last executing test programs:

1m31.891639508s ago: executing program 4 (id=3094):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r1, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r1, &(0x7f0000000d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60010020, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
fchdir(r4)
open(&(0x7f00000003c0)='.\x00', 0x800, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='map_files\x00')
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000002f00), 0x80401, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000280)='fd/3\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r8, &(0x7f0000000240)={0x80000011})
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r8, &(0x7f0000000c40))
getdents(r7, &(0x7f0000000040)=""/215, 0xd7)

1m31.033067668s ago: executing program 4 (id=3104):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f0000001cc0)='rxrpc_rx_rwind_change\x00', r4, 0x0, 0x3}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r6 = socket$inet6(0x10, 0x3, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r8, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f815108f6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a", 0xffe}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x36}}, @ip_tos_u8={{0x11, 0x29, 0x3b}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @loopback}}}], 0x50}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f00000001c0)=@framed={{}, [@map_idx_val={0x18, 0x5, 0x6, 0x0, 0x40008, 0x0, 0x0, 0x0, 0x2}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000001d00)='ufshcd_clk_scaling\x00', r9, 0x0, 0xfffffffffffffffe}, 0x18)
r10 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x1c, 0x140f, 0x1, 0x70bd25, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x9, 0x45, 'issm\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000840}, 0x4004804)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r7}, 0x10)
sendto$inet6(r6, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r11}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='+}[@\x00G5\v\x89n\xb2\x0e\xb7\xb4\x9a\xb3\xb9\xe1\xff@`\x87\xefy\xb7\xe0\xe6c\x91\x81ND\t3\xc4\xca\xf0\xd0Zp\xadbdY\xdcz\xc6lo\xd0\xc7\'CT')
r12 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r12, 0x84, 0x81, &(0x7f00000002c0)="1ae96d0103010000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r12, 0x84, 0x17, &(0x7f0000000000)=ANY=[], 0xffc9)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000020000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x15c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@rand_addr=' \x01\x00', @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x6c, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x9, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0xa, 0x0, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @offload={0xc, 0x1c, {r2, 0x3}}]}, 0x15c}, 0x1, 0x0, 0x0, 0xc84}, 0x2000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x7, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="b4000000000000007910480000000000a600ffff800000f195007400000000008b26680991cf7be46e92ba4de27a4391c3b6f3fc34b23fb6589be2ac17c158b20730d0e4a5e2"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x20000000}, 0x94)

1m30.982213892s ago: executing program 4 (id=3105):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
setresgid(0x0, 0xee01, 0xffffffffffffffff)
keyctl$session_to_parent(0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000980)='kfree\x00', r3}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff})
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newtaction={0xbc, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0xa8, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x10001, 0x0, 0x10000000, 0x0, 0x4}, 0x3, r6}}]}, {0x4, 0xa}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_mpls={0x54, 0x2, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_TC={0x5, 0x6, 0x5}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x3, 0x8, 0x6, 0x0, 0xf4a}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xbc}}, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r2)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRES16=r7, @ANYBLOB="010028bd7000fcdbdf2511000000180001801400020064756d6d793000"/38], 0x2c}, 0x1, 0x0, 0x0, 0x8801}, 0x30040004)
r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r9 = fcntl$dupfd(r8, 0x0, r8)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r11 = socket(0x400000000010, 0x3, 0x0)
r12 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r13, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
read$usbfs(r9, &(0x7f0000001040)=""/192, 0xc0)
write$tun(r9, &(0x7f0000000400)=ANY=[], 0xa2)

1m30.055089077s ago: executing program 4 (id=3113):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
socket(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x5)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00')
preadv(r2, &(0x7f0000000280)=[{&(0x7f0000000500)=""/181, 0xb5}], 0x1, 0x200000, 0xffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000980)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000400000000"], 0x0, 0x0, 0xffdd}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x80c8d0, &(0x7f0000000140)=ANY=[], 0x1, 0x34f, &(0x7f00000004c0)="$eJzs3M1vG0UYx/FfjO04qZr1AYE4oD4SF7isknDigrBQKyEiUYUa8SIhts0GrCx25LWCjBBpT1w4IP4IDlWPvVWC/gO5cOOAuHDLBYkDPSAWed+8bpzEdes2L9+PVO00M8/ubGazemalmf0Pf/hyazN0N72eSjXTnCQ9kOoqKTOXHktxuaq6hm7qtQt///by+x99/G5jbe3yutmVxrXXV81s6dLPX32zkDa7N6+9+qf7f63+uffC3kv7/137ohVaK7R2p2eeXe/80fOuB75ttMIt1+xq4Huhb6126HeT+mhXCnzbDDrb233z2gsXF7e7fhia1+7blt+3Xsd63b55n3uttrmuaxcXdbz5CdqcZc3b6+teI/3PG889WvCNWfQIjyca80h3uw1vMLYLB2qat59OrwAAwEmS5v95tl8apPTH5P9Fef5fTvL/3yUV8v879fu9Cx/cXUrz/3vVQf4vFfL/z/JT1WQbpTz/r0ka5v+dZH6Q5/8bTyb/P5gRnW7fjw6OoigvVse1H8n/cUYN8v/F9O83duuTO8txgfwfAAAAAAAAAAAAAAAAAAAAAIDT4EEUOVEUOckxWwEeOfPxghwpSusPCX/EJeM4aUbHf/hvwvHHKTfcuKO8JAXf7TR3mskxbXBfUiBfy3L0b/w8pAbl6k0rrqL7JdhN43d3msmrobGpVhy/Ikf1h+Oj6Mo7a5dXzLJdCwrxFS0W41fl6Hlpfkz8qiXy61cGx6pefaUQ78rRrzfUUaCNdGVcFv/titnb763ZaP8X4nYAAAAAAJwFruXq2fy3uIWg6x6sT+bHSX0yvy5r/PeBZH69/PD8PI4vq1R+VncNAAAAAMD5Eva/3vKCwO/OqHBL0lFtyprN1YffMCaNyjbIPaTNnOaefFdrkuJCdvHpzjPo2xRXr4ytqkz0GytN1dVL1ckHpXpoVfbZ6LBwXZ1mLCInHYvHGNMXf/zpn6PbJF/GpElO+Obd2jF3esQjUT6qTfW4O62MvCRKs30HAQAAAHg6hkl/9pO3pMqz7RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOfNrPf/K+4sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJx3/wcAAP//QOD4ig==")
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r6, &(0x7f0000000f80)=""/4096, 0x1000)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
shmget$private(0x0, 0x2000, 0x400, &(0x7f0000ffc000/0x2000)=nil)

1m29.996899632s ago: executing program 4 (id=3115):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100000006000000080000000800000040000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000ff00"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe24}, {0x0, 0x4000}, {0x0}, {0x0}, {&(0x7f00000020c0), 0x500}], 0x5}, 0x0)
mq_timedsend(0xffffffffffffffff, &(0x7f0000000600), 0x0, 0x6, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f000001d600)=""/102389, 0x18ff5, 0x0, 0x0)
mkdir(&(0x7f0000000200)='./file0\x00', 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='hrtimer_start\x00', r5}, 0x18)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x3}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r7, &(0x7f0000000380)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000005c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="140106000000006e8c60c2a4d8f4d1b69fcf369fbd0000000047000005"], 0x14}, 0x1, 0x0, 0x0, 0x405}, 0x4008000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x3e749129cdf9ca7c, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)

1m28.596934905s ago: executing program 4 (id=3125):
socket(0x1f, 0x3, 0x6)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, 0x1412, 0x11c, 0x70bd2a, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x48891)
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000700000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'veth1_virt_wifi\x00', &(0x7f0000000680)=@ethtool_perm_addr})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0xfc, 0x550, &(0x7f0000001780)="$eJzs3c9vHFcdAPDvTHYTJ3G6LnCASi2FFiUVZDeuaWtxKEVCcKqEKJyDsTeWlbU3yq7b2KrA+QuQEAIkTnDhgsQfgFRF4sKxQqoEZ5CKQIimIMEBOmh3Z9dhM2uvy/pH1p+PNJ733uzM971dz483M5oJ4NR6OiJeiYgPsix7LiIqeXmaD7HTGzqfe//+m8udIYkse+1vSSR52fAyL+azzUTE178a8e3k4bitre2bS41GqZ+vtddv1Vpb21fX1pdW66v1jYWF+RcXX1p8YfFaxFv/fzsvRcTLX/7TD7/386+8/Nbn3vjj9b9c+U6nWrP59KJ2jKm018Re08vnZoZmuP0hg51EnfaU+5nz481z9xDrAwDAaJ1j/I9ExKcj4rmoxJm9D2cBAACAR1D2xdn4dxKRFTs7ohwAAAB4hKTde2CTtJrfCzAbaVqt9u7h/VhcSBvNVvuzN5qbGyu9e2XnopzeWGvUr+X3Cs9FOenk57vp3fzzQ/mFiHg8In5QOd/NV5ebjZXjPvkBAAAAp8TFof7/Pyq9/j8AAAAwZeb2nlw5qnoAAAAAh2ef/j8AAAAwBfT/AQAAYKp97dVXO0PWf//1yutbmzebr19dqbduVtc3l6vLzdu3qqvN5mr3mX3r+y2v0Wze+nxsbN6pteutdq21tX19vbm50b6+FjNH0iAAAADgIY9/8t7vk4jY+cL57tBx9rgrBRyJ0iCV5OOCtf8Pj/XG7x5RpYAjcWbklHSQevdc8SccJ8CjrTRcMGJdB6ZP+bgrABy7ZJ/pQzfvXBik3s7Hn5p8nQAAgMm6/Ini6/+jrwv07aRHUD3gEFmJ4fQa2s9n3vUDp0f3+v+4N/I4WICpUh6jpw9MtwNe/9/19rgRsuxAFQIAACZutjskaTU/vTcbaVqtRlzqvhagnNxYa9SvRcRjEfG7SvlcJz/fnTPZt88AAAAAAAAAAAAAAAAAAAAAAAAAAPRkWRIZAAAAMNUi0j8nv+49y/9y5dnZ4fMDZ5N/dV8JfDYi3vjJaz+6s9Ru357vlL83KG//OC9//jjOYAAAAADD+v307vifx10bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKbN+/ffXO4PY3z8/KTi/vVLETFXFL8UM93xTJQj4sLfkyg9MF8SEWcmEH/nbkR8vCh+0qnWIGRR/El8CfvEj7n8WyiKf3EC8eE0u9fZ/rxStP6l8XR3XLz+lSL+J/9hjd7+xWD7d2bE+n9pzBhPvPPL2sj4dyOeKBVvf/rxkxHxnxkz/re+sb09alr204jL/f1Pd4s3iDDzYKxae/1WrbW1fXVtfWm1vlrfWFiYf3HxpcUXFq/Vbqw16vnfwhjff/JXH+zV/guF+78kr83o9j9bsLyifdJ/3rlz/6P9zM7D8a88UxD/Nz/LP5HHT3bnSfM4n8nTSSSD8mSn930+6Klf/Papvdq/stv+8kF+/yujFjrsoRXlyXH/dQCAQ9Da2r651GjUb09totNLPwHVOPREVun9oielPkOJb753Av/ZvjvRBWZZlnV+gYJJ9yJinOUkMeGWpsX12U2M/FGOecMEAABM3O5B/2SupwMAAAAAAAAAAAAAAAAAAAAHdxRPWRuOufsI5GQSj9AGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJiI/wYAAP//in3QFg==")
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x6}, [@printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
socket$packet(0x11, 0x3, 0x300)
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x4}, &(0x7f00000000c0))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
accept(r5, 0x0, 0x0)

