0
[   68.064903][ T6063]  __se_sys_ustat+0x1d8/0x200
[   68.069666][ T6063]  __x64_sys_ustat+0x31/0x40
[   68.074352][ T6063]  x64_sys_call+0x1f3a/0x2d60
[   68.079062][ T6063]  do_syscall_64+0xc9/0x1c0
[   68.083653][ T6063]  ? clear_bhb_loop+0x55/0xb0
[   68.088347][ T6063]  ? clear_bhb_loop+0x55/0xb0
[   68.093113][ T6063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.099052][ T6063] RIP: 0033:0x7ffb2132e719
[   68.103244][ T6066] netlink: 96 bytes leftover after parsing attributes in process `syz.5.874'.
[   68.103475][ T6063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.103499][ T6063] RSP: 002b:00007ffb1ffa1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000088
[   68.103520][ T6063] RAX: ffffffffffffffda RBX: 00007ffb214e5f80 RCX: 00007ffb2132e719
[   68.103533][ T6063] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000100000001
[   68.103546][ T6063] RBP: 00007ffb1ffa1090 R08: 0000000000000000 R09: 0000000000000000
[   68.112436][ T6066] netlink: 'syz.5.874': attribute type 9 has an invalid length.
[   68.132003][ T6063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.132042][ T6063] R13: 0000000000000001 R14: 00007ffb214e5f80 R15: 00007ffcb0c36668
[   68.132067][ T6063]  </TASK>
[   68.140475][ T6066] netlink: 8 bytes leftover after parsing attributes in process `syz.5.874'.
[   68.229481][ T6068] netlink: 28 bytes leftover after parsing attributes in process `syz.0.875'.
[   68.276595][ T6073] vlan2: entered promiscuous mode
[   68.449839][ T6082] loop0: detected capacity change from 0 to 256
[   68.504224][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.590478][ T6089] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6089 comm=syz.2.882
[   68.603268][ T6087] netlink: 'syz.5.883': attribute type 3 has an invalid length.
[   68.614157][ T6087] netlink: 16 bytes leftover after parsing attributes in process `syz.5.883'.
[   68.623148][ T6087] netlink: 92 bytes leftover after parsing attributes in process `syz.5.883'.
[   68.632086][ T6087] vlan0: entered allmulticast mode
[   68.637252][ T6087] veth0_vlan: entered allmulticast mode
[   68.670327][ T6091] loop5: detected capacity change from 0 to 256
[   68.750189][ T6101] loop0: detected capacity change from 0 to 128
[   68.798312][   T29] kauditd_printk_skb: 374 callbacks suppressed
[   68.798331][   T29] audit: type=1400 audit(1730632927.896:1866): avc:  denied  { connect } for  pid=6098 comm="syz.1.887" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   68.858120][   T29] audit: type=1400 audit(1730632927.956:1867): avc:  denied  { create } for  pid=6119 comm="syz.0.895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   68.882912][ T6114] loop6: detected capacity change from 0 to 256
[   68.910163][   T29] audit: type=1400 audit(1730632927.996:1868): avc:  denied  { write } for  pid=6119 comm="syz.0.895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   68.939101][ T6125] loop2: detected capacity change from 0 to 2048
[   68.963178][ T6125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.965286][ T6132] loop1: detected capacity change from 0 to 128
[   68.981924][   T29] audit: type=1400 audit(1730632928.086:1869): avc:  denied  { setattr } for  pid=6124 comm="syz.2.896" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   69.007070][ T6136] netlink: 36 bytes leftover after parsing attributes in process `syz.0.898'.
[   69.017767][ T6132] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   69.019767][ T6138] netlink: 36 bytes leftover after parsing attributes in process `syz.6.900'.
[   69.032202][ T6132] ext4 filesystem being mounted at /210/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   69.038795][ T6138] netlink: 16 bytes leftover after parsing attributes in process `syz.6.900'.
[   69.058054][ T6138] netlink: 36 bytes leftover after parsing attributes in process `syz.6.900'.
[   69.059351][ T6132] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.072199][   T29] audit: type=1400 audit(1730632928.176:1870): avc:  denied  { write } for  pid=6137 comm="syz.6.900" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   69.079384][ T6138] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 6
[   69.095509][ T6132] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.159743][ T6142] netlink: 'syz.6.902': attribute type 4 has an invalid length.
[   69.172543][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.176415][ T6142] netlink: 'syz.6.902': attribute type 4 has an invalid length.
[   69.258856][ T6149] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[   69.285589][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x4
[   69.293455][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x2
[   69.301260][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.309009][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.310207][ T6158] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[   69.316765][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.316791][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.340975][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.348730][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.356466][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.364208][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.371991][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.372479][   T29] audit: type=1326 audit(1730632928.446:1871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6163 comm="syz.2.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   69.379769][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.403103][   T29] audit: type=1326 audit(1730632928.446:1872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6163 comm="syz.2.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   69.410813][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.434188][   T29] audit: type=1326 audit(1730632928.446:1873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6163 comm="syz.2.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   69.441927][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.441955][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.441978][ T1034] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0
[   69.488521][   T29] audit: type=1326 audit(1730632928.456:1874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6163 comm="syz.2.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   69.488998][ T1034] hid-generic 0000:3000000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   69.511985][   T29] audit: type=1326 audit(1730632928.456:1875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6163 comm="syz.2.909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   69.553732][ T6166] vlan2: entered promiscuous mode
[   69.588252][ T6172] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.597247][ T6172] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.607898][ T6172] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.616719][ T6172] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.693819][ T6177] loop2: detected capacity change from 0 to 512
[   69.703080][ T6177] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.915: invalid indirect mapped block 256 (level 2)
[   69.717142][ T6177] EXT4-fs (loop2): 2 truncates cleaned up
[   69.723962][ T6177] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.737973][ T6179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.748717][ T6179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.748884][ T3318] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   69.789362][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.867332][ T6193] loop5: detected capacity change from 0 to 1024
[   69.870312][ T6187] loop2: detected capacity change from 0 to 512
[   69.880738][ T6193] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   69.892803][ T6187] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.918: corrupted in-inode xattr: invalid ea_ino
[   69.902843][ T6193] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.919573][ T6187] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.918: couldn't read orphan inode 15 (err -117)
[   69.934081][ T6187] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.950357][ T6193] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.5.921: corrupted in-inode xattr: bad magic number in in-inode xattr
[   69.956126][ T6187] bond1: entered promiscuous mode
[   69.971080][ T6187] bond1: entered allmulticast mode
[   69.976761][ T6187] 8021q: adding VLAN 0 to HW filter on device bond1
[   69.993124][ T6187] bond1 (unregistering): Released all slaves
[   70.019592][ T4162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.038144][ T6202] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   70.124879][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.185269][ T6218] loop5: detected capacity change from 0 to 256
[   70.331347][ T6239] loop0: detected capacity change from 0 to 256
[   70.346337][ T6239] vfat: Bad value for 'shortname'
[   70.428996][ T6250] bridge0: entered promiscuous mode
[   70.435876][ T6250] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[   70.492691][ T6253] loop1: detected capacity change from 0 to 1024
[   70.499419][ T6253] EXT4-fs: Ignoring removed orlov option
[   70.505187][ T6253] EXT4-fs: Ignoring removed nomblk_io_submit option
[   70.512846][ T6253] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   70.523778][ T6253] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[   70.536373][ T6253] EXT4-fs (loop1): invalid journal inode
[   70.542539][ T6253] EXT4-fs (loop1): can't get journal size
[   70.549937][ T6253] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.571441][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.700961][ T6264] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   70.710799][ T6268] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   70.725769][ T6264] loop1: detected capacity change from 0 to 512
[   70.742645][ T6264] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.946: Failed to acquire dquot type 1
[   70.754476][ T6264] EXT4-fs (loop1): 1 truncate cleaned up
[   70.760703][ T6264] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.773315][ T6264] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.796379][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.815506][ T6273] netlink: 'syz.1.947': attribute type 4 has an invalid length.
[   70.827208][ T6273] netlink: 'syz.1.947': attribute type 4 has an invalid length.
[   70.894575][ T6277] ebtables: ebtables: counters copy to user failed while replacing table
[   70.959776][ T6285] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   70.990534][ T6221] syz.0.929 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   71.001544][ T6221] CPU: 1 UID: 0 PID: 6221 Comm: syz.0.929 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[   71.013667][ T6221] Tainted: [W]=WARN
[   71.018111][ T6221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   71.028429][ T6221] Call Trace:
[   71.031780][ T6221]  <TASK>
[   71.035047][ T6221]  dump_stack_lvl+0xf2/0x150
[   71.039671][ T6221]  dump_stack+0x15/0x20
[   71.044402][ T6221]  dump_header+0x83/0x2d0
[   71.049884][ T6221]  oom_kill_process+0x341/0x4c0
[   71.055297][ T6221]  out_of_memory+0x9af/0xbe0
[   71.059964][ T6221]  ? css_next_descendant_pre+0x11c/0x140
[   71.065741][ T6221]  mem_cgroup_out_of_memory+0x13e/0x190
[   71.071321][ T6221]  try_charge_memcg+0x51b/0x810
[   71.076223][ T6221]  charge_memcg+0x50/0xc0
[   71.080600][ T6221]  mem_cgroup_swapin_charge_folio+0xd0/0x150
[   71.086714][ T6221]  __read_swap_cache_async+0x236/0x480
[   71.092299][ T6221]  swap_cluster_readahead+0x276/0x3f0
[   71.097837][ T6221]  swapin_readahead+0xe4/0x6f0
[   71.102675][ T6221]  ? __filemap_get_folio+0x420/0x5b0
[   71.108083][ T6221]  ? swap_cache_get_folio+0x77/0x210
[   71.113582][ T6221]  do_swap_page+0x31e/0x2550
[   71.118371][ T6221]  ? hrtimer_try_to_cancel+0x106/0x1d0
[   71.123886][ T6221]  ? __rcu_read_lock+0x36/0x50
[   71.128823][ T6221]  ? __pfx_default_wake_function+0x10/0x10
[   71.134682][ T6221]  handle_mm_fault+0x8c5/0x2a80
[   71.139579][ T6221]  exc_page_fault+0x3b9/0x650
[   71.144371][ T6221]  asm_exc_page_fault+0x26/0x30
[   71.149250][ T6221] RIP: 0033:0x7ffb21201afc
[   71.153705][ T6221] Code: 72 64 0f 1f 40 00 69 3d b6 3b e1 00 e8 03 00 00 48 8d 1d 97 44 2e 00 e8 82 cb 12 00 eb 0c 48 81 c3 d8 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 d8 00 00
[   71.158957][ T6297] loop2: detected capacity change from 0 to 512
[   71.173582][ T6221] RSP: 002b:00007ffcb0c367d0 EFLAGS: 00010202
[   71.173639][ T6221] RAX: 0000000000000000 RBX: 00007ffb214e5f80 RCX: 0000000000000000
[   71.173656][ T6221] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055557056f808
[   71.173671][ T6221] RBP: 00007ffb214e7a80 R08: 0000000000000000 R09: 7fffffffffffffff
[   71.173687][ T6221] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000011585
[   71.173703][ T6221] R13: 00007ffcb0c368d0 R14: 0000000000000032 R15: ffffffffffffffff
[   71.226186][ T6221]  </TASK>
[   71.229447][ T6221] memory: usage 307200kB, limit 307200kB, failcnt 930
[   71.236885][ T6221] memory+swap: usage 307552kB, limit 9007199254740988kB, failcnt 0
[   71.244869][ T6221] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0
[   71.247410][ T6297] EXT4-fs (loop2): orphan cleanup on readonly fs
[   71.252278][ T6221] Memory cgroup stats for /syz0:
[   71.259138][ T6221] cache 20480
[   71.260988][ T6297] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.956: bg 0: block 248: padding at end of block bitmap is not set
[   71.264105][ T6221] rss 4096
[   71.267694][ T6297] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.956: Failed to acquire dquot type 1
[   71.281616][ T6221] shmem 0
[   71.281629][ T6221] mapped_file 172032
[   71.281638][ T6221] dirty 20480
[   71.281646][ T6221] writeback 12288
[   71.287426][ T6297] EXT4-fs (loop2): 1 truncate cleaned up
[   71.295800][ T6221] workingset_refault_anon 217
[   71.320492][ T6221] workingset_refault_file 157
[   71.325217][ T6221] swap 360448
[   71.328519][ T6221] swapcached 12288
[   71.332475][ T6221] pgpgin 42721
[   71.335869][ T6221] pgpgout 42713
[   71.339379][ T6221] pgfault 57893
[   71.342921][ T6221] pgmajfault 82
[   71.346465][ T6221] inactive_anon 12288
[   71.350443][ T6221] active_anon 0
[   71.353950][ T6221] inactive_file 20480
[   71.357943][ T6221] active_file 0
[   71.361440][ T6221] unevictable 0
[   71.364900][ T6221] hierarchical_memory_limit 314572800
[   71.370273][ T6221] hierarchical_memsw_limit 9223372036854771712
[   71.376467][ T6221] total_cache 20480
[   71.380316][ T6221] total_rss 4096
[   71.383976][ T6221] total_shmem 0
[   71.387488][ T6221] total_mapped_file 172032
[   71.391935][ T6221] total_dirty 20480
[   71.395829][ T6221] total_writeback 12288
[   71.399976][ T6221] total_workingset_refault_anon 217
[   71.405349][ T6221] total_workingset_refault_file 157
[   71.410573][ T6221] total_swap 360448
[   71.414417][ T6221] total_swapcached 12288
[   71.418730][ T6221] total_pgpgin 42721
[   71.422677][ T6221] total_pgpgout 42713
[   71.426702][ T6221] total_pgfault 57893
[   71.430716][ T6221] total_pgmajfault 82
[   71.434765][ T6221] total_inactive_anon 12288
[   71.439282][ T6221] total_active_anon 0
[   71.443374][ T6221] total_inactive_file 20480
[   71.447905][ T6221] total_active_file 0
[   71.452057][ T6221] total_unevictable 0
[   71.456043][ T6221] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.929,pid=6221,uid=0
[   71.470693][ T6221] Memory cgroup out of memory: Killed process 6221 (syz.0.929) total-vm:87268kB, anon-rss:612kB, file-rss:16292kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[   71.488556][ T6297] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   71.506879][ T6297] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.611223][ T6304] loop1: detected capacity change from 0 to 256
[   71.648959][ T6310] vlan2: entered promiscuous mode
[   71.659683][ T6310] team0: Device vlan2 is already an upper device of the team interface
[   71.791630][ T6222] +}[@ (6222) used greatest stack depth: 7032 bytes left
[   71.818090][ T6325] loop1: detected capacity change from 0 to 1024
[   71.827314][ T6325] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.840049][ T6338] loop0: detected capacity change from 0 to 1024
[   71.847577][ T6338] EXT4-fs: Ignoring removed bh option
[   71.850562][ T6325] FAULT_INJECTION: forcing a failure.