1m28.596402255s ago: executing program 32 (id=3125):
socket(0x1f, 0x3, 0x6)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, 0x1412, 0x11c, 0x70bd2a, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x48891)
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000700000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_RATE={0x6}]}, 0x90}}, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000080)={'veth1_virt_wifi\x00', &(0x7f0000000680)=@ethtool_perm_addr})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0xfc, 0x550, &(0x7f0000001780)="$eJzs3c9vHFcdAPDvTHYTJ3G6LnCASi2FFiUVZDeuaWtxKEVCcKqEKJyDsTeWlbU3yq7b2KrA+QuQEAIkTnDhgsQfgFRF4sKxQqoEZ5CKQIimIMEBOmh3Z9dhM2uvy/pH1p+PNJ733uzM971dz483M5oJ4NR6OiJeiYgPsix7LiIqeXmaD7HTGzqfe//+m8udIYkse+1vSSR52fAyL+azzUTE178a8e3k4bitre2bS41GqZ+vtddv1Vpb21fX1pdW66v1jYWF+RcXX1p8YfFaxFv/fzsvRcTLX/7TD7/386+8/Nbn3vjj9b9c+U6nWrP59KJ2jKm018Re08vnZoZmuP0hg51EnfaU+5nz481z9xDrAwDAaJ1j/I9ExKcj4rmoxJm9D2cBAACAR1D2xdn4dxKRFTs7ohwAAAB4hKTde2CTtJrfCzAbaVqt9u7h/VhcSBvNVvuzN5qbGyu9e2XnopzeWGvUr+X3Cs9FOenk57vp3fzzQ/mFiHg8In5QOd/NV5ebjZXjPvkBAAAAp8TFof7/Pyq9/j8AAAAwZeb2nlw5qnoAAAAAh2ef/j8AAAAwBfT/AQAAYKp97dVXO0PWf//1yutbmzebr19dqbduVtc3l6vLzdu3qqvN5mr3mX3r+y2v0Wze+nxsbN6pteutdq21tX19vbm50b6+FjNH0iAAAADgIY9/8t7vk4jY+cL57tBx9rgrBRyJ0iCV5OOCtf8Pj/XG7x5RpYAjcWbklHSQevdc8SccJ8CjrTRcMGJdB6ZP+bgrABy7ZJ/pQzfvXBik3s7Hn5p8nQAAgMm6/Ini6/+jrwv07aRHUD3gEFmJ4fQa2s9n3vUDp0f3+v+4N/I4WICpUh6jpw9MtwNe/9/19rgRsuxAFQIAACZutjskaTU/vTcbaVqtRlzqvhagnNxYa9SvRcRjEfG7SvlcJz/fnTPZt88AAAAAAAAAAAAAAAAAAAAAAAAAAPRkWRIZAAAAMNUi0j8nv+49y/9y5dnZ4fMDZ5N/dV8JfDYi3vjJaz+6s9Ru357vlL83KG//OC9//jjOYAAAAADD+v307vifx10bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKbN+/ffXO4PY3z8/KTi/vVLETFXFL8UM93xTJQj4sLfkyg9MF8SEWcmEH/nbkR8vCh+0qnWIGRR/El8CfvEj7n8WyiKf3EC8eE0u9fZ/rxStP6l8XR3XLz+lSL+J/9hjd7+xWD7d2bE+n9pzBhPvPPL2sj4dyOeKBVvf/rxkxHxnxkz/re+sb09alr204jL/f1Pd4s3iDDzYKxae/1WrbW1fXVtfWm1vlrfWFiYf3HxpcUXFq/Vbqw16vnfwhjff/JXH+zV/guF+78kr83o9j9bsLyifdJ/3rlz/6P9zM7D8a88UxD/Nz/LP5HHT3bnSfM4n8nTSSSD8mSn930+6Klf/Papvdq/stv+8kF+/yujFjrsoRXlyXH/dQCAQ9Da2r651GjUb09totNLPwHVOPREVun9oielPkOJb753Av/ZvjvRBWZZlnV+gYJJ9yJinOUkMeGWpsX12U2M/FGOecMEAABM3O5B/2SupwMAAAAAAAAAAAAAAAAAAAAHdxRPWRuOufsI5GQSj9AGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJiI/wYAAP//in3QFg==")
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x6}, [@printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
socket$packet(0x11, 0x3, 0x300)
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x4}, &(0x7f00000000c0))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
accept(r5, 0x0, 0x0)

4.627541065s ago: executing program 2 (id=4224):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)={0x1a8, 0x12, 0x8f08c34875fd4763, 0x70bd2d, 0x25dfdbff, {0x10, 0x7, 0x4, 0x0, {0x4e1d, 0x4e20, [0x9, 0x6, 0x8, 0x8], [0x4, 0xfffffff8, 0xffffffff, 0x7f], 0x0, [0x40, 0xffff0cdd]}, 0xc7a, 0x8000}, [@INET_DIAG_REQ_BYTECODE={0x32, 0x1, "72031708c8e4a71b6c045ae3d531e65abe3f8d19df6da852274b7d706592f02b567374d9bef9c847de5bb70be698"}, @INET_DIAG_REQ_BYTECODE={0xda, 0x1, "fc706871d6249cd2c64838e8f638ff6d0d86cf1e025769ad4f5f39bb1becbd6e0201b7fa0d02191cabdb773fa4308662dd1cb2f6838ae1d0457b848a2defd4fb6024cbce90d988ced5f46d6df95b01f32183a4919abaf0fd018b62e04b7c47dc49342e16fdb9eeeb27b234408f92c9481c47cbaac513fbe3ae269ff79eaff46cd8b7008ae42f4d09cd17ff3adeb4bb5f48a940eeda8ebe3e5cbfd0e65fd1bac7b409716f2f07b57a320fbef2851978236a6d83a203bf26346c63f0ced798f5c4359ba573bc908bbbdfd950c01d32dd4e015e0386b089"}, @INET_DIAG_REQ_BYTECODE={0x48, 0x1, "2e3dfec40abab8a7c5754767cb262077dfca49e2280b73abe1a8107478bcd156c8a13ab9a582f4755923470e41a9d44c3d04c8a25defcdfe61df3793f0552c2745176f7c"}, @INET_DIAG_REQ_BYTECODE={0x4}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x2008000}, 0x4010)

4.612116266s ago: executing program 2 (id=4225):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r2=>r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x3c7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a}, 0x94)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r3)
r4 = syz_usb_connect(0x4, 0x24, &(0x7f0000000bc0)=ANY=[@ANYRES32=r3, @ANYRESOCT=r2, @ANYRESOCT=r1, @ANYBLOB="4e780181497b2142311183176220eb09e83116efd64a56ce152dd84127e2a12b534cce065ec0878aa55104cb8df9a2a6440248c64d659b618d66050a26e104a5972c6a61c296d5b0ffd7558029dc967a85a289c316ba3ca4621999df32981c627b52363c1bdf37fd79d6116620b1010b4e5ac223314ea4ac539f021ef6a2bc", @ANYRES8], 0x0)
syz_usb_control_io(r4, &(0x7f0000000540)={0x2c, &(0x7f00000003c0)=ANY=[@ANYBLOB="00071600000016012620bf56c99929bc636f1b4e1aa72dade37c8123ffff000000000000323cffa73155b160f65129699924e3a338a3d7e00480d3cb2bedc3677aa1f7a25ae2b682711462a6049919fe0eabe2369e3cdb72b32565e23191a5808d97cb51"], &(0x7f0000000340)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x812}}, &(0x7f0000000d00)=ANY=[@ANYBLOB="000f2b000000050f2b000603100b03100b03100b0a1003f601000054ffff031024fe4c5c9b4d69c245ef07ec898b58780b10100a78010100000f1e070000c0000064e00ebff99d1d8142829f7c86e94591626894ea0d7afc2ee4b2c8ef90f05e45091b613dceb0ff01a59e7e9abbf13af6eaf5619d509a2cd66aec6dff93f487a80bde0b04ee0077bc392beeedc81eb5cd6b4ec79042ddbdf8ec4d165ded28ba24bbf934dd243660"], &(0x7f00000004c0)={0x20, 0x29, 0xf, {0xf, 0x29, 0x3, 0x3, 0x2, 0x3, "4d4b05b1", 'Jm$\"'}}, &(0x7f0000000500)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x2, 0x63, 0x8, 0x5, 0x93, 0x5, 0x1000}}}, &(0x7f0000000a00)={0x84, &(0x7f0000000c80)=ANY=[@ANYBLOB="40316300000018ff075a8cdc8c7193643cc5f1d9696769baae51aa57457058da4cc364377f1833208ef7f88b2325ee8f728f1c64a43d95e46d53580b88f777e3fe2a9abc129c1fbf2c5404e1384816d8b59e7bb9aa1d89978c23a2af1366608e20efa813eda9f4c627e122119d64c7438367a83ca0"], &(0x7f0000000600)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000000640)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000680)={0x20, 0x0, 0x4, {0x3}}, &(0x7f0000000ac0)=ANY=[@ANYBLOB="7979401411646efff4087bd2e6c46b77bcbeb4dae95c65c9c93aaefa5500ec1798fe75938992a3da1a6c4be3202cf20611218dbe6c2a2ce7e085165b20480405e0b9dfb2fb8577dc48d9968a8f928b50d33854e3fdbca4965ac64f98e8eba62c23aaad2595ccf9e6c30d166a9c43756c642914578514f3b492374579020613b138f19c8a753203aa2d92858c2056ef85a5e20a28"], &(0x7f0000000700)={0x40, 0x7, 0x2, 0x6}, &(0x7f0000000740)={0x40, 0x9, 0x1, 0x4}, &(0x7f0000000780)={0x40, 0xb, 0x2, "5518"}, &(0x7f00000007c0)={0x40, 0xf, 0x2, 0xd}, &(0x7f0000000800)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, &(0x7f0000000840)={0x40, 0x17, 0x6, @random="138c60da88f9"}, &(0x7f0000000880)={0x40, 0x19, 0x2, "0080"}, &(0x7f0000000000)={0x40, 0x1a, 0x2, 0xd}, &(0x7f0000000900)={0x40, 0x1c, 0x1, 0x5}, &(0x7f0000000940)={0x40, 0x1e, 0x1, 0x7}, &(0x7f0000000980)={0x40, 0x21, 0x1, 0x8b}})
ioctl$EVIOCRMFF(r3, 0x4004550a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
io_setup(0x8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700000000"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r9}, 0x10)
ioctl$VT_WAITACTIVE(0xffffffffffffffff, 0x5607)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0xc0)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x20000000)

4.528225503s ago: executing program 1 (id=4228):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x8}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001300)=@newtaction={0x18, 0x30, 0x12f, 0x0, 0x4, {}, [{0x4}]}, 0x18}}, 0x0)

3.221691559s ago: executing program 3 (id=4230):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r0, 0xa, 0x13)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r3 = syz_open_pts(r2, 0x0)
r4 = dup3(r3, r2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
sendmsg$tipc(r0, &(0x7f0000000640)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x2, 0x3}}, 0x10, &(0x7f0000000240)=[{&(0x7f00000003c0)="5e6eb006f9b283e40084d4610132fbf7f6097b37aa7b8872eee065713e49c348ea4cdcda384f4039afb35137049068106a365cc2880e360224d5ffbbfadcf8773a3ca1bf78818b8bb0a117e5e88a8ed6ded661ecb32f06803ce721f49e33fc5f442de4f7ab17ebbe13f2f03838daea8b029ef64de80a3178fd55798e90c4c6b35a36f306a97beb7e8554eba9f07c5165a88969c35f661486ad486f3a366743aa", 0xa0}, {&(0x7f00000001c0)="fd0a5294638f5232ed96d50ffdc85e2b163aec479880dbf2", 0x18}], 0x2, &(0x7f0000000480)="73f1058049e52b2695e05700e17e477eeab6b41b9c60e0e1ad7a4a45", 0x1c, 0x4040041}, 0x11)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r7}]}}}, @IFLA_MASTER={0x8, 0x3, r7}]}, 0x40}, 0x1, 0xd, 0x0, 0x4000000}, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000080)=0x11)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="d8000000190081054e81f783db4cb9040a1d080006007c02cdfc55a10a0017000600a42603600e12080006ba0474f701a8000100fe80ffff7f6f94007134cf6efb8000a007a290457f01890500277ce06bbaceac3c2fb14c2ee5a7a3aab62f00001fb71b14d6d930dfe1d9d322fe7c2e8771820d16a4683f5aeb4edbb5952a0f536ffd77500db798262f3d409c1f40cb9f92b74f51fad9e3bb9ad809d5e1cace0d81ed0b764434a19789bf0cffece0b4129ecbee5de6ccd4e1ffffffffc2c9b627430600007c388b0dd6e4edef3d93000020000000000000", 0xd8}], 0x1}, 0x0)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mem_disconnect\x00', r9}, 0x18)
fcntl$setlease(r0, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)