[   71.850562][ T6325] name failslab, interval 1, probability 0, space 0, times 0
[   71.865724][ T6325] CPU: 0 UID: 0 PID: 6325 Comm: syz.1.964 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[   71.874253][ T6338] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.877858][ T6325] Tainted: [W]=WARN
[   71.894031][ T6325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   71.904218][ T6325] Call Trace:
[   71.907669][ T6325]  <TASK>
[   71.910646][ T6325]  dump_stack_lvl+0xf2/0x150
[   71.915362][ T6325]  dump_stack+0x15/0x20
[   71.919592][ T6325]  should_fail_ex+0x223/0x230
[   71.924353][ T6325]  ? ext4_find_extent+0x172/0x7c0
[   71.929454][ T6325]  should_failslab+0x8f/0xb0
[   71.934079][ T6325]  __kmalloc_noprof+0xa5/0x370
[   71.938933][ T6325]  ext4_find_extent+0x172/0x7c0
[   71.943793][ T6325]  ? __es_remove_extent+0x8f1/0xd80
[   71.949055][ T6325]  ext4_ext_map_blocks+0x11f/0x35c0
[   71.954270][ T6325]  ? _raw_write_unlock+0xd/0x30
[   71.959159][ T6325]  ? ext4_es_insert_extent+0x1b45/0x1c80
[   71.964970][ T6325]  ? ext4_es_lookup_extent+0x35b/0x520
[   71.970529][ T6325]  ext4_map_blocks+0x592/0xcf0
[   71.975355][ T6325]  _ext4_get_block+0x104/0x370
[   71.980182][ T6325]  ext4_get_block+0x39/0x50
[   71.984704][ T6325]  ext4_block_write_begin+0x34f/0x9c0
[   71.990105][ T6325]  ? __pfx_ext4_get_block+0x10/0x10
[   71.995374][ T6325]  ? ext4_inode_journal_mode+0xdf/0x1d0
[   72.000943][ T6325]  ext4_write_begin+0x426/0xc30
[   72.005925][ T6325]  generic_perform_write+0x1a8/0x4a0
[   72.011259][ T6325]  ext4_buffered_write_iter+0x1ea/0x370
[   72.016856][ T6325]  ext4_file_write_iter+0x293/0xe10
[   72.022178][ T6325]  ? kstrtouint_from_user+0xb0/0xe0
[   72.027406][ T6325]  ? avc_policy_seqno+0x15/0x20
[   72.032336][ T6325]  vfs_write+0x77f/0x920
[   72.036610][ T6325]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   72.042346][ T6325]  ksys_write+0xeb/0x1b0
[   72.046605][ T6325]  __x64_sys_write+0x42/0x50
[   72.051224][ T6325]  x64_sys_call+0x27dd/0x2d60
[   72.055970][ T6325]  do_syscall_64+0xc9/0x1c0
[   72.060492][ T6325]  ? clear_bhb_loop+0x55/0xb0
[   72.065259][ T6325]  ? clear_bhb_loop+0x55/0xb0
[   72.069938][ T6325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.075849][ T6325] RIP: 0033:0x7fedbaf4e719
[   72.080263][ T6325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.099980][ T6325] RSP: 002b:00007fedb9bc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   72.108402][ T6325] RAX: ffffffffffffffda RBX: 00007fedbb105f80 RCX: 00007fedbaf4e719
[   72.116410][ T6325] RDX: 00000000ffffff6a RSI: 0000000020000000 RDI: 0000000000000005
[   72.124399][ T6325] RBP: 00007fedb9bc7090 R08: 0000000000000000 R09: 0000000000000000
[   72.132423][ T6325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   72.140394][ T6325] R13: 0000000000000000 R14: 00007fedbb105f80 R15: 00007ffe5fedf458
[   72.148423][ T6325]  </TASK>
[   72.158814][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.179834][ T6345] loop0: detected capacity change from 0 to 512
[   72.193331][ T6345] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.206342][ T6345] ext4 filesystem being mounted at /238/file0 (deleted) supports timestamps until 2038-01-19 (0x7fffffff)
[   72.207872][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.218884][ T6345] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.373882][ T6364] loop1: detected capacity change from 0 to 128
[   72.381954][ T6364] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   72.394997][ T6364] ext4 filesystem being mounted at /237/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   72.420210][ T3318] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   72.442923][ T6367] loop1: detected capacity change from 0 to 736
[   72.463907][ T6367] netlink: 'syz.1.977': attribute type 10 has an invalid length.
[   72.601707][ T6374] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[   72.673821][ T6381] loop6: detected capacity change from 0 to 1024
[   72.689684][ T6381] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[   72.705626][ T6381] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   72.733198][ T6381] EXT4-fs error (device loop6): ext4_get_journal_inode:5762: inode #32: comm syz.6.983: iget: special inode unallocated
[   72.733307][ T6381] EXT4-fs (loop6): no journal found
[   72.733369][ T6381] EXT4-fs (loop6): can't get journal size
[   72.777126][ T6381] EXT4-fs error (device loop6): ext4_protect_reserved_inode:160: inode #32: comm syz.6.983: iget: special inode unallocated
[   72.800786][ T6381] EXT4-fs (loop6): failed to initialize system zone (-117)
[   72.808505][ T6381] EXT4-fs (loop6): mount failed
[   72.818309][ T6381] ebt_among: dst integrity fail: 11d
[   72.912113][ T6409] IPVS: set_ctl: invalid protocol: 43 172.20.20.170:20001
[   73.097192][ T6381] __nla_validate_parse: 79 callbacks suppressed
[   73.097213][ T6381] netlink: 16 bytes leftover after parsing attributes in process `syz.6.983'.
[   73.112704][ T6381] netlink: 16 bytes leftover after parsing attributes in process `syz.6.983'.
[   73.121681][ T6381] netlink: 16 bytes leftover after parsing attributes in process `syz.6.983'.
[   73.284007][ T6419] loop5: detected capacity change from 0 to 1024
[   73.292053][ T6424] syz.6.997[6424] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.292124][ T6424] syz.6.997[6424] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.293015][ T6419] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   73.304748][ T6424] syz.6.997[6424] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.315467][ T6419] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   73.348581][ T6419] JBD2: no valid journal superblock found
[   73.354407][ T6419] EXT4-fs (loop5): Could not load journal inode
[   73.414095][ T6433] tipc: Started in network mode
[   73.419015][ T6433] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[   73.428270][ T6433] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000
[   73.436494][ T6433] tipc: Enabled bearer <udp:syz0>, priority 10
[   73.481897][ T6445] syz.5.1006[6445] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.482027][ T6445] syz.5.1006[6445] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.493721][ T6445] syz.5.1006[6445] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.615538][ T6449] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1007'.
[   73.655285][ T6449] hsr0: entered allmulticast mode
[   73.660388][ T6449] hsr_slave_0: entered allmulticast mode
[   73.666188][ T6449] hsr_slave_1: entered allmulticast mode
[   73.689249][ T6455] No such timeout policy "syz0"
[   73.716719][ T6457] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1010'.
[   73.727972][ T6458] hsr_slave_0: left promiscuous mode
[   73.734922][ T6458] hsr_slave_1: left promiscuous mode
[   73.747860][ T6458] hsr0 (unregistering): left allmulticast mode
[   73.864282][ T6463] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1012'.
[   73.887065][ T6461] loop5: detected capacity change from 0 to 1024
[   73.912022][ T6461] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.971529][ T6461] EXT4-fs error (device loop5): __ext4_iget:4952: inode #12: block 17104912: comm syz.5.1011: invalid block
[   74.008267][ T6461] EXT4-fs error (device loop5): __ext4_iget:4952: inode #12: block 17104912: comm syz.5.1011: invalid block
[   74.032154][ T6461] EXT4-fs error (device loop5): __ext4_iget:4952: inode #12: block 17104912: comm syz.5.1011: invalid block
[   74.066470][ T6468] loop0: detected capacity change from 0 to 512
[   74.075409][ T6470] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1015'.
[   74.111941][ T6474] program syz.2.1016 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   74.121245][   T29] kauditd_printk_skb: 217 callbacks suppressed
[   74.121265][   T29] audit: type=1400 audit(1730632933.216:2089): avc:  denied  { append } for  pid=6471 comm="syz.2.1016" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   74.157077][   T29] audit: type=1326 audit(1730632933.256:2090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6477 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   74.163868][ T6468] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.180614][   T29] audit: type=1326 audit(1730632933.256:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6477 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   74.194945][ T6468] ext4 filesystem being mounted at /248/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   74.216955][   T29] audit: type=1326 audit(1730632933.256:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6477 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   74.217040][   T29] audit: type=1326 audit(1730632933.256:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6477 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   74.217108][   T29] audit: type=1326 audit(1730632933.256:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6477 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   74.298378][   T29] audit: type=1326 audit(1730632933.256:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6477 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   74.322047][   T29] audit: type=1326 audit(1730632933.256:2096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6477 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   74.345639][   T29] audit: type=1326 audit(1730632933.256:2097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6477 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   74.369278][   T29] audit: type=1326 audit(1730632933.256:2098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6477 comm="syz.2.1017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[   74.394503][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.436242][ T3193] tipc: Node number set to 1
[   74.448174][ T6482] siw: device registration error -23
[   74.535146][ T6503] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1026'.
[   74.563904][ T6506] netlink: 184 bytes leftover after parsing attributes in process `syz.2.1027'.