3.21647989s ago: executing program 1 (id=4232):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001080)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c8962ff01000000000000002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0090000000000000092d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f9bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973188fb47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000019009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5fd7102aead09a0d99bc34ab303dc4938afda"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x4, 0x401}, 0x10}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getresuid(&(0x7f0000000a40), &(0x7f0000000a80)=<r1=>0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001040)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x261db46d6aa896b9}, 0xc, &(0x7f0000001000)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="080400001500060525bd00000000df2520010000000000000000000000000001ac1414bb0000000000000000000000004e2300404e2400400200206d2fe8802c", @ANYRES32=<r2=>0x0, @ANYRES32=r1, @ANYBLOB="b26b6e000100000008001e00feffffffc2000800be0008000103b6008feeb7f3f5af3f5a93f035bdae84e428cbc2f2db4ea76f170f8c9e72ec5a04d8447b9ad1a1aaea60efe6cab189ea7c881d1a1bafdddf0f0ab2f7168b10b9064c7344ccc1e2a060d82fe3016ccbe9d063542d8ad86601d4514c762db22e284e2425f3803d1b645952abc3c37cbe49136f2ba24f18824ab013227004232030717f59dbe2b4034a58c14248c588ca9c82575543bdb1570894291843a3299fd858d0b6d05edb96682a3ba90635df6ebcd8f35dc6b9e817ae000024000900020000000000000000000000000000000600000000000000ce090000000000000a00100000000000000000000c0015005c0735000a000000080018000500000004010500e0000002000000000000000000000000000004d3ff0000000a000000fe8000000000000000000000000000bbff340000000305000700000002000000d7000000ff020000000000000000000000000001000004d23300000002000000ff020000000000000000000000000001ff34000004010000050000000200000000000000fc000000000000000000000000000001000004d5ff00000002000000fc020000000000000000000000000001000000000300030000000000f7ffffff00000000ffffffff000000000000000000000000000004d33c0000000a000000fe800000000000000000000000000021ff3400000401020005000000bd0d000006000000930008008f000800000d8700db8be2f38bf78b710e8c7523677d4856088fa0745f960ce4bc6d641b7f2c18f6582daebdab5fb1eb9d6e95f7013de236e60e791b8ceda88e61b908c70992646edea1b0374e955ae9895f8c90f357058936e56a29d7b7e11578025c1130eb90f3c7b584a7ac53207779e712f8451e96853f21138c7bb3d5c1ba4c68d3c1464545eeea98f2206e470008000c0008000000050112006573736976286d6f727573313238302d617678322c6372637431306469662d70636c6d756c290000000000000000000000000000000000000000000000000000c8050000c0000000b40389d29684397baede18a1b2713cb2ab26205956f10f2a5f0acde73e7834e4fdbd6c1407e0470a5dce8c426d2424b0ebdbb0323cfa1a50298267942d88879d0268462d584699593a2879c52c31c99e059f182946b7c7972302ebf637eaa3ab828a5beaebdca8987a46ca65a958925b41cf2160b5acb793aa03d539204a66565a5c7745202b5552db20f0d8cf7b7828628807338b53fb7aa4bea906de817d8144a4a62a5fb13b985b31b66f115445906c3625b0e8e86279c9000000"], 0x408}, 0x1, 0x0, 0x0, 0x40800}, 0x40)
socket(0x2, 0x80805, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r3 = shmget$private(0x0, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xc, 0xe, &(0x7f0000000940)=ANY=[@ANYRES32=r2, @ANYRESHEX=r3, @ANYBLOB], &(0x7f0000000340)='GPL\x00', 0xa, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="150a00000000000000180000000000000000000000000000009500"/40], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}, 0x94)
memfd_create(0x0, 0xe)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001d0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bbfbffa8499c69ac76dd752d00", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f8b)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x204000, 0x1000}, 0x20)
ioctl$sock_inet_SIOCGIFDSTADDR(r5, 0x8917, &(0x7f0000000200)={'syzkaller1\x00', {0x2, 0x0, @loopback}})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x4, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f00000008c0)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400006}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
semctl$SETALL(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000900)=[0x54])

3.173142913s ago: executing program 5 (id=4233):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={<r1=>0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={r1, @in={{0x2, 0x4e24, @private=0xa010101}}, 0x4, 0x4}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x3}, 0x18)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r6, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={0x0}}, 0x4)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x40, 0x103)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f0000000440), &(0x7f0000000180)=@v2={0x2000000, [{0x4, 0xfffffff7}, {0xfffffffd, 0x2}]}, 0x14, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r7}, &(0x7f0000000000), &(0x7f00000005c0)=r8}, 0x20)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x11)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x9)
r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendfile(r9, r10, 0x0, 0x7fffffffffffffff)
r11 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r11, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030c00000000000000000000000100090000000000030006006c0000000200000000000000000000000000800002000100000000000002060b00000000030005000000000002000000000000000000000000000000010018"], 0x60}, 0x1, 0x7}, 0x0)

2.979173398s ago: executing program 1 (id=4237):
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r0=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%+9llu \x00'}, 0x20)
ioctl$EXT4_IOC_GETFSUUID(r0, 0x8008662c, &(0x7f00000000c0))
fdatasync(r0)
socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_GET_BYINDEX(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0xf, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8}, [@IPSET_ATTR_INDEX={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000080}, 0x800)
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x6c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40010}, 0x40000)
r2 = fsopen(&(0x7f0000000340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, &(0x7f0000000380)={0x7, 0x7, 0x4, 0x3, 0x8})
r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$SNAPSHOT_GET_IMAGE_SIZE(r3, 0x8008330e, &(0x7f0000000400))
ioctl$BLKDISCARD(r3, 0x1277, &(0x7f0000000440)=0x3)
write$UHID_CREATE2(r3, &(0x7f0000000480)={0xb, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x8b, 0x101, 0xb3, 0x10000, 0x1ff, 0xb, "65bf39600a1ba36cf2d98caad8456ad27b13c191825a0974c193aff7db37040f7ed5f8d4421dcad3d6c2d5d407b3dea09b9df61f36071a6eba030ba5db49576cdf622556600293c002741f425183049dd5f845f76134716745973a550400dbeef5eea65cec8d649ef1294ac92a8fc80b6a602abef033e0b6656fdd03e92cfbfd428d74daa4e68ca166c755"}}, 0x1a3)
ioctl$BLKPBSZGET(r3, 0x127b, &(0x7f0000000640))
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
ioctl$PPPIOCSNPMODE(r4, 0x4008744b, &(0x7f00000006c0)={0xc029, 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000700)='ufshcd_exception_event\x00', r3, 0x0, 0x800}, 0x18)
io_uring_register$IORING_REGISTER_EVENTFD(r3, 0x4, &(0x7f0000000780)=r3, 0x1)
ioctl$BLKRAGET(r3, 0x1263, &(0x7f00000007c0))
ioctl$TUNSETLINK(r3, 0x400454cd, 0xd027c983d5217be1)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r5, 0x541b, &(0x7f0000000800))
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getresuid(&(0x7f0000000940)=<r7=>0x0, &(0x7f0000000980), &(0x7f00000009c0))
getgroups(0x3, &(0x7f0000000a00)=[0xffffffffffffffff, <r8=>0xee01, 0xee01])
stat(&(0x7f0000000a40)='./file0\x00', &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
r10 = getegid()
fsetxattr$system_posix_acl(r4, &(0x7f0000000840)='system.posix_acl_default\x00', &(0x7f0000000b40)={{}, {0x1, 0x5}, [{0x2, 0x5, r6}, {0x2, 0x6, r7}, {0x2, 0x2, 0xffffffffffffffff}], {0x4, 0x4}, [{0x8, 0x0, r8}, {0x8, 0x7}, {0x8, 0x7, 0xee01}, {0x8, 0x2, r9}, {0x8, 0x3, r10}, {0x8, 0x1}], {0x10, 0x2}, {0x20, 0x5}}, 0x6c, 0x2)

2.937752162s ago: executing program 1 (id=4238):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4000002}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x1000000000000}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000001000)=ANY=[@ANYBLOB], 0x0, 0x28}, 0x28)
r1 = msgget$private(0x0, 0x790)
msgsnd(r1, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x64, 0x1, 0x0, 0x0, 0x0, 0x210e, 0xc0002, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b80, 0x2, @perf_bp={&(0x7f0000000040), 0xe}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_flowlabel\x00')
pread64(r2, &(0x7f0000000580)=""/150, 0x8f, 0x4c00)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000280)={0x6, &(0x7f0000000100)=[{0x1, 0x4, 0x9, 0x2}, {0x20, 0x2, 0xd1, 0xbe}, {0x80, 0x2, 0xd, 0x3}, {0xfffd, 0x7, 0x9, 0x7d}, {0x2, 0x3, 0xff, 0x4}, {0x196, 0xc7, 0xfd, 0xf}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f0000000000)=0x2)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r4, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
msgctl$IPC_RMID(r1, 0x0)
close(0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_LINKMODE={0x5, 0x11, 0x1}, @IFLA_OPERSTATE={0x5, 0x10, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8010}, 0x4000000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
ppoll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x1}], 0x1, 0x0, 0x0, 0x4e)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)

2.498991698s ago: executing program 0 (id=4241):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={<r1=>0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={r1, @in={{0x2, 0x4e24, @private=0xa010101}}, 0x4, 0x4}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x3}, 0x18)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r6, &(0x7f0000002040)={0x0, 0x0, 0x0}, 0x4)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x40, 0x103)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f0000000440), &(0x7f0000000180)=@v2={0x2000000, [{0x4, 0xfffffff7}, {0xfffffffd, 0x2}]}, 0x14, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r7}, &(0x7f0000000000), &(0x7f00000005c0)=r8}, 0x20)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x11)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x9)
r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendfile(r9, r10, 0x0, 0x7fffffffffffffff)
r11 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r11, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030c00000000000000000000000100090000000000030006006c0000000200000000000000000000000000800002000100000000000002060b00000000030005000000000002000000000000000000000000000000010018"], 0x60}, 0x1, 0x7}, 0x0)

2.409947585s ago: executing program 3 (id=4242):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x8}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x208, 0x1}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000021000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001300)=@newtaction={0x18, 0x30, 0x12f, 0x0, 0x4, {}, [{0x4}]}, 0x18}}, 0x0)

2.296538424s ago: executing program 5 (id=4243):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
setresgid(0x0, 0xee01, 0xffffffffffffffff)
keyctl$session_to_parent(0x12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000980)='kfree\x00', r3}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff})
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newtaction={0xbc, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0xa8, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x10001, 0x0, 0x10000000, 0x0, 0x4}, 0x3, r6}}]}, {0x4, 0xa}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_mpls={0x54, 0x2, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_TC={0x5, 0x6, 0x5}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x3, 0x8, 0x6, 0x0, 0xf4a}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xbc}}, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r2)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRES16=r7, @ANYBLOB="010028bd7000fcdbdf2511000000180001801400020064756d6d793000"/38], 0x2c}, 0x1, 0x0, 0x0, 0x8801}, 0x30040004)
r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r9 = fcntl$dupfd(r8, 0x0, r8)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r11 = socket(0x400000000010, 0x3, 0x0)
r12 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r13, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
read$usbfs(r9, &(0x7f0000001040)=""/192, 0xc0)
write$tun(r9, &(0x7f0000000400)=ANY=[], 0xa2)