[   74.608385][ T6512] loop0: detected capacity change from 0 to 1024
[   74.617447][ T6512] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   74.637580][ T6514] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1031'.
[   74.656511][ T4162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.686853][ T6512] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.708877][ T6523] vlan2: entered promiscuous mode
[   74.717930][ T6512] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[   74.787178][ T6534] loop6: detected capacity change from 0 to 128
[   74.788625][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.812166][ T6534] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   74.835777][ T6534] ext4 filesystem being mounted at /120/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   74.878618][ T6534] netlink: 'syz.6.1039': attribute type 26 has an invalid length.
[   74.926592][ T4670] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   75.041344][ T6557] Falling back ldisc for ttyS3.
[   75.125073][ T6579] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   75.145254][ T6579] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   75.164529][ T6579] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[   75.179494][ T6579] bridge0: left promiscuous mode
[   75.188513][ T6579] bond0 (unregistering): Released all slaves
[   75.211683][ T6592] netlink: 'syz.0.1058': attribute type 29 has an invalid length.
[   75.224270][ T6592] netlink: 'syz.0.1058': attribute type 29 has an invalid length.
[   75.338149][ T6621] loop2: detected capacity change from 0 to 1024
[   75.363199][ T6611] bridge_slave_0: left allmulticast mode
[   75.364504][ T6621] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.368923][ T6611] bridge_slave_0: left promiscuous mode
[   75.384648][ T6628] loop5: detected capacity change from 0 to 512
[   75.386682][ T6611] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.394153][ T6621] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.412364][ T6611] bridge_slave_1: left allmulticast mode
[   75.413636][ T6628] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[   75.418112][ T6611] bridge_slave_1: left promiscuous mode
[   75.418218][ T6611] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.432366][ T6630] loop1: detected capacity change from 0 to 1024
[   75.441547][ T6628] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1070: invalid indirect mapped block 2683928664 (level 1)
[   75.445889][ T6630] EXT4-fs: inline encryption not supported
[   75.465688][ T6628] EXT4-fs (loop5): 1 truncate cleaned up
[   75.466127][ T6621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.471905][ T6628] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.482762][ T6630] EXT4-fs (loop1): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   75.500634][ T6621] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.515530][ T6611] team0: Port device team_slave_0 removed
[   75.519743][ T6630] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.520879][ T6611] team0: Port device team_slave_1 removed
[   75.522200][ T6611] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   75.522252][ T6611] batman_adv: batadv0: Removing interface: batadv_slave_0
[   75.523879][ T6611] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   75.561416][ T6635] EXT4-fs error (device loop5): ext4_find_dest_de:2069: inode #2: block 13: comm syz.5.1070: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[   75.568406][ T6611] batman_adv: batadv0: Removing interface: batadv_slave_1
[   75.608048][ T6611] team0: Port device geneve0 removed
[   75.628680][ T6628] EXT4-fs error (device loop5): ext4_find_dest_de:2069: inode #2: block 13: comm syz.5.1070: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[   75.655013][ T3318] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.665541][ T4162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.760525][ T6652] 9pnet: p9_errstr2errno: server reported unknown error ‌@يخ‚ح(لل00000000000000000007
[   75.899445][ T6673] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[   75.927207][ T6669] bridge_slave_0: left allmulticast mode
[   75.933087][ T6669] bridge_slave_0: left promiscuous mode
[   75.938821][ T6669] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.948913][ T6669] bridge_slave_1: left allmulticast mode
[   75.954683][ T6669] bridge_slave_1: left promiscuous mode
[   75.960403][ T6669] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.973048][ T6669] bond0: (slave bond_slave_0): Releasing backup interface
[   75.986623][ T6681] loop5: detected capacity change from 0 to 1024
[   75.991999][ T6669] bond0: (slave bond_slave_1): Releasing backup interface
[   75.993726][ T6681] EXT4-fs: inline encryption not supported
[   76.006857][ T6681] EXT4-fs (loop5): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   76.021683][ T6669] team0: Port device team_slave_0 removed
[   76.024651][ T6681] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.044243][ T6669] team0: Port device team_slave_1 removed
[   76.059739][ T6669] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   76.067233][ T6669] batman_adv: batadv0: Removing interface: batadv_slave_0
[   76.078893][ T6669] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   76.086634][ T6669] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.114937][ T6669] bond0: (slave macvlan2): Releasing backup interface
[   76.124461][ T6669] bridge0: left promiscuous mode
[   76.177183][ T4162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.205733][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.253624][ T6713] loop2: detected capacity change from 0 to 512
[   76.270561][ T6716] vlan2: entered promiscuous mode
[   76.276404][ T6716] team0: Device vlan2 is already an upper device of the team interface
[   76.280659][ T6713] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.299946][ T6713] ext4 filesystem being mounted at /215/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.326314][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.385879][ T6740] loop2: detected capacity change from 0 to 512
[   76.393092][ T6740] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   76.414521][ T6740] EXT4-fs (loop2): 1 truncate cleaned up
[   76.420911][ T6740] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.454695][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.471794][ T6749] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[   76.489495][ T6755] loop2: detected capacity change from 0 to 2048
[   76.502912][ T6757] FAULT_INJECTION: forcing a failure.
[   76.502912][ T6757] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.516047][ T6757] CPU: 0 UID: 0 PID: 6757 Comm: syz.0.1117 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[   76.528238][ T6757] Tainted: [W]=WARN
[   76.528248][ T6758] loop6: detected capacity change from 0 to 128
[   76.532039][ T6757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   76.532057][ T6757] Call Trace:
[   76.532065][ T6757]  <TASK>
[   76.532075][ T6757]  dump_stack_lvl+0xf2/0x150
[   76.532115][ T6757]  dump_stack+0x15/0x20
[   76.532141][ T6757]  should_fail_ex+0x223/0x230
[   76.532241][ T6757]  should_fail+0xb/0x10
[   76.532276][ T6757]  should_fail_usercopy+0x1a/0x20
[   76.532297][ T6757]  copy_page_from_iter_atomic+0x228/0xf80
[   76.583586][ T6757]  ? shmem_write_begin+0xa2/0x180
[   76.588646][ T6757]  ? shmem_write_begin+0xda/0x180
[   76.593716][ T6757]  generic_perform_write+0x2f1/0x4a0
[   76.599090][ T6757]  shmem_file_write_iter+0xc2/0xe0
[   76.604262][ T6757]  vfs_write+0x77f/0x920
[   76.608550][ T6757]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   76.614389][ T6757]  ksys_write+0xeb/0x1b0
[   76.618776][ T6757]  __x64_sys_write+0x42/0x50
[   76.623421][ T6757]  x64_sys_call+0x27dd/0x2d60
[   76.628112][ T6757]  do_syscall_64+0xc9/0x1c0
[   76.632637][ T6757]  ? clear_bhb_loop+0x55/0xb0
[   76.637385][ T6757]  ? clear_bhb_loop+0x55/0xb0
[   76.642080][ T6757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.648018][ T6757] RIP: 0033:0x7ffb2132e719
[   76.652524][ T6757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.672236][ T6757] RSP: 002b:00007ffb1ffa1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   76.680709][ T6757] RAX: ffffffffffffffda RBX: 00007ffb214e5f80 RCX: 00007ffb2132e719
[   76.688724][ T6757] RDX: 00000000ffffff6a RSI: 0000000020000000 RDI: 0000000000000004
[   76.696803][ T6757] RBP: 00007ffb1ffa1090 R08: 0000000000000000 R09: 0000000000000000
[   76.704878][ T6757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   76.712919][ T6757] R13: 0000000000000000 R14: 00007ffb214e5f80 R15: 00007ffcb0c36668
[   76.721015][ T6757]  </TASK>
[   76.738475][ T6755]  loop2: p1 < > p4
[   76.752556][ T4097] kworker/u8:9: attempt to access beyond end of device
[   76.752556][ T4097] loop6: rw=1, sector=145, nr_sectors = 33 limit=128
[   76.769081][ T6755] loop2: p4 size 8388608 extends beyond EOD, truncated
[   76.832949][ T6767] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   76.842009][ T6767] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   76.888443][ T6769] loop2: detected capacity change from 0 to 128
[   76.896726][ T6769] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   76.909760][ T6769] ext4 filesystem being mounted at /220/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   76.947376][ T3322] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   77.098814][ T6804] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[   77.160394][ T6784] chnl_net:caif_netlink_parms(): no params data found
[   77.217675][ T6784] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.224882][ T6784] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.232459][ T6784] bridge_slave_0: entered allmulticast mode
[   77.239361][ T6784] bridge_slave_0: entered promiscuous mode
[   77.246912][ T6784] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.250514][ T6819] loop2: detected capacity change from 0 to 512
[   77.254010][ T6784] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.254238][ T6784] bridge_slave_1: entered allmulticast mode
[   77.274382][ T6784] bridge_slave_1: entered promiscuous mode
[   77.293109][ T6784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.304013][ T6784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.315844][ T6819] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.328582][ T6819] ext4 filesystem being mounted at /227/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.347281][ T6784] team0: Port device team_slave_0 added
[   77.354198][ T6784] team0: Port device team_slave_1 added
[   77.359992][ T6819] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[   77.383534][ T6784] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.390546][ T6784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.416704][ T6784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.441637][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.448722][ T6784] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.457750][ T6784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.483873][ T6784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.534115][ T6784] hsr_slave_0: entered promiscuous mode
[   77.541862][ T6784] hsr_slave_1: entered promiscuous mode
[   77.548667][ T6784] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   77.556410][ T6784] Cannot create hsr debugfs directory
[   77.633096][ T6838] loop2: detected capacity change from 0 to 1024
[   77.640545][ T6838] EXT4-fs: Ignoring removed nobh option
[   77.672349][ T6838] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.724875][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.748809][ T6784] netdevsim netdevsim7 netdevsim0: renamed from eth0
[   77.777375][ T6784] netdevsim netdevsim7 netdevsim1: renamed from eth1
[   77.794795][ T6784] netdevsim netdevsim7 netdevsim2: renamed from eth2
[   77.826557][ T6784] netdevsim netdevsim7 netdevsim3: renamed from eth3
[   77.913718][ T6784] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.928040][ T6784] 8021q: adding VLAN 0 to HW filter on device team0
[   77.951682][ T4098] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.958800][ T4098] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.998391][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.999377][ T6873] Cannot find add_set index 0 as target
[   78.005500][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.028488][ T6784] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   78.058220][ T6874] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[   78.116982][ T6784] 8021q: adding VLAN 0 to HW filter on device batadv0
[   78.149832][ T6896] loop5: detected capacity change from 0 to 2048
[   78.160290][ T6900] xt_hashlimit: max too large, truncated to 1048576
[   78.187854][ T6905] __nla_validate_parse: 23 callbacks suppressed
[   78.187911][ T6905] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1169'.
[   78.212648][ T6896]  loop5: p1 < > p4
[   78.221521][ T6896] loop5: p4 size 8388608 extends beyond EOD, truncated
[   78.285002][ T6917] FAULT_INJECTION: forcing a failure.
[   78.285002][ T6917] name failslab, interval 1, probability 0, space 0, times 0
[   78.297791][ T6917] CPU: 0 UID: 0 PID: 6917 Comm: +}[@ Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[   78.309545][ T6917] Tainted: [W]=WARN
[   78.313400][ T6917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   78.323499][ T6917] Call Trace:
[   78.326789][ T6917]  <TASK>
[   78.329736][ T6917]  dump_stack_lvl+0xf2/0x150
[   78.334454][ T6917]  dump_stack+0x15/0x20
[   78.338657][ T6917]  should_fail_ex+0x223/0x230
[   78.343421][ T6917]  ? security_inode_alloc+0x37/0x100
[   78.348739][ T6917]  should_failslab+0x8f/0xb0
[   78.353365][ T6917]  kmem_cache_alloc_noprof+0x4c/0x290
[   78.358776][ T6917]  security_inode_alloc+0x37/0x100
[   78.363968][ T6917]  inode_init_always_gfp+0x444/0x490
[   78.369341][ T6917]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   78.374919][ T6917]  alloc_inode+0x82/0x160
[   78.379258][ T6917]  new_inode+0x1e/0x100
[   78.383432][ T6917]  shmem_get_inode+0x24e/0x710
[   78.388276][ T6917]  __shmem_file_setup+0x127/0x1f0
[   78.393318][ T6917]  shmem_file_setup+0x3b/0x50
[   78.398125][ T6917]  __se_sys_memfd_create+0x31d/0x5c0
[   78.403587][ T6917]  __x64_sys_memfd_create+0x31/0x40
[   78.408799][ T6917]  x64_sys_call+0x2891/0x2d60
[   78.413534][ T6917]  do_syscall_64+0xc9/0x1c0
[   78.418092][ T6917]  ? clear_bhb_loop+0x55/0xb0
[   78.422792][ T6917]  ? clear_bhb_loop+0x55/0xb0
[   78.427521][ T6917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.433460][ T6917] RIP: 0033:0x7ffb2132e719
[   78.437898][ T6917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.457594][ T6917] RSP: 002b:00007ffb1ffa0e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   78.466051][ T6917] RAX: ffffffffffffffda RBX: 0000000000000631 RCX: 00007ffb2132e719
[   78.474062][ T6917] RDX: 00007ffb1ffa0ef0 RSI: 0000000000000000 RDI: 00007ffb213a1b9a
[   78.474084][ T6917] RBP: 0000000020001940 R08: 00007ffb1ffa0bb7 R09: 00007ffb1ffa0e40
[   78.474101][ T6917] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000140
[   78.474115][ T6917] R13: 00007ffb1ffa0ef0 R14: 00007ffb1ffa0eb0 R15: 0000000020000500
[   78.474136][ T6917]  </TASK>
[   78.550366][ T6930] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.576125][ T6784] veth0_vlan: entered promiscuous mode
[   78.585531][ T6784] veth1_vlan: entered promiscuous mode
[   78.612363][ T6784] veth0_macvtap: entered promiscuous mode
[   78.619611][ T6936] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1177'.
[   78.622295][ T6784] veth1_macvtap: entered promiscuous mode
[   78.642812][ T6930] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.662173][ T6784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.672713][ T6784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.682598][ T6784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.693125][ T6784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.703019][ T6784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.713580][ T6784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.715048][ T6939] loop5: detected capacity change from 0 to 8192
[   78.724806][ T6784] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.744948][ T6784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.755571][ T6784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.765527][ T6784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.776021][ T6784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.785994][ T6784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.796451][ T6784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.807273][ T6939] xt_hashlimit: max too large, truncated to 1048576
[   78.821767][ T6784] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.836822][ T6930] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.855395][ T6784] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.864229][ T6784] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.873105][ T6784] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.881897][ T6784] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.908268][ T6930] netdevsim netdevsim0 netdevsim0 (unregistering): left allmulticast mode
[   78.919076][ T6930] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   78.984895][ T6930] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.997612][ T6930] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.020927][ T6930] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.048101][ T6930] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.094033][ T6963] loop7: detected capacity change from 0 to 164
[   79.116278][ T6963] syz.7.1188: attempt to access beyond end of device
[   79.116278][ T6963] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[   79.131959][   T29] kauditd_printk_skb: 607 callbacks suppressed
[   79.131976][   T29] audit: type=1326 audit(1730632938.236:2706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6962 comm="syz.7.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6842c7e719 code=0x7ffc0000
[   79.178205][   T29] audit: type=1326 audit(1730632938.236:2707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6962 comm="syz.7.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6842c7e719 code=0x7ffc0000
[   79.201823][   T29] audit: type=1326 audit(1730632938.236:2708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6962 comm="syz.7.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f6842c7e719 code=0x7ffc0000
[   79.225301][   T29] audit: type=1326 audit(1730632938.236:2709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6962 comm="syz.7.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6842c7e719 code=0x7ffc0000
[   79.249109][   T29] audit: type=1326 audit(1730632938.236:2710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6962 comm="syz.7.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6842c7e719 code=0x7ffc0000
[   79.272812][   T29] audit: type=1326 audit(1730632938.236:2711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6962 comm="syz.7.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6842c7e719 code=0x7ffc0000
[   79.296241][   T29] audit: type=1326 audit(1730632938.236:2712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6962 comm="syz.7.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f6842c7e719 code=0x7ffc0000
[   79.320114][   T29] audit: type=1326 audit(1730632938.236:2713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6962 comm="syz.7.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6842c7e719 code=0x7ffc0000
[   79.343646][   T29] audit: type=1326 audit(1730632938.236:2714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6962 comm="syz.7.1188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6842c7e719 code=0x7ffc0000
[   79.367300][   T29] audit: type=1400 audit(1730632938.356:2715): avc:  denied  { getopt } for  pid=6976 comm="syz.5.1192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   79.378296][ T6979] loop7: detected capacity change from 0 to 128
[   79.398777][ T6977] loop5: detected capacity change from 0 to 512
[   79.407956][ T6977] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   79.410400][ T6979] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   79.416210][ T6977] EXT4-fs (loop5): orphan cleanup on readonly fs
[   79.431865][ T6979] ext4 filesystem being mounted at /2/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   79.442400][ T6977] EXT4-fs error (device loop5): ext4_acquire_dquot:6879: comm syz.5.1192: Failed to acquire dquot type 1
[   79.457886][ T6977] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1192: bg 0: block 40: padding at end of block bitmap is not set
[   79.473713][ T6977] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   79.483519][ T6977] EXT4-fs (loop5): 1 truncate cleaned up
[   79.489683][ T6977] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   79.534932][ T6784] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   79.544689][ T4162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.627492][ T7002] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1201'.