1.924807804s ago: executing program 1 (id=4244):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x8, 0x7fe2, 0x1}, 0x50)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@o_path={&(0x7f0000000000)='./file0\x00', 0x0, 0x0, r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x22, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40fff, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r6, 0x560a, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r7=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r7, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b7, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x800)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SG_IO(r9, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000300)='kfree\x00'}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000001080)=ANY=[@ANYBLOB="636865636b3d72656c617865642c696f636861727365743d69736f383835392d312c6f76657272696465726f636b7065726d2c646d6f64653d3078303030303030300030303030303030392c686964652c6f76657272696465726f636b7065726d2c636865636b3d7374726963742c6d61703d6f66662c6d6f64653d3078303030303030303030303030303030312c696f636861727365743d63703933322c6e6f726f636b2c646d6f64653d3078666666666666666666666666666366612c6d61703d6e6f72bf616c2c6d61703d61636f726e2c6d6f1c113d3078302330303030303030303030303030352c686964652c657569643e9bffbbc8dc0831f1f71752c0ec6370d60ec0e169761a3a8f175112119b57f387cea723b9c1ceb05c28c44fa818248d2baadc1b5d05f2db2b872312abba57baab497f38ff34f39d07", @ANYRESDEC=0x0, @ANYBLOB="2a6f62643d0000005bf0326d81ffd20fcf42a30c940a51bcd18823306e7e3ee979a4c894434bae1d58166ca4bb2d6c680ed740632236fce758c42606f698731d37082fdae73571e5bf50f41915843cb15476030d0a9ecf1ad5769f1d8c4dd6a5a79c49208dd5d5eb595c9325f4820780e5537bb0b9e756bc2d835b109eb921a2b9af1e3be57df99a3c32e234253fc7dc4caf02e999966a8cdf00d4233a721a07c0a6b21601a6820757da1df553cec59501", @ANYRESDEC=0xee01, @ANYBLOB=',func=FILE_CHECK,\x00'], 0x2, 0x9e8, &(0x7f0000000440)="$eJzs3c1vHOd9B/Dv8EWiaUOSbdV1BdtayZVM2yxFUrVUwYdWIlcSXb4UJAVY6MFyLaoQxNat3QK2UaAyUPRUowVa9JDcjJxyMuBLfAl8S27JKYcAgf8FIyflxGBml9SSXHJJhW+WPx9id+flN8/zm53Zebi7s/OE75alo6vGlpaq2yOO3/jxHmTMAXZl/JvPv/isvH16P4fSnTeKnyR9SWpJT5Lnk96x8dmZqQ4F3UtuJfk6KZIcTuNxS26l+O889XD86xQ/LOvd0KGtlkwnS3yv7ff+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1ExNj48PFIcysT0jbdrDUltnbHx2ZkiS0vr5ywv0/BV1et38VXHepOivKWvb7mr7+ePP5z9XJLa6bzQGHuh6pA8ffnkyeeOvflsT9fy8htl8wc5vPViP/z4k3vvLi4ufLAriRx81+rTE3MzE1OXr9VrE3MztUsXLgyfu351rnZ1YrI+d3Nuvj5VG5utX56fma0NjL1aG7l06XytPnRz5sb0tfGhyfryxIt/Njo8fKH21tDf1C/Pzs1Mn3traG7s+sTk5MT0tSqmnF3GXCx3xL+emK/N1y9P1Wp37i4unF+TU3fW7L9l0EinNSmDRjsFjQ6Pjo6MjI6OfNrsPXtlwoU3Lr1xcXi4Z3iNrIvYpZ2Wg+WJjTfzzh/E4RF1Ndr/ZDITmc6NvJ1a27+xjGc2M5naYH7Tcvt/5lx903pb2/9mK9/TMvtEeXc6LzVH+zZo/zfIZe/+PszH+ST38m4Ws5iFfLDvGe3t37XUM52JzGUmE5nK5WpKrTmllku5kAsZzju5npOZSy1XM5HJ1DOXm5nLfOrVHjWW2dRzOfOZyWxqGchYXk0tI7mUSzmfWuoZys3M5Eamcy3juVyVcid3q+f9/CY5rgSNbCVodJOgdY35ttv/+tp/Tvje2fmDODyipWb7f6hz6MDYXiQEAAAA7Lg/+XmOHH/mZ79JirxYfS5/dWKyPrzfaQEAAAA7qDpd74XyobccejGF9/8AAADwuCmq39gVSfpzsjG0/EsoHwIAAADAY6L6/v+lFCcfTvD+HwAAAB4zna+x3zGiGFy+/G/tduPxdjOiMVb0X52YrA+NzUy+OZKz1VUGql8arCutOyl6q58fvJZTjahT/Y3H/ocllnX2lVEjQ2+O5LWcbq7IwMvlw8sDbSJHG5GvNCJfaY3szqrI82UkADzuTm/SHm+1/X8tg42IwRNVk99zok0bPKxlBYCDYqWPnd81uzRr0/43I17aqP3/803e/5cRz+TOycYpBUN5L+9nMbczmOYZByfblbrcG0HjNITBDp8G9DdPWfjlxa4Mrvs8oG9lXVtjFzKawbafCLSUWyzncL4R17072wAA9trpTdvhrbX/gx3e//c7pRAADpSVHux3cWC/1xEAWE0rDQAAAAAAAAAAAAAAAAAAAAAAAAAAADtvSxfw/8XZZHFxIdmDzgJWBvq2k+HmA13Zo5z3faA7yX7V/pfZ9lLlNj4oT52B1QP7fGACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgTxRJd7vpXcnhJMNJzu19Vrvn/n4nsFNqj7ZY8SAP8lGO7HQ6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADfd83r/3el8fhkY1J6upIzSW4l+dv9znEnPdjvBPbNP1T3Ldf/70p6s1Skp7HZU/SOjc/OTJWbvzhczv/m8y8+K2+dy17fq0JZQFnDqs4lmjW0TOldvdTT1VL94wsf3vuX9/+pNn6l2jGvzF+dHJ+6NvtXDwOfK75sdIHQ2g3Ccr7/duan/9My+VCz8i/LNW1vbb1Xq3rH19f7x+2W3qDeLbi7uDBa1jRff3v+X//x7kcts57JqeTlgWRgdU1/X942qOnU2udzteLb4j+LI/n/3Kq2f/lsFEtFuYmOVuv/xJ27iwtD772/eHslp39fldOxnExyO+nbek4nq+NJW9Ve19Vb1jpcBZV3xzuUt6mWEkc2eF6frnaZ/m2tQ23jdah0eN6bGZ1vm9H//vOzObvtLX22Q41tFd8Wvy6u51f5j5b+P7rK7X8mbV+dbYqoIlv2lNZ5q15eXY3Ias1HW2e8s7bMDV+V7IL/yt/lL1a2f1fL8b+5rfbmeNRSY/vXRbL918WPjq5rUR6qWqTja1qk5tFno2WaeR5vRG2Q5x/l9aTnxLaOKK93OKLs1uv/B8VAfpv7+v8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOviLpbje9KzmT5FiSo+V4LVlaG3P/Eerr6i8eJc0d8yg5f/cUG65o8SAP8lGO7HVGAAAAAAAAAOyOK+PffP7FZ+Wt+j6+O3/a1ZxTS3qSHCv+r3dsfHZmqkNBvcmt5a/0+7aXw63y7qmH41+XY893WGh/Tx8AgO+03wcAAP//BZNu0Q==")
r10 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x90)
getdents(r10, 0x0, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a3200000000f70007404884b24b02a8a7758a688958ed60ecfd057e10926ba77e5596b13e43cd4488e4aa68af5f7236ec205b6e4cac2a0d86c336bf07dbe861f4f57bcef92dcf818d532d4475b5daa4dadc1690f228e860bba5a0b5d9bde86862e8f7fc08f0debd4974c6fae7d737a0007ec948ac4d8714ebff6b25648fb910e0d6d07f023cf5fa4051627b9c5b69e265538f9ba683bf172a5ff815afa543c12e550a1bcc9287080c7c12cc89d216c56febb0b06134672ea6b0077c846396169475f271319988f49ec94f2996e5d0e1cb151fb223e556f10fb681d068e055eb34e5f8fc7a524ffe5f4632a6c74ad0fe0b1542497d76a5a4416c47805e001c0005800800014008000008080002"], 0x1ec}}, 0x0)

1.633151458s ago: executing program 0 (id=4245):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r0, 0xa, 0x13)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r3 = syz_open_pts(r2, 0x0)
r4 = dup3(r3, r2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
sendmsg$tipc(r0, &(0x7f0000000640)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x2, 0x3}}, 0x10, &(0x7f0000000240)=[{&(0x7f00000003c0)="5e6eb006f9b283e40084d4610132fbf7f6097b37aa7b8872eee065713e49c348ea4cdcda384f4039afb35137049068106a365cc2880e360224d5ffbbfadcf8773a3ca1bf78818b8bb0a117e5e88a8ed6ded661ecb32f06803ce721f49e33fc5f442de4f7ab17ebbe13f2f03838daea8b029ef64de80a3178fd55798e90c4c6b35a36f306a97beb7e8554eba9f07c5165a88969c35f661486ad486f3a366743aa", 0xa0}, {&(0x7f00000001c0)="fd0a5294638f5232ed96d50ffdc85e2b163aec479880dbf2", 0x18}], 0x2, &(0x7f0000000480)="73f1058049e52b2695e05700e17e477eeab6b41b9c60e0e1ad7a4a45", 0x1c, 0x4040041}, 0x11)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r7}]}}}, @IFLA_MASTER={0x8, 0x3, r7}]}, 0x40}, 0x1, 0xd, 0x0, 0x4000000}, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000080)=0x11)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="d8000000190081054e81f783db4cb9040a1d080006007c02cdfc55a10a0017000600a42603600e12080006ba0474f701a8000100fe80ffff7f6f94007134cf6efb8000a007a290457f01890500277ce06bbaceac3c2fb14c2ee5a7a3aab62f00001fb71b14d6d930dfe1d9d322fe7c2e8771820d16a4683f5aeb4edbb5952a0f536ffd77500db798262f3d409c1f40cb9f92b74f51fad9e3bb9ad809d5e1cace0d81ed0b764434a19789bf0cffece0b4129ecbee5de6ccd4e1ffffffffc2c9b627430600007c388b0dd6e4edef3d93000020000000000000", 0xd8}], 0x1}, 0x0)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mem_disconnect\x00', r9}, 0x18)
fcntl$setlease(r0, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)

1.522604537s ago: executing program 2 (id=4246):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fchown(r0, 0x0, 0x0)

1.521846877s ago: executing program 3 (id=4247):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)={0x1ac, 0x12, 0x8f08c34875fd4763, 0x70bd2d, 0x25dfdbff, {0x10, 0x7, 0x4, 0x0, {0x4e1d, 0x4e20, [0x9, 0x6, 0x8, 0x8], [0x4, 0xfffffff8, 0xffffffff, 0x7f], 0x0, [0x40, 0xffff0cdd]}, 0xc7a, 0x8000}, [@INET_DIAG_REQ_BYTECODE={0x32, 0x1, "72031708c8e4a71b6c045ae3d531e65abe3f8d19df6da852274b7d706592f02b567374d9bef9c847de5bb70be698"}, @INET_DIAG_REQ_BYTECODE={0xda, 0x1, "fc706871d6249cd2c64838e8f638ff6d0d86cf1e025769ad4f5f39bb1becbd6e0201b7fa0d02191cabdb773fa4308662dd1cb2f6838ae1d0457b848a2defd4fb6024cbce90d988ced5f46d6df95b01f32183a4919abaf0fd018b62e04b7c47dc49342e16fdb9eeeb27b234408f92c9481c47cbaac513fbe3ae269ff79eaff46cd8b7008ae42f4d09cd17ff3adeb4bb5f48a940eeda8ebe3e5cbfd0e65fd1bac7b409716f2f07b57a320fbef2851978236a6d83a203bf26346c63f0ced798f5c4359ba573bc908bbbdfd950c01d32dd4e015e0386b089"}, @INET_DIAG_REQ_BYTECODE={0x48, 0x1, "2e3dfec40abab8a7c5754767cb262077dfca49e2280b73abe1a8107478bcd156c8a13ab9a582f4755923470e41a9d44c3d04c8a25defcdfe61df3793f0552c2745176f7c"}, @INET_DIAG_REQ_BYTECODE={0x8, 0x1, "0391cfcb"}]}, 0x1ac}, 0x1, 0x0, 0x0, 0x2008000}, 0x4010)

1.48852859s ago: executing program 3 (id=4248):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001080)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c8962ff01000000000000002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0090000000000000092d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f9bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973188fb47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000019009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5fd7102aead09a0d99bc34ab303dc4938afda"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x4, 0x401}, 0x10}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getresuid(&(0x7f0000000a40), &(0x7f0000000a80)=<r1=>0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001040)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x261db46d6aa896b9}, 0xc, &(0x7f0000001000)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="080400001500060525bd00000000df2520010000000000000000000000000001ac1414bb0000000000000000000000004e2300404e2400400200206d2fe8802c", @ANYRES32=<r2=>0x0, @ANYRES32=r1, @ANYBLOB="b26b6e000100000008001e00feffffffc2000800be0008000103b6008feeb7f3f5af3f5a93f035bdae84e428cbc2f2db4ea76f170f8c9e72ec5a04d8447b9ad1a1aaea60efe6cab189ea7c881d1a1bafdddf0f0ab2f7168b10b9064c7344ccc1e2a060d82fe3016ccbe9d063542d8ad86601d4514c762db22e284e2425f3803d1b645952abc3c37cbe49136f2ba24f18824ab013227004232030717f59dbe2b4034a58c14248c588ca9c82575543bdb1570894291843a3299fd858d0b6d05edb96682a3ba90635df6ebcd8f35dc6b9e817ae000024000900020000000000000000000000000000000600000000000000ce090000000000000a00100000000000000000000c0015005c0735000a000000080018000500000004010500e0000002000000000000000000000000000004d3ff0000000a000000fe8000000000000000000000000000bbff340000000305000700000002000000d7000000ff020000000000000000000000000001000004d23300000002000000ff020000000000000000000000000001ff34000004010000050000000200000000000000fc000000000000000000000000000001000004d5ff00000002000000fc020000000000000000000000000001000000000300030000000000f7ffffff00000000ffffffff000000000000000000000000000004d33c0000000a000000fe800000000000000000000000000021ff3400000401020005000000bd0d000006000000930008008f000800000d8700db8be2f38bf78b710e8c7523677d4856088fa0745f960ce4bc6d641b7f2c18f6582daebdab5fb1eb9d6e95f7013de236e60e791b8ceda88e61b908c70992646edea1b0374e955ae9895f8c90f357058936e56a29d7b7e11578025c1130eb90f3c7b584a7ac53207779e712f8451e96853f21138c7bb3d5c1ba4c68d3c1464545eeea98f2206e470008000c0008000000050112006573736976286d6f727573313238302d617678322c6372637431306469662d70636c6d756c290000000000000000000000000000000000000000000000000000c8050000c0000000b40389d29684397baede18a1b2713cb2ab26205956f10f2a5f0acde73e7834e4fdbd6c1407e0470a5dce8c426d2424b0ebdbb0323cfa1a50298267942d88879d0268462d584699593a2879c52c31c99e059f182946b7c7972302ebf637eaa3ab828a5beaebdca8987a46ca65a958925b41cf2160b5acb793aa03d539204a66565a5c7745202b5552db20f0d8cf7b7828628807338b53fb7aa4bea906de817d8144a4a62a5fb13b985b31b66f115445906c3625b0e8e86279c9000000"], 0x408}, 0x1, 0x0, 0x0, 0x40800}, 0x40)
socket(0x2, 0x80805, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r3 = shmget$private(0x0, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xc, 0xe, &(0x7f0000000940)=ANY=[@ANYRES32=r2, @ANYRESHEX=r3, @ANYBLOB], &(0x7f0000000340)='GPL\x00', 0xa, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="150a00000000000000180000000000000000000000000000009500"/40], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}, 0x94)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001d0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bbfbffa8499c69ac76dd752d00", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f8b)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x204000, 0x1000}, 0x20)
ioctl$sock_inet_SIOCGIFDSTADDR(r5, 0x8917, &(0x7f0000000200)={'syzkaller1\x00', {0x2, 0x0, @loopback}})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x4, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f00000008c0)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400006}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
semctl$SETALL(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000900)=[0x54])

1.430438305s ago: executing program 2 (id=4249):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300) (fail_nth: 3)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)

1.397086637s ago: executing program 5 (id=4250):
r0 = syz_io_uring_setup(0xcd8, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x234}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r4 = inotify_init1(0x0)
r5 = inotify_add_watch(r4, &(0x7f0000000200)='.\x00', 0x10000a0)
r6 = dup(r4)
inotify_rm_watch(r6, r5)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="181233e9091f19d624ec751d0000000000f4ffff", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x541c, &(0x7f0000000280))
r8 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0\x00', 0x42, 0x8)
close(r8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1004014, &(0x7f0000001540)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000180)='./file0\x00'})
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
r11 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r11, 0x2285, 0x0)
writev(r11, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)
io_uring_enter(r0, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
socket(0xa, 0x6, 0x800000)

1.226684741s ago: executing program 0 (id=4251):
r0 = syz_io_uring_setup(0xcd8, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x234}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r4 = inotify_init1(0x0)
r5 = inotify_add_watch(r4, &(0x7f0000000200)='.\x00', 0x10000a0)
r6 = dup(r4)
inotify_rm_watch(r6, r5)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="181233e9091f19d624ec751d000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x541c, &(0x7f0000000280))
r8 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0\x00', 0x42, 0x8)
close(r8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1004014, &(0x7f0000001540)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000180)='./file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r10, 0x2285, 0x0)
writev(r10, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)
io_uring_enter(r0, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
socket(0xa, 0x6, 0x800000)

1.11388488s ago: executing program 2 (id=4252):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x200003, 0x1af}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x1, 0xffffffffffffffff, 0x0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000100)=[{0x0}, {0x0, 0xfffffffffffffea3}], 0x2}, 0x0, 0x3, 0x0, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r2, 0x47f8, 0x0, 0x0, 0x0, 0x0)

1.063895184s ago: executing program 0 (id=4253):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={<r1=>0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={r1, @in={{0x2, 0x4e24, @private=0xa010101}}, 0x4, 0x4}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x3}, 0x18)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r6, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={0x0}}, 0x4)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x40, 0x103)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f0000000440), &(0x7f0000000180)=@v2={0x2000000, [{0x4, 0xfffffff7}, {0xfffffffd, 0x2}]}, 0x14, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r7}, &(0x7f0000000000), &(0x7f00000005c0)=r8}, 0x20)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x11)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = socket(0x10, 0x3, 0x9)
r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendfile(r9, r10, 0x0, 0x7fffffffffffffff)
r11 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r11, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030c00000000000000000000000100090000000000030006006c0000000200000000000000000000000000800002000100000000000002060b00000000030005000000000002000000000000000000000000000000010018"], 0x60}, 0x1, 0x7}, 0x0)

1.044507716s ago: executing program 1 (id=4254):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4000002}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x1000000000000}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000001000)=ANY=[@ANYBLOB], 0x0, 0x28}, 0x28)
r1 = msgget$private(0x0, 0x790)
msgsnd(r1, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x64, 0x1, 0x0, 0x0, 0x0, 0x210e, 0xc0002, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b80, 0x2, @perf_bp={&(0x7f0000000040), 0xe}, 0x14105, 0x32, 0xfffffbff, 0x3, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0xb)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_flowlabel\x00')
pread64(r2, &(0x7f0000000580)=""/150, 0x8f, 0x4c00)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000280)={0x6, &(0x7f0000000100)=[{0x1, 0x4, 0x9, 0x2}, {0x20, 0x2, 0xd1, 0xbe}, {0x80, 0x2, 0xd, 0x3}, {0xfffd, 0x7, 0x9, 0x7d}, {0x2, 0x3, 0xff, 0x4}, {0x196, 0xc7, 0xfd, 0xf}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f0000000000)=0x2)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r4, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
msgctl$IPC_RMID(r1, 0x0)
close(0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_LINKMODE={0x5, 0x11, 0x1}, @IFLA_OPERSTATE={0x5, 0x10, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8010}, 0x4000000)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
ppoll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x1}], 0x1, 0x0, 0x0, 0x4e)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)

1.040862265s ago: executing program 5 (id=4255):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x200, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001080)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c8962ff01000000000000002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0090000000000000092d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f9bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973188fb47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000019009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5fd7102aead09a0d99bc34ab303dc4938afda"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x4, 0x401}, 0x10}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getresuid(&(0x7f0000000a40), &(0x7f0000000a80)=<r2=>0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001040)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x261db46d6aa896b9}, 0xc, &(0x7f0000001000)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="080400001500060525bd00000000df2520010000000000000000000000000001ac1414bb0000000000000000000000004e2300404e2400400200206d2fe8802c", @ANYRES32=<r3=>0x0, @ANYRES32=r2, @ANYBLOB="b26b6e000100000008001e00feffffffc2000800be0008000103b6008feeb7f3f5af3f5a93f035bdae84e428cbc2f2db4ea76f170f8c9e72ec5a04d8447b9ad1a1aaea60efe6cab189ea7c881d1a1bafdddf0f0ab2f7168b10b9064c7344ccc1e2a060d82fe3016ccbe9d063542d8ad86601d4514c762db22e284e2425f3803d1b645952abc3c37cbe49136f2ba24f18824ab013227004232030717f59dbe2b4034a58c14248c588ca9c82575543bdb1570894291843a3299fd858d0b6d05edb96682a3ba90635df6ebcd8f35dc6b9e817ae000024000900020000000000000000000000000000000600000000000000ce090000000000000a00100000000000000000000c0015005c0735000a000000080018000500000004010500e0000002000000000000000000000000000004d3ff0000000a000000fe8000000000000000000000000000bbff340000000305000700000002000000d7000000ff020000000000000000000000000001000004d23300000002000000ff020000000000000000000000000001ff34000004010000050000000200000000000000fc000000000000000000000000000001000004d5ff00000002000000fc020000000000000000000000000001000000000300030000000000f7ffffff00000000ffffffff000000000000000000000000000004d33c0000000a000000fe800000000000000000000000000021ff3400000401020005000000bd0d000006000000930008008f000800000d8700db8be2f38bf78b710e8c7523677d4856088fa0745f960ce4bc6d641b7f2c18f6582daebdab5fb1eb9d6e95f7013de236e60e791b8ceda88e61b908c70992646edea1b0374e955ae9895f8c90f357058936e56a29d7b7e11578025c1130eb90f3c7b584a7ac53207779e712f8451e96853f21138c7bb3d5c1ba4c68d3c1464545eeea98f2206e470008000c0008000000050112006573736976286d6f727573313238302d617678322c6372637431306469662d70636c6d756c290000000000000000000000000000000000000000000000000000c8050000c0000000b40389d29684397baede18a1b2713cb2ab26205956f10f2a5f0acde73e7834e4fdbd6c1407e0470a5dce8c426d2424b0ebdbb0323cfa1a50298267942d88879d0268462d584699593a2879c52c31c99e059f182946b7c7972302ebf637eaa3ab828a5beaebdca8987a46ca65a958925b41cf2160b5acb793aa03d539204a66565a5c7745202b5552db20f0d8cf7b7828628807338b53fb7aa4bea906de817d8144a4a62a5fb13b985b31b66f115445906c3625b0e8e86279c9000000"], 0x408}, 0x1, 0x0, 0x0, 0x40800}, 0x40)
socket(0x2, 0x80805, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r4 = shmget$private(0x0, 0x3000, 0x1, &(0x7f0000ffd000/0x3000)=nil)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xc, 0xe, &(0x7f0000000940)=ANY=[@ANYRES32=r3, @ANYRESHEX=r4, @ANYBLOB], &(0x7f0000000340)='GPL\x00', 0xa, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="150a00000000000000180000000000000000000000000000009500"/40], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}, 0x94)
memfd_create(0x0, 0xe)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001d0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bbfbffa8499c69ac76dd752d00", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r6, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x204000, 0x1000}, 0x20)
ioctl$sock_inet_SIOCGIFDSTADDR(r6, 0x8917, &(0x7f0000000200)={'syzkaller1\x00', {0x2, 0x0, @loopback}})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x4, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f00000008c0)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400006}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
semctl$SETALL(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000900)=[0x54])
r7 = dup(r0)
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, 0x0)