[   79.719537][ T7021] nfs4: Unknown parameter '
'
[   79.778925][ T7031] netlink: 'syz.0.1214': attribute type 4 has an invalid length.
[   79.800670][ T7031] netlink: 'syz.0.1214': attribute type 4 has an invalid length.
[   79.809903][ T7035] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1212'.
[   79.869602][ T7033] syzkaller0: entered allmulticast mode
[   79.878183][ T7036] syzkaller0 (unregistering): left allmulticast mode
[   79.897329][ T7047] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1219'.
[   79.906544][ T7047] netlink: 228 bytes leftover after parsing attributes in process `syz.2.1219'.
[   79.916641][ T7047] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1219'.
[   79.936618][ T7048] netlink: 'syz.0.1220': attribute type 1 has an invalid length.
[   79.948027][ T7038] loop7: detected capacity change from 0 to 128
[   79.954353][ T7048] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   79.961645][ T7048] IPv6: NLM_F_CREATE should be set when creating new route
[   79.972534][ T7051] netlink: 'syz.0.1220': attribute type 1 has an invalid length.
[   79.980622][ T7051] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   80.045076][ T7060] loop7: detected capacity change from 0 to 512
[   80.070621][ T7060] EXT4-fs (loop7): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   80.088124][ T7058] EXT4-fs error (device loop7): ext4_ext_check_inode:524: inode #15: comm syz.7.1223: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   80.097789][ T7064] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1225'.
[   80.152581][ T7059] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1223'.
[   80.186244][ T6784] EXT4-fs (loop7): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   80.239373][ T7074] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1230'.
[   80.359250][ T7088] vlan2: entered promiscuous mode
[   80.364634][ T7088] team0: Device vlan2 is already an upper device of the team interface
[   80.380925][ T7091] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[   80.427902][ T7096] loop5: detected capacity change from 0 to 512
[   80.449982][ T7096] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #15: comm syz.5.1239: corrupted in-inode xattr: invalid ea_ino
[   80.464039][ T7096] EXT4-fs error (device loop5): ext4_orphan_get:1393: comm syz.5.1239: couldn't read orphan inode 15 (err -117)
[   80.495647][ T7096] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.539279][ T7108] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[   80.547656][ T4162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.571426][ T7104] loop7: detected capacity change from 0 to 2048
[   80.590006][ T7112] syz.5.1245[7112] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.590201][ T7112] syz.5.1245[7112] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.601994][ T7112] syz.5.1245[7112] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.640283][ T7104] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.689715][ T7104] EXT4-fs (loop7): shut down requested (0)
[   80.708843][ T6784] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.747067][ T7130] loop7: detected capacity change from 0 to 512
[   80.792384][ T7130] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.1253: invalid indirect mapped block 256 (level 2)
[   80.813090][ T7130] EXT4-fs (loop7): 2 truncates cleaned up
[   80.834408][ T7130] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.919797][ T6784] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.055051][ T7146] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[   81.397568][ T7198] bridge0: port 3(macvlan2) entered blocking state
[   81.404417][ T7198] bridge0: port 3(macvlan2) entered disabled state
[   81.411248][ T7198] macvlan2: entered allmulticast mode
[   81.416676][ T7198] bridge0: entered allmulticast mode
[   81.422595][ T7198] macvlan2: left allmulticast mode
[   81.427749][ T7198] bridge0: left allmulticast mode
[   81.513072][ T7203] macvtap0: entered promiscuous mode
[   81.519109][ T7203] macvtap0: left promiscuous mode
[   81.577707][ T7224] tipc: Started in network mode
[   81.582927][ T7224] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[   81.597266][ T7224] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000
[   81.605701][ T7224] tipc: Enabled bearer <udp:syz0>, priority 10
[   81.632645][ T7232] loop7: detected capacity change from 0 to 512
[   81.644231][ T7232] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.771825][ T7248] loop7: detected capacity change from 0 to 1024
[   81.804707][ T7252] loop7: detected capacity change from 0 to 512
[   81.811328][ T7252] EXT4-fs: dax option not supported
[   81.822898][ T7247] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   81.824081][ T7252] loop7: detected capacity change from 0 to 1024
[   81.840252][ T7252] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   81.851318][ T7252] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[   81.861198][ T7252] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   81.871768][ T7252] EXT4-fs error (device loop7): ext4_get_journal_inode:5762: comm +}[@: inode #1: comm +}[@: iget: illegal inode #
[   81.884236][ T7252] EXT4-fs (loop7): no journal found
[   81.889447][ T7252] EXT4-fs (loop7): can't get journal size
[   81.896289][ T7252] EXT4-fs (loop7): failed to initialize system zone (-22)
[   81.903564][ T7252] EXT4-fs (loop7): mount failed
[   82.286860][ T7276] netlink: 'syz.7.1312': attribute type 10 has an invalid length.
[   82.297127][ T7276] batman_adv: batadv0: Adding interface: team0
[   82.303353][ T7276] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.329131][ T7276] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   82.343125][ T7276] geneve2: entered promiscuous mode
[   82.348359][ T7276] geneve2: entered allmulticast mode
[   82.462015][ T7287] gre1: entered promiscuous mode
[   82.467120][ T7287] gre1: entered allmulticast mode
[   82.496179][ T7293] netlink: 'syz.2.1321': attribute type 4 has an invalid length.
[   82.508003][ T7293] netlink: 'syz.2.1321': attribute type 4 has an invalid length.
[   82.574929][ T7291] syz.0.1322[7291] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   82.574995][ T7291] syz.0.1322[7291] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   82.598973][ T7291] syz.0.1322[7291] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   82.610438][    T9] tipc: Node number set to 1
[   82.641919][ T7291] netlink: 'syz.0.1322': attribute type 10 has an invalid length.
[   82.660442][ T7291] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  101.499696][ T7339] usb usb1: usbfs: process 7339 (syz.0.1340) did not claim interface 0 before use
[  101.516998][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  101.517022][   T29] audit: type=1400 audit(1730632960.616:2900): avc:  denied  { create } for  pid=7338 comm="syz.5.1344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  101.562683][ T7346] __nla_validate_parse: 32 callbacks suppressed
[  101.562700][ T7346] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1345'.
[  101.569997][   T29] audit: type=1400 audit(1730632960.666:2901): avc:  denied  { write } for  pid=7338 comm="syz.5.1344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  101.578004][ T7346] netlink: 228 bytes leftover after parsing attributes in process `syz.2.1345'.
[  101.607763][ T7346] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1345'.
[  101.626357][ T7339] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1340'.