997.613949ms ago: executing program 3 (id=4256):
socket$inet6(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='kfree\x00', r5, 0x0, 0x2}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$inet(0x2, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r9=>0x0})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000800)={0x20, r7, 0x1, 0xffffffff, 0x0, {0x1c}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x703d33dc4b18a98e}, 0x4040814)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
r11 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r11, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]})

546.532805ms ago: executing program 5 (id=4257):
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000fc0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xe, 0x0, 0x0, 0x0, 0x18}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000080)={r4, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "675237601a8ca5b07dcc141802c4dae4162e43ac61b7ad3300", [0xfffffffffffffce8, 0xa]}})

203.311074ms ago: executing program 2 (id=4258):
r0 = openat(0xffffffffffffffff, 0x0, 0x101a00, 0x181)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0)
r3 = socket(0x10, 0x2, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r4, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x3d, 0xfff6, 0x65, 0x5, 0x1, 0x4, 0x3, @private=0xa010102, @local}}}}}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @loopback, @loopback}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x15, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10, 0x0, 0xffffffff, 0x3}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r5, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r6, 0x20, 0x70bd2c, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40001}, 0x4000000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002080)=@newtaction={0xe6c, 0x30, 0x25, 0x0, 0x0, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x1, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0xfffffff5}, {0x0, 0x0, 0x0, 0x100}, {}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0x800}, {}, {}, {0x2a}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {}, {}, {}, {}, {0x7}, {}, {0x0, 0x100}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0x0, 0x800000}, {}, {}, {}, {0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {0x80000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffd}, {}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x5, 0xe}], [{0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x5}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0)
ioctl$sock_ifreq(r8, 0x8937, &(0x7f0000000300)={'dvmrp0\x00', @ifru_hwaddr=@remote})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}, 0x1, 0x0, 0x0, 0x204c000}, 0x0)

189.094145ms ago: executing program 0 (id=4259):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008500"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fchown(r0, 0x0, 0x0)

108.521511ms ago: executing program 0 (id=4260):
r0 = syz_io_uring_setup(0xcd8, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x234}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r4 = inotify_init1(0x0)
r5 = inotify_add_watch(r4, &(0x7f0000000200)='.\x00', 0x10000a0)
r6 = dup(r4)
inotify_rm_watch(r6, r5)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="181233e9091f19d624ec", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
ioctl$TIOCL_PASTESEL(0xffffffffffffffff, 0x541c, &(0x7f0000000280))
r8 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0\x00', 0x42, 0x8)
close(r8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1004014, &(0x7f0000001540)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000180)='./file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r10, 0x2285, 0x0)
writev(r10, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)
io_uring_enter(r0, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
socket(0xa, 0x6, 0x800000)

75.525714ms ago: executing program 3 (id=4261):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r0, 0xa, 0x13)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r3 = syz_open_pts(r2, 0x0)
r4 = dup3(r3, r2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
sendmsg$tipc(r0, &(0x7f0000000640)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x2, 0x3}}, 0x10, &(0x7f0000000240)=[{&(0x7f00000003c0)="5e6eb006f9b283e40084d4610132fbf7f6097b37aa7b8872eee065713e49c348ea4cdcda384f4039afb35137049068106a365cc2880e360224d5ffbbfadcf8773a3ca1bf78818b8bb0a117e5e88a8ed6ded661ecb32f06803ce721f49e33fc5f442de4f7ab17ebbe13f2f03838daea8b029ef64de80a3178fd55798e90c4c6b35a36f306a97beb7e8554eba9f07c5165a88969c35f661486ad486f3a366743aa", 0xa0}, {&(0x7f00000001c0)="fd0a5294638f5232ed96d50ffdc85e2b163aec479880dbf2", 0x18}], 0x2, &(0x7f0000000480)="73f1058049e52b2695e05700e17e477eeab6b41b9c60e0e1ad7a4a45", 0x1c, 0x4040041}, 0x11)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r7}]}}}, @IFLA_MASTER={0x8, 0x3, r7}]}, 0x40}, 0x1, 0xd, 0x0, 0x4000000}, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000080)=0x11)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="d8000000190081054e81f783db4cb9040a1d080006007c02cdfc55a10a0017000600a42603600e12080006ba0474f701a8000100fe80ffff7f6f94007134cf6efb8000a007a290457f01890500277ce06bbaceac3c2fb14c2ee5a7a3aab62f00001fb71b14d6d930dfe1d9d322fe7c2e8771820d16a4683f5aeb4edbb5952a0f536ffd77500db798262f3d409c1f40cb9f92b74f51fad9e3bb9ad809d5e1cace0d81ed0b764434a19789bf0cffece0b4129ecbee5de6ccd4e1ffffffffc2c9b627430600007c388b0dd6e4edef3d93000020000000000000", 0xd8}], 0x1}, 0x0)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mem_disconnect\x00', r9}, 0x18)
fcntl$setlease(r0, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)

0s ago: executing program 5 (id=4262):
pipe(&(0x7f0000000480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="19"], 0x48)
r4 = socket$netlink(0x10, 0x3, 0xc)
ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000040))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r5, 0x10e, 0x8, &(0x7f0000000000)=0x8, 0x4)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000022657a6e8b48b9000000000800010001"], 0x1c}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000020303000000000000000000000000100800010001"], 0x1c}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r8, 0x11, 0x68, &(0x7f0000000040)=0x2, 0x4)
setsockopt$inet_udp_encap(r8, 0x11, 0x64, &(0x7f0000000080)=0x2, 0x4)
setsockopt$inet_udp_encap(r8, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mm_page_alloc\x00', r7}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
splice(r0, 0x0, r4, 0x0, 0x10d00, 0xf)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000580)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a0063"], 0x3c}}, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r1)
sendmsg$NL80211_CMD_NEW_INTERFACE(r9, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="00042abd7000fedbdf2507000000080001003d00000008000300", @ANYRES32=0x0, @ANYBLOB='\b\x00\v%\x00\x00\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x4000840}, 0x40)

kernel console output (not intermixed with test programs):

] kernel write not supported for file bpf-prog (pid: 1077 comm: kworker/0:2)
[  261.260546][T14512] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  261.260546][T14512]    program syz.2.3609 not setting count and/or reply_len properly
[  261.477806][T14540] netlink: 'syz.5.3619': attribute type 29 has an invalid length.
[  261.494619][T14540] loop5: detected capacity change from 0 to 512
[  261.514136][T14540] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  261.660384][T14540] EXT4-fs (loop5): orphan cleanup on readonly fs
[  261.910738][T14551] hsr_slave_0: left promiscuous mode
[  261.923847][T14551] hsr_slave_1: left promiscuous mode
[  261.935318][ T3410] kernel write not supported for file bpf-prog (pid: 3410 comm: kworker/1:4)
[  261.939630][ T5080] batman_adv: batadv5: No IGMP Querier present - multicast optimizations disabled
[  261.948402][T14553] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  261.948402][T14553]    program syz.1.3623 not setting count and/or reply_len properly
[  261.953685][ T5080] batman_adv: batadv5: No MLD Querier present - multicast optimizations disabled
[  261.958592][T14540] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3619: corrupted inode contents
[  261.995833][T14540] EXT4-fs (loop5): Remounting filesystem read-only
[  262.002715][T14540] EXT4-fs (loop5): 1 truncate cleaned up
[  262.008488][ T5059] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  262.019220][ T5059] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  262.036879][ T5059] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  262.047967][T14540] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  262.064198][T14540] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.458153][T14583] FAULT_INJECTION: forcing a failure.
[  262.458153][T14583] name failslab, interval 1, probability 0, space 0, times 0
[  262.471084][T14583] CPU: 1 UID: 0 PID: 14583 Comm: syz.2.3633 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[  262.471120][T14583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  262.471132][T14583] Call Trace:
[  262.471140][T14583]  <TASK>
[  262.471148][T14583]  __dump_stack+0x1d/0x30
[  262.471226][T14583]  dump_stack_lvl+0xe8/0x140
[  262.471249][T14583]  dump_stack+0x15/0x1b
[  262.471268][T14583]  should_fail_ex+0x265/0x280
[  262.471362][T14583]  should_failslab+0x8c/0xb0
[  262.471388][T14583]  kmem_cache_alloc_noprof+0x50/0x310
[  262.471416][T14583]  ? prepare_creds+0x37/0x4c0
[  262.471445][T14583]  prepare_creds+0x37/0x4c0
[  262.471484][T14583]  selinux_lsm_setattr+0x1a4/0x660
[  262.471505][T14583]  selinux_setprocattr+0x4f/0x70
[  262.471532][T14583]  security_setprocattr+0x1a7/0x1d0
[  262.471561][T14583]  proc_pid_attr_write+0x1eb/0x220
[  262.471622][T14583]  ? __pfx_proc_pid_attr_write+0x10/0x10
[  262.471650][T14583]  vfs_write+0x269/0x8e0
[  262.471673][T14583]  ? __rcu_read_unlock+0x4f/0x70
[  262.471694][T14583]  ? __fget_files+0x184/0x1c0
[  262.471718][T14583]  ksys_write+0xda/0x1a0
[  262.471790][T14583]  __x64_sys_write+0x40/0x50
[  262.471834][T14583]  x64_sys_call+0x27fe/0x2ff0
[  262.471856][T14583]  do_syscall_64+0xd2/0x200
[  262.471884][T14583]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  262.471939][T14583]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  262.471959][T14583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.471980][T14583] RIP: 0033:0x7f625b32ebe9
[  262.472031][T14583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.472051][T14583] RSP: 002b:00007f6259d97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  262.472074][T14583] RAX: ffffffffffffffda RBX: 00007f625b555fa0 RCX: 00007f625b32ebe9
[  262.472089][T14583] RDX: 000000000000001d RSI: 0000200000000100 RDI: 0000000000000003
[  262.472112][T14583] RBP: 00007f6259d97090 R08: 0000000000000000 R09: 0000000000000000
[  262.472139][T14583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.472150][T14583] R13: 00007f625b556038 R14: 00007f625b555fa0 R15: 00007ffc70012bb8
[  262.472168][T14583]  </TASK>
[  262.738773][T14582] netlink: 'syz.5.3632': attribute type 29 has an invalid length.
[  262.788175][ T3409] kernel write not supported for file bpf-prog (pid: 3409 comm: kworker/0:5)
[  262.799901][T14589] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14589 comm=syz.2.3636
[  262.813534][T14587] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  262.813534][T14587]    program syz.0.3635 not setting count and/or reply_len properly
[  262.851745][T14591] FAULT_INJECTION: forcing a failure.
[  262.851745][T14591] name failslab, interval 1, probability 0, space 0, times 0
[  262.864460][T14591] CPU: 0 UID: 0 PID: 14591 Comm: syz.3.3638 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[  262.864488][T14591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  262.864576][T14591] Call Trace:
[  262.864585][T14591]  <TASK>
[  262.864593][T14591]  __dump_stack+0x1d/0x30
[  262.864617][T14591]  dump_stack_lvl+0xe8/0x140
[  262.864634][T14591]  dump_stack+0x15/0x1b
[  262.864649][T14591]  should_fail_ex+0x265/0x280
[  262.864715][T14591]  should_failslab+0x8c/0xb0
[  262.864740][T14591]  kmem_cache_alloc_noprof+0x50/0x310
[  262.864768][T14591]  ? skb_clone+0x151/0x1f0
[  262.864790][T14591]  skb_clone+0x151/0x1f0
[  262.864808][T14591]  __netlink_deliver_tap+0x2c9/0x500
[  262.864902][T14591]  netlink_unicast+0x66b/0x690
[  262.864934][T14591]  netlink_sendmsg+0x58b/0x6b0
[  262.864972][T14591]  ? __pfx_netlink_sendmsg+0x10/0x10
[  262.865012][T14591]  __sock_sendmsg+0x142/0x180
[  262.865040][T14591]  ____sys_sendmsg+0x31e/0x4e0
[  262.865089][T14591]  ___sys_sendmsg+0x17b/0x1d0
[  262.865130][T14591]  __x64_sys_sendmsg+0xd4/0x160
[  262.865167][T14591]  x64_sys_call+0x191e/0x2ff0
[  262.865222][T14591]  do_syscall_64+0xd2/0x200
[  262.865250][T14591]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  262.865278][T14591]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  262.865367][T14591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.865389][T14591] RIP: 0033:0x7f5a1a9febe9
[  262.865456][T14591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.865477][T14591] RSP: 002b:00007f5a1945f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  262.865498][T14591] RAX: ffffffffffffffda RBX: 00007f5a1ac25fa0 RCX: 00007f5a1a9febe9
[  262.865510][T14591] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  262.865525][T14591] RBP: 00007f5a1945f090 R08: 0000000000000000 R09: 0000000000000000
[  262.865539][T14591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  262.865623][T14591] R13: 00007f5a1ac26038 R14: 00007f5a1ac25fa0 R15: 00007ffe6836c178
[  262.865644][T14591]  </TASK>
[  263.080978][T14598] loop7: detected capacity change from 0 to 7
[  263.101823][T14591] bridge0: entered promiscuous mode
[  263.109305][T14591] bridge0: port 5(macsec1) entered blocking state
[  263.116049][T14591] bridge0: port 5(macsec1) entered disabled state
[  263.129432][T14591] macsec1: entered allmulticast mode
[  263.134868][T14591] bridge0: entered allmulticast mode
[  263.164918][T14602] block device autoloading is deprecated and will be removed.
[  263.173494][T14591] macsec1: left allmulticast mode
[  263.178820][T14591] bridge0: left allmulticast mode
[  263.187294][T14602] loop0: detected capacity change from 0 to 512
[  263.214495][T14591] bridge0: left promiscuous mode
[  263.228887][T14602] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  263.240678][T14602] EXT4-fs (loop0): orphan cleanup on readonly fs
[  263.250301][T14602] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.3639: corrupted inode contents
[  263.263132][T14602] EXT4-fs (loop0): Remounting filesystem read-only
[  263.271414][T14602] EXT4-fs (loop0): 1 truncate cleaned up
[  263.277281][ T5080] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  263.288028][ T5080] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  263.307615][ T5080] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  263.325597][T14602] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  263.367022][ T3410] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  263.385404][T14602] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.498905][ T3410] kernel write not supported for file bpf-prog (pid: 3410 comm: kworker/1:4)
[  263.518311][T14624] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  263.518311][T14624]    program syz.5.3650 not setting count and/or reply_len properly
[  263.611099][T14635] bridge0: port 5(batadv3) entered blocking state
[  263.617594][T14635] bridge0: port 5(batadv3) entered disabled state
[  263.624356][T14635] batadv3: entered allmulticast mode
[  263.630258][T14635] batadv3: entered promiscuous mode
[  263.639090][T14637] loop5: detected capacity change from 0 to 512
[  263.647836][T14637] EXT4-fs: Ignoring removed nobh option
[  263.653789][T14637] EXT4-fs: Ignoring removed oldalloc option
[  263.661124][T14637] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  263.671303][T14637] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  264.113455][ T5059] batman_adv: batadv3: No IGMP Querier present - multicast optimizations disabled
[  264.122801][ T5059] batman_adv: batadv3: No MLD Querier present - multicast optimizations disabled
[  264.229053][T14645] loop2: detected capacity change from 0 to 512
[  264.321766][ T3409] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  264.387344][T14645] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  264.404856][T14645] EXT4-fs (loop2): orphan cleanup on readonly fs
[  264.415622][T14645] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3658: corrupted inode contents
[  264.432834][T14645] EXT4-fs (loop2): Remounting filesystem read-only
[  264.442102][T14645] EXT4-fs (loop2): 1 truncate cleaned up
[  264.450366][   T29] kauditd_printk_skb: 265 callbacks suppressed
[  264.450416][   T29] audit: type=1400 audit(2000000174.830:21481): avc:  denied  { setattr } for  pid=14636 comm="syz.5.3655" name="NETLINK" dev="sockfs" ino=44802 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  264.450612][ T5059] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  264.491910][ T5059] Quota error (device loop2): write_blk: dquota write failed
[  264.499563][ T5059] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  264.509896][ T5059] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  264.520774][ T5059] Quota error (device loop2): write_blk: dquota write failed
[  264.528191][ T5059] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  264.541158][T14653] netlink: 'syz.5.3655': attribute type 2 has an invalid length.
[  264.544253][ T5059] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  264.548971][T14653] netlink: 'syz.5.3655': attribute type 9 has an invalid length.
[  264.559093][ T5059] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  264.559450][ T5059] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  264.567158][T14653] __nla_validate_parse: 18 callbacks suppressed
[  264.567172][T14653] netlink: 161416 bytes leftover after parsing attributes in process `syz.5.3655'.
[  264.580263][T14645] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  264.626975][   T29] audit: type=1400 audit(2000000175.000:21482): avc:  denied  { setattr } for  pid=14655 comm="syz.1.3662" name="secretmem" dev="secretmem" ino=43988 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  264.670948][T14645] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.871579][    T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0)
[  264.877806][   T29] audit: type=1326 audit(2000000175.250:21483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14668 comm="syz.1.3666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  264.904106][   T29] audit: type=1326 audit(2000000175.250:21484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14668 comm="syz.1.3666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  264.909516][T14671] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  264.909516][T14671]    program syz.2.3665 not setting count and/or reply_len properly
[  265.104997][T14676] loop1: detected capacity change from 0 to 512
[  265.192778][T14676] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #3: comm syz.1.3668: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  265.428321][T14676] EXT4-fs error (device loop1): ext4_quota_enable:7127: comm syz.1.3668: Bad quota inode: 3, type: 0
[  265.439684][T14676] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  265.460514][T14676] EXT4-fs (loop1): mount failed
[  265.544976][T14687] hub 6-0:1.0: USB hub found
[  265.549976][T14687] hub 6-0:1.0: 8 ports detected
[  265.624370][T14692] loop0: detected capacity change from 0 to 512
[  265.655590][ T3410] hid_parser_main: 77 callbacks suppressed
[  265.655624][ T3410] hid-generic 0000:0000:0000.000D: unknown main item tag 0x1
[  265.668925][ T3410] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  265.676447][ T3410] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  265.683902][ T3410] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  265.691397][ T3410] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  265.698789][ T3410] hid-generic 0000:0000:0000.000D: unknown main item tag 0x2
[  265.706815][ T3410] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  265.714663][ T3410] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  265.725165][ T3410] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  265.727138][T14692] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  265.732706][ T3410] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  265.748710][T14692] EXT4-fs (loop0): orphan cleanup on readonly fs
[  265.755181][ T3410] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  265.769528][T14692] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.3674: corrupted inode contents
[  265.782103][T14692] EXT4-fs (loop0): Remounting filesystem read-only
[  265.788997][T14692] EXT4-fs (loop0): 1 truncate cleaned up
[  265.797504][ T5078] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  265.808151][ T5078] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  265.828852][ T5078] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  265.845521][T14692] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  265.859486][T14705] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3678'.
[  265.880765][T14692] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.919034][T14709] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14709 comm=syz.3.3680
[  265.965634][T14709] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  265.996273][T14709] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  266.496641][   T10] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  266.599185][T14746] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3690'.
[  266.794439][T14754] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3691'.
[  266.845657][T14758] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14758 comm=syz.2.3693
[  266.871831][T14758] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  266.888688][T14758] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  266.949594][T14771] loop2: detected capacity change from 0 to 512
[  266.956784][T14771] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  266.969180][T14771] EXT4-fs (loop2): orphan cleanup on readonly fs
[  266.976061][T14771] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3695: bg 0: block 248: padding at end of block bitmap is not set
[  266.996987][T14771] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3695: Failed to acquire dquot type 1
[  267.009085][T14771] EXT4-fs (loop2): 1 truncate cleaned up
[  267.023689][T14771] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  267.036904][T14775] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3695'.
[  267.067257][T14780] bridge0: port 6(batadv4) entered blocking state
[  267.074016][T14780] bridge0: port 6(batadv4) entered disabled state
[  267.081604][T14780] batadv4: entered allmulticast mode
[  267.087796][T14780] batadv4: entered promiscuous mode
[  267.154743][T14786] loop7: detected capacity change from 0 to 7
[  267.570221][ T5089] batman_adv: batadv4: No IGMP Querier present - multicast optimizations disabled
[  267.579516][ T5089] batman_adv: batadv4: No MLD Querier present - multicast optimizations disabled
[  267.643685][T14791] loop0: detected capacity change from 0 to 512
[  267.673971][T14791] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.686893][T14791] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.783036][T11195] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.794692][T12688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.809393][T14795] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3703'.
[  267.849332][T14799] netlink: 'syz.2.3705': attribute type 1 has an invalid length.
[  267.868894][T14799] 8021q: adding VLAN 0 to HW filter on device bond11
[  267.915663][   T10] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  267.929317][T14799] 8021q: adding VLAN 0 to HW filter on device bond11
[  267.938916][T14799] bond11: (slave vxcan3): The slave device specified does not support setting the MAC address
[  267.955471][T14799] bond11: (slave vxcan3): Error -95 calling set_mac_address
[  268.858609][    T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0)
[  268.911659][T14817] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  268.911659][T14817]    program syz.0.3710 not setting count and/or reply_len properly
[  269.042021][T14823] FAULT_INJECTION: forcing a failure.
[  269.042021][T14823] name failslab, interval 1, probability 0, space 0, times 0
[  269.054977][T14823] CPU: 0 UID: 0 PID: 14823 Comm: syz.5.3713 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[  269.055086][T14823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  269.055099][T14823] Call Trace:
[  269.055106][T14823]  <TASK>
[  269.055115][T14823]  __dump_stack+0x1d/0x30
[  269.055138][T14823]  dump_stack_lvl+0xe8/0x140
[  269.055193][T14823]  dump_stack+0x15/0x1b
[  269.055210][T14823]  should_fail_ex+0x265/0x280
[  269.055244][T14823]  should_failslab+0x8c/0xb0