[  101.661512][   T29] audit: type=1400 audit(1730632960.706:2902): avc:  denied  { write } for  pid=7333 comm="syz.1.1341" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  101.747769][ T7365] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  101.756922][   T29] audit: type=1400 audit(1730632960.866:2903): avc:  denied  { checkpoint_restore } for  pid=7364 comm="syz.1.1353" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  101.790615][   T29] audit: type=1326 audit(1730632960.886:2904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.2.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[  101.803214][ T7372] FAULT_INJECTION: forcing a failure.
[  101.803214][ T7372] name failslab, interval 1, probability 0, space 0, times 0
[  101.826748][ T7372] CPU: 0 UID: 0 PID: 7372 Comm: syz.7.1356 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[  101.827208][   T29] audit: type=1326 audit(1730632960.886:2905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.2.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[  101.839016][ T7372] Tainted: [W]=WARN
[  101.839026][ T7372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  101.839041][ T7372] Call Trace:
[  101.839050][ T7372]  <TASK>
[  101.839059][ T7372]  dump_stack_lvl+0xf2/0x150
[  101.862437][   T29] audit: type=1326 audit(1730632960.886:2906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.2.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[  101.866207][ T7372]  dump_stack+0x15/0x20
[  101.876278][   T29] audit: type=1326 audit(1730632960.886:2907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.2.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=440 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[  101.879522][ T7372]  should_fail_ex+0x223/0x230
[  101.882462][   T29] audit: type=1326 audit(1730632960.886:2908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.2.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[  101.887019][ T7372]  ? __get_vm_area_node+0xf7/0x1b0
[  101.887048][ T7372]  should_failslab+0x8f/0xb0
[  101.910388][   T29] audit: type=1326 audit(1730632960.896:2909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7368 comm="syz.2.1354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7ba027e719 code=0x7ffc0000
[  101.914504][ T7372]  __kmalloc_cache_node_noprof+0x50/0x2b0
[  101.914551][ T7372]  __get_vm_area_node+0xf7/0x1b0
[  102.009862][ T7372]  __vmalloc_node_range_noprof+0x2c3/0xec0
[  102.015685][ T7372]  ? bpf_prog_alloc_no_stats+0x49/0x360
[  102.021296][ T7372]  ? mntput_no_expire+0x70/0x3c0
[  102.026250][ T7372]  ? avc_has_perm_noaudit+0x1cc/0x210
[  102.031649][ T7372]  ? selinux_capable+0x1f2/0x260
[  102.036697][ T7372]  ? bpf_prog_alloc_no_stats+0x49/0x360
[  102.042269][ T7372]  __vmalloc_noprof+0x5e/0x70
[  102.046992][ T7372]  ? bpf_prog_alloc_no_stats+0x49/0x360
[  102.052629][ T7372]  bpf_prog_alloc_no_stats+0x49/0x360
[  102.058081][ T7372]  ? bpf_prog_alloc+0x28/0x150
[  102.062864][ T7372]  bpf_prog_alloc+0x3a/0x150
[  102.067484][ T7372]  bpf_prog_load+0x4d1/0x1070
[  102.072186][ T7372]  ? __rcu_read_unlock+0x4e/0x70
[  102.077265][ T7372]  __sys_bpf+0x463/0x7a0
[  102.081522][ T7372]  __x64_sys_bpf+0x43/0x50
[  102.085985][ T7372]  x64_sys_call+0x2625/0x2d60
[  102.090678][ T7372]  do_syscall_64+0xc9/0x1c0
[  102.095213][ T7372]  ? clear_bhb_loop+0x55/0xb0
[  102.099933][ T7372]  ? clear_bhb_loop+0x55/0xb0
[  102.104628][ T7372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.110574][ T7372] RIP: 0033:0x7f6842c7e719
[  102.115037][ T7372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.134657][ T7372] RSP: 002b:00007f68418f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  102.143100][ T7372] RAX: ffffffffffffffda RBX: 00007f6842e35f80 RCX: 00007f6842c7e719
[  102.151208][ T7372] RDX: 0000000000000048 RSI: 00000000200017c0 RDI: 0000000000000005
[  102.159186][ T7372] RBP: 00007f68418f7090 R08: 0000000000000000 R09: 0000000000000000
[  102.167162][ T7372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.175258][ T7372] R13: 0000000000000001 R14: 00007f6842e35f80 R15: 00007ffe39d1eef8
[  102.183320][ T7372]  </TASK>
[  102.186437][ T7372] syz.7.1356: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[  102.202636][ T7372] CPU: 0 UID: 0 PID: 7372 Comm: syz.7.1356 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[  102.214829][ T7372] Tainted: [W]=WARN
[  102.218647][ T7372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  102.228748][ T7372] Call Trace:
[  102.232051][ T7372]  <TASK>
[  102.234998][ T7372]  dump_stack_lvl+0xf2/0x150
[  102.239686][ T7372]  dump_stack+0x15/0x20
[  102.243854][ T7372]  warn_alloc+0x145/0x1b0
[  102.248200][ T7372]  __vmalloc_node_range_noprof+0x2e8/0xec0
[  102.254070][ T7372]  ? mntput_no_expire+0x70/0x3c0
[  102.259028][ T7372]  ? avc_has_perm_noaudit+0x1cc/0x210
[  102.264454][ T7372]  ? selinux_capable+0x1f2/0x260
[  102.269416][ T7372]  ? bpf_prog_alloc_no_stats+0x49/0x360
[  102.275093][ T7372]  __vmalloc_noprof+0x5e/0x70
[  102.279784][ T7372]  ? bpf_prog_alloc_no_stats+0x49/0x360
[  102.285427][ T7372]  bpf_prog_alloc_no_stats+0x49/0x360
[  102.290874][ T7372]  ? bpf_prog_alloc+0x28/0x150
[  102.295710][ T7372]  bpf_prog_alloc+0x3a/0x150
[  102.300321][ T7372]  bpf_prog_load+0x4d1/0x1070
[  102.305080][ T7372]  ? __rcu_read_unlock+0x4e/0x70
[  102.310070][ T7372]  __sys_bpf+0x463/0x7a0
[  102.314331][ T7372]  __x64_sys_bpf+0x43/0x50
[  102.318772][ T7372]  x64_sys_call+0x2625/0x2d60
[  102.323477][ T7372]  do_syscall_64+0xc9/0x1c0
[  102.327995][ T7372]  ? clear_bhb_loop+0x55/0xb0
[  102.332686][ T7372]  ? clear_bhb_loop+0x55/0xb0
[  102.337403][ T7372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.343328][ T7372] RIP: 0033:0x7f6842c7e719
[  102.347750][ T7372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.367377][ T7372] RSP: 002b:00007f68418f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  102.375828][ T7372] RAX: ffffffffffffffda RBX: 00007f6842e35f80 RCX: 00007f6842c7e719
[  102.383809][ T7372] RDX: 0000000000000048 RSI: 00000000200017c0 RDI: 0000000000000005
[  102.391787][ T7372] RBP: 00007f68418f7090 R08: 0000000000000000 R09: 0000000000000000
[  102.399777][ T7372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.407752][ T7372] R13: 0000000000000001 R14: 00007f6842e35f80 R15: 00007ffe39d1eef8
[  102.415740][ T7372]  </TASK>
[  102.418809][ T7372] Mem-Info:
[  102.422112][ T7372] active_anon:6926 inactive_anon:2 isolated_anon:0
[  102.422112][ T7372]  active_file:8199 inactive_file:10196 isolated_file:0
[  102.422112][ T7372]  unevictable:0 dirty:54 writeback:29
[  102.422112][ T7372]  slab_reclaimable:2885 slab_unreclaimable:15452
[  102.422112][ T7372]  mapped:20479 shmem:462 pagetables:677
[  102.422112][ T7372]  sec_pagetables:0 bounce:0
[  102.422112][ T7372]  kernel_misc_reclaimable:0
[  102.422112][ T7372]  free:1904987 free_pcp:3757 free_cma:0
[  102.466966][ T7372] Node 0 active_anon:27820kB inactive_anon:8kB active_file:32796kB inactive_file:40784kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:81916kB dirty:216kB writeback:0kB shmem:1848kB writeback_tmp:0kB kernel_stack:2960kB pagetables:2824kB sec_pagetables:0kB all_unreclaimable? no
[  102.494776][ T7372] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  102.521640][ T7372] lowmem_reserve[]: 0 2866 7844 0
[  102.526793][ T7372] Node 0 DMA32 free:2950376kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953908kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:3532kB free_cma:0kB
[  102.555622][ T7372] lowmem_reserve[]: 0 0 4978 0
[  102.560442][ T7372] Node 0 Normal free:4662404kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:27820kB inactive_anon:8kB active_file:32796kB inactive_file:40784kB unevictable:0kB writepending:216kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:11180kB local_pcp:5644kB free_cma:0kB
[  102.590785][ T7372] lowmem_reserve[]: 0 0 0 0
[  102.595425][ T7372] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  102.608323][ T7372] Node 0 DMA32: 4*4kB (M) 1*8kB (M) 1*16kB (M) 4*32kB (M) 3*64kB (M) 3*128kB (M) 2*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950376kB
[  102.624524][ T7372] Node 0 Normal: 1687*4kB (UME) 1215*8kB (UM) 837*16kB (UM) 463*32kB (UME) 254*64kB (UME) 153*128kB (UM) 68*256kB (UME) 91*512kB (UME) 92*1024kB (UME) 66*2048kB (UME) 1047*4096kB (UM) = 4662404kB
[  102.643987][ T7372] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  102.653854][ T7372] 18859 total pagecache pages
[  102.658551][ T7372] 2 pages in swap cache
[  102.662771][ T7372] Free swap  = 124444kB
[  102.666932][ T7372] Total swap = 124996kB
[  102.671127][ T7372] 2097051 pages RAM
[  102.675041][ T7372] 0 pages HighMem/MovableOnly
[  102.679723][ T7372] 80182 pages reserved
[  102.763594][ T7398] netlink: 'syz.7.1366': attribute type 10 has an invalid length.
[  102.789251][ T7398] team0: Device hsr_slave_0 failed to register rx_handler
[  102.793071][ T7403] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1368'.
[  102.805599][ T7403] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1368'.
[  102.854174][ T7400] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1367'.
[  102.893543][ T7400] usb usb8: usbfs: process 7400 (syz.0.1367) did not claim interface 0 before use
[  102.998890][ T7418] loop5: detected capacity change from 0 to 512
[  102.999252][ T7412] loop7: detected capacity change from 0 to 512
[  103.013822][ T7418] EXT4-fs: Ignoring removed nobh option
[  103.040728][ T7418] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  103.050723][ T7418] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.1375: attempt to clear invalid blocks 2 len 1
[  103.066004][ T7418] EXT4-fs (loop5): Remounting filesystem read-only
[  103.073099][ T7418] EXT4-fs (loop5): 1 truncate cleaned up
[  103.079302][ T7418] EXT4-fs mount: 4 callbacks suppressed
[  103.079375][ T7418] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.099673][ T7418] SELinux: (dev loop5, type ext4) getxattr errno 5
[  103.110748][ T7418] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.127061][ T7412] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.139830][ T7412] ext4 filesystem being mounted at /61/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  103.616640][ T6784] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.635932][ T7451] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.1382' sets config #1633771873
[  103.677568][ T7456] netlink: 'syz.7.1383': attribute type 10 has an invalid length.
[  103.699393][ T7456] team0: Failed to send options change via netlink (err -105)
[  103.707008][ T7456] team0: Port device netdevsim1 added
[  103.734231][ T7461] usb usb7: usbfs: process 7461 (syz.1.1384) did not claim interface 0 before use
[  103.768740][ T7469] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1387'.
[  103.783904][ T7469] bridge0: port 3(macvlan2) entered blocking state
[  103.790512][ T7469] bridge0: port 3(macvlan2) entered disabled state
[  103.797666][ T7469] macvlan2: entered allmulticast mode
[  103.803170][ T7469] bridge0: entered allmulticast mode
[  103.809186][ T7469] macvlan2: left allmulticast mode
[  103.814444][ T7469] bridge0: left allmulticast mode
[  103.897824][ T7483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1392'.
[  103.936493][ T7487] loop7: detected capacity change from 0 to 512
[  103.954765][ T7487] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.968563][ T7490] netlink: 'syz.0.1395': attribute type 10 has an invalid length.
[  103.980631][ T7487] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  104.014981][ T6784] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.127925][ T7517] loop7: detected capacity change from 0 to 512
[  104.154872][ T7517] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.175045][ T7517] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  104.282710][ T6784] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.314439][ T7536] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1407'.
[  104.328524][ T7538] netlink: 'syz.7.1406': attribute type 29 has an invalid length.
[  104.337165][ T7538] netlink: 'syz.7.1406': attribute type 29 has an invalid length.
[  104.421485][ T7549] loop7: detected capacity change from 0 to 512
[  104.433520][ T7549] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec01c, mo2=0002]
[  104.442713][ T7549] System zones: 0-2, 18-18, 34-34
[  104.448548][ T7549] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.1410: bg 0: block 248: padding at end of block bitmap is not set
[  104.472478][ T7549] EXT4-fs error (device loop7): ext4_acquire_dquot:6879: comm syz.7.1410: Failed to acquire dquot type 1
[  104.484811][ T7549] EXT4-fs (loop7): 1 truncate cleaned up
[  104.490877][ T7549] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.503660][ T7549] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.548487][ T6784] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.786682][ T7573] tap0: tun_chr_ioctl cmd 1074025677
[  104.801812][ T7573] tap0: linktype set to 821
[  104.824076][ T7576] loop7: detected capacity change from 0 to 1024
[  104.831083][ T7576] EXT4-fs: Ignoring removed orlov option
[  104.836982][ T7576] EXT4-fs: Ignoring removed nomblk_io_submit option
[  104.844333][ T7576] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  104.855429][ T7576] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[  104.867118][ T7576] EXT4-fs (loop7): invalid journal inode
[  104.874255][ T7576] EXT4-fs (loop7): can't get journal size
[  104.893726][ T7576] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.938833][ T6784] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.112756][ T7585] hsr_slave_0: left promiscuous mode
[  105.118760][ T7585] hsr_slave_1: left promiscuous mode
[  105.301935][ T7616] loop5: detected capacity change from 0 to 512
[  105.320218][ T7618] ebtables: ebtables: counters copy to user failed while replacing table
[  105.330637][ T7616] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.343858][ T7616] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.357112][ T7616] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  105.365776][ T7616] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  105.416276][ T7627] x_tables: eb_tables: nflog.0 target: invalid size 80 (kernel) != (user) 0
[  105.439587][ T7578] ==================================================================
[  105.447685][ T7578] BUG: KCSAN: assert: race in dequeue_entities+0x6df/0x760
[  105.454899][ T7578] 
[  105.457227][ T7578] race at unknown origin, with assert no writes to 0xffff888115e3a168 of 4 bytes by task 7578 on cpu 0:
[  105.468335][ T7578]  dequeue_entities+0x6df/0x760
[  105.473207][ T7578]  pick_next_task_fair+0x7d/0x410
[  105.478262][ T7578]  __schedule+0x3a4/0x940
[  105.482607][ T7578]  schedule+0x55/0xc0
[  105.486604][ T7578]  do_nanosleep+0xa3/0x300
[  105.491034][ T7578]  hrtimer_nanosleep+0xc4/0x1c0
[  105.495904][ T7578]  common_nsleep+0x68/0x90
[  105.500330][ T7578]  __se_sys_clock_nanosleep+0x20a/0x240
[  105.505891][ T7578]  __x64_sys_clock_nanosleep+0x55/0x70
[  105.511373][ T7578]  x64_sys_call+0x253f/0x2d60
[  105.516065][ T7578]  do_syscall_64+0xc9/0x1c0
[  105.520604][ T7578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.526520][ T7578] 
[  105.528846][ T7578] value changed: 0x00000000 -> 0x00000001
[  105.534565][ T7578] 
[  105.536893][ T7578] Reported by Kernel Concurrency Sanitizer on:
[  105.543046][ T7578] CPU: 0 UID: 0 PID: 7578 Comm: syz.7.1419 Tainted: G        W          6.12.0-rc5-syzkaller-00299-g11066801dd4b #0
[  105.555210][ T7578] Tainted: [W]=WARN
[  105.559013][ T7578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  105.569075][ T7578] ==================================================================
[  105.988225][ T4162] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.