[  269.055267][T14823]  kmem_cache_alloc_noprof+0x50/0x310
[  269.055352][T14823]  ? posix_lock_inode+0x162/0x2380
[  269.055375][T14823]  posix_lock_inode+0x162/0x2380
[  269.055457][T14823]  ? file_has_perm+0x324/0x370
[  269.055478][T14823]  fcntl_setlk+0x61f/0x950
[  269.055510][T14823]  do_fcntl+0x5dd/0xdf0
[  269.055544][T14823]  ? selinux_file_fcntl+0x1cb/0x1e0
[  269.055583][T14823]  __se_sys_fcntl+0xb1/0x120
[  269.055674][T14823]  __x64_sys_fcntl+0x43/0x50
[  269.055707][T14823]  x64_sys_call+0x29a0/0x2ff0
[  269.055781][T14823]  do_syscall_64+0xd2/0x200
[  269.055807][T14823]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  269.055832][T14823]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  269.055853][T14823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.055947][T14823] RIP: 0033:0x7f3570d4ebe9
[  269.055963][T14823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.055981][T14823] RSP: 002b:00007f356f7b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  269.056000][T14823] RAX: ffffffffffffffda RBX: 00007f3570f75fa0 RCX: 00007f3570d4ebe9
[  269.056011][T14823] RDX: 0000200000000000 RSI: 0000000000000026 RDI: 0000000000000006
[  269.056085][T14823] RBP: 00007f356f7b7090 R08: 0000000000000000 R09: 0000000000000000
[  269.056098][T14823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.056110][T14823] R13: 00007f3570f76038 R14: 00007f3570f75fa0 R15: 00007fffaab052d8
[  269.056150][T14823]  </TASK>
[  269.058898][T14821] loop3: detected capacity change from 0 to 2048
[  269.079791][T14828] netlink: 'syz.5.3715': attribute type 29 has an invalid length.
[  269.101696][T14826] loop0: detected capacity change from 0 to 512
[  269.116234][T14828] loop5: detected capacity change from 0 to 512
[  269.347094][T14826] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.367317][T14821] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  269.379558][T14828] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  269.401365][T14828] EXT4-fs (loop5): orphan cleanup on readonly fs
[  269.420155][T14826] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  269.477152][T14828] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3715: corrupted inode contents
[  269.498132][   T29] kauditd_printk_skb: 229 callbacks suppressed
[  269.498148][   T29] audit: type=1326 audit(2000000179.870:21706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.0.3714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fadc63cd550 code=0x7ffc0000
[  269.528903][   T29] audit: type=1326 audit(2000000179.870:21707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.0.3714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fadc63cd937 code=0x7ffc0000
[  269.552563][   T29] audit: type=1326 audit(2000000179.870:21708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.0.3714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fadc63cd550 code=0x7ffc0000
[  269.553084][T14828] EXT4-fs (loop5): Remounting filesystem read-only
[  269.576399][   T29] audit: type=1326 audit(2000000179.870:21709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.0.3714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  269.606667][   T29] audit: type=1326 audit(2000000179.870:21710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.0.3714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  269.630613][   T29] audit: type=1326 audit(2000000179.870:21711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.0.3714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  269.640312][T14828] EXT4-fs (loop5): 1 truncate cleaned up
[  269.659190][   T29] audit: type=1326 audit(2000000180.040:21712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.0.3714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  269.660647][ T5078] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  269.684662][   T29] audit: type=1326 audit(2000000180.040:21713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.0.3714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  269.695387][ T5078] Quota error (device loop5): write_blk: dquota write failed
[  269.719567][   T29] audit: type=1326 audit(2000000180.040:21714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.0.3714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  269.751431][ T5078] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  269.777633][T14852] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  269.812094][ T5078] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  269.822843][T14828] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  269.827125][T14852] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1120 with error 28
[  269.847156][T14828] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.847985][T14852] EXT4-fs (loop3): This should not happen!! Data will be lost
[  269.847985][T14852] 
[  269.866714][T14852] EXT4-fs (loop3): Total free blocks count 0
[  269.872768][T14852] EXT4-fs (loop3): Free/Dirty block details
[  269.878770][T14852] EXT4-fs (loop3): free_blocks=2415919104
[  269.884537][T14852] EXT4-fs (loop3): dirty_blocks=1136
[  269.889850][T14852] EXT4-fs (loop3): Block reservation details
[  269.895914][T14852] EXT4-fs (loop3): i_reserved_data_blocks=71
[  269.958021][T12688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.976617][   T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1)
[  269.987490][T14858] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  269.987490][T14858]    program syz.5.3719 not setting count and/or reply_len properly
[  270.044897][T14865] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  270.054040][T14865] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  270.166759][ T5085] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  270.181099][T14871] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3723'.
[  270.195376][ T3410] kernel write not supported for file bpf-prog (pid: 3410 comm: kworker/1:4)
[  270.209410][T14872] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  270.209410][T14872]    program syz.1.3720 not setting count and/or reply_len properly
[  270.325869][T14874] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  270.338844][T14874] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  270.493716][    T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0)
[  270.506151][T14880] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  270.506151][T14880]    program syz.3.3724 not setting count and/or reply_len properly
[  270.554059][T14887] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3729'.
[  270.643894][T14888] netlink: 'syz.1.3728': attribute type 23 has an invalid length.
[  270.745803][    T9] hid_parser_main: 77 callbacks suppressed
[  270.745823][    T9] hid-generic 0000:0000:0000.0010: unknown main item tag 0x1
[  270.759696][    T9] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  270.767416][    T9] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  270.774975][    T9] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  270.782493][    T9] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  270.789952][    T9] hid-generic 0000:0000:0000.0010: unknown main item tag 0x2
[  270.797386][    T9] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  270.805189][    T9] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  270.833662][    T9] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  270.841188][    T9] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  270.852446][    T9] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  271.093651][ T3409] kernel write not supported for file bpf-prog (pid: 3409 comm: kworker/0:5)
[  271.104086][T14921] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  271.104086][T14921]    program syz.3.3735 not setting count and/or reply_len properly
[  271.404593][ T3363] kernel write not supported for file bpf-prog (pid: 3363 comm: kworker/1:2)
[  271.416993][T14931] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  271.416993][T14931]    program syz.1.3739 not setting count and/or reply_len properly
[  271.657492][T14937] loop2: detected capacity change from 0 to 512
[  271.686955][T14937] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  271.807223][T14937] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3741: Failed to acquire dquot type 1
[  271.861678][T14937] EXT4-fs (loop2): 1 truncate cleaned up
[  271.890595][T14937] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.954455][T14941] loop1: detected capacity change from 0 to 512
[  271.975945][T14941] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.989044][T14941] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  272.073295][T12006] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.117142][T14955] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3746'.
[  272.169180][T14960] loop1: detected capacity change from 0 to 1024
[  272.176658][T14960] EXT4-fs: inline encryption not supported
[  272.182710][T14960] EXT4-fs: Ignoring removed i_version option
[  272.196865][T14960] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  272.210996][T14960] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz.1.3747: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  272.230808][T14960] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.3747: couldn't read orphan inode 11 (err -117)
[  272.244518][T14960] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.408738][T14974] netlink: 216 bytes leftover after parsing attributes in process `syz.1.3747'.
[  272.418493][T14974] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3747'.
[  272.427829][T14974] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3747'.
[  272.550042][T14976] loop0: detected capacity change from 0 to 512
[  272.561351][T11195] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.582290][T14976] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.600247][T14976] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  272.611644][T14976] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.716914][T12006] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.910820][    T9] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  272.957155][T15009] loop3: detected capacity change from 0 to 512
[  273.001122][T15009] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.024535][T15009] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  273.124303][T12845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.148770][T15019] hub 6-0:1.0: USB hub found
[  273.163208][T15026] loop7: detected capacity change from 0 to 7
[  273.169954][T15019] hub 6-0:1.0: 8 ports detected
[  273.251428][T15028] batman_adv: batadv0: Adding interface: dummy0
[  273.257767][T15028] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.292143][T15028] batman_adv: batadv0: Interface activated: dummy0
[  273.345764][T15039] hub 6-0:1.0: USB hub found
[  273.352313][T15039] hub 6-0:1.0: 8 ports detected
[  273.408575][T15055] loop3: detected capacity change from 0 to 512
[  273.444126][T15055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.462200][T15055] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  273.492569][T15071] netlink: 'syz.2.3775': attribute type 29 has an invalid length.
[  273.698577][T12845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.732958][T15084] netlink: 'syz.2.3778': attribute type 23 has an invalid length.
[  273.823843][T15087] hub 6-0:1.0: USB hub found
[  273.829273][T15087] hub 6-0:1.0: 8 ports detected
[  274.501469][   T29] kauditd_printk_skb: 1017 callbacks suppressed
[  274.501485][   T29] audit: type=1326 audit(2000000184.880:22725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15102 comm="syz.5.3784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  274.538481][   T29] audit: type=1326 audit(2000000184.920:22726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15102 comm="syz.5.3784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  274.562241][   T29] audit: type=1326 audit(2000000184.920:22727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15102 comm="syz.5.3784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  274.566915][T15103] netlink: 'syz.5.3784': attribute type 29 has an invalid length.
[  274.586710][   T29] audit: type=1326 audit(2000000184.920:22728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15102 comm="syz.5.3784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  274.620415][   T29] audit: type=1326 audit(2000000184.920:22729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15102 comm="syz.5.3784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  274.644975][   T29] audit: type=1326 audit(2000000184.920:22730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15102 comm="syz.5.3784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  274.668662][   T29] audit: type=1326 audit(2000000184.920:22731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15102 comm="syz.5.3784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  274.692352][   T29] audit: type=1326 audit(2000000184.920:22732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15102 comm="syz.5.3784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  274.698228][T15115] loop5: detected capacity change from 0 to 512
[  274.715936][   T29] audit: type=1326 audit(2000000184.920:22733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15102 comm="syz.5.3784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  274.715972][   T29] audit: type=1326 audit(2000000184.920:22734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15102 comm="syz.5.3784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  274.822911][T15115] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  274.831123][T15115] EXT4-fs (loop5): orphan cleanup on readonly fs
[  274.842650][T15115] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3784: corrupted inode contents
[  274.855351][T15115] EXT4-fs (loop5): Remounting filesystem read-only
[  274.862310][T15115] EXT4-fs (loop5): 1 truncate cleaned up
[  274.868370][ T5086] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  274.879252][ T5086] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  274.891909][ T5086] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  274.903176][T15115] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  274.915957][T15115] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.951893][T15136] netlink: 'syz.5.3791': attribute type 1 has an invalid length.
[  274.965864][T15136] 8021q: adding VLAN 0 to HW filter on device bond4
[  274.986141][T15136] 8021q: adding VLAN 0 to HW filter on device bond4
[  274.993483][T15136] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  275.005575][T15136] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  275.040536][T15145] netlink: 'syz.2.3794': attribute type 1 has an invalid length.
[  275.054355][T15145] 8021q: adding VLAN 0 to HW filter on device bond12
[  275.073505][T15145] 8021q: adding VLAN 0 to HW filter on device bond12
[  275.081113][T15145] bond12: (slave vxcan3): The slave device specified does not support setting the MAC address
[  275.096602][T15145] bond12: (slave vxcan3): Error -95 calling set_mac_address
[  275.112375][ T3410] kernel write not supported for file bpf-prog (pid: 3410 comm: kworker/1:4)
[  275.126429][T15148] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  275.126429][T15148]    program syz.5.3795 not setting count and/or reply_len properly
[  275.186767][T15153] loop2: detected capacity change from 0 to 2048
[  275.206169][T15153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  275.238144][T15162] __nla_validate_parse: 11 callbacks suppressed
[  275.238160][T15162] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3799'.
[  275.345179][T15165] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  275.362404][T15170] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  275.363032][T15165] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 874 with error 28
[  275.371494][T15170] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  275.383587][T15165] EXT4-fs (loop2): This should not happen!! Data will be lost
[  275.383587][T15165] 
[  275.383607][T15165] EXT4-fs (loop2): Total free blocks count 0
[  275.407831][T15165] EXT4-fs (loop2): Free/Dirty block details
[  275.413788][T15165] EXT4-fs (loop2): free_blocks=2415919104
[  275.419660][T15165] EXT4-fs (loop2): dirty_blocks=880
[  275.424966][T15165] EXT4-fs (loop2): Block reservation details
[  275.431253][T15165] EXT4-fs (loop2): i_reserved_data_blocks=55
[  275.442520][T15175] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  275.453473][T15175] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  275.606835][T15183] loop3: detected capacity change from 0 to 1024
[  275.614833][T15183] EXT4-fs: inline encryption not supported
[  275.620752][T15183] EXT4-fs: Ignoring removed i_version option
[  275.627637][T15183] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  275.638476][ T5080] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  275.652208][T15183] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.3804: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  275.674716][T15183] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.3804: couldn't read orphan inode 11 (err -117)
[  275.688943][T15183] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  275.693736][T15189] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3807'.
[  275.711889][T15190] loop2: detected capacity change from 0 to 512
[  275.725407][T15189] netlink: 'syz.5.3807': attribute type 10 has an invalid length.
[  275.737145][T15189] team0: Port device dummy0 added
[  275.747935][T15189] netlink: 'syz.5.3807': attribute type 10 has an invalid length.
[  275.756708][T15189] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  275.774427][T15190] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  275.792765][T15189] team0: Failed to send options change via netlink (err -105)
[  275.801682][T15190] ext4 filesystem being mounted at /219/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  275.814959][T15189] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  275.826075][T15189] team0: Port device dummy0 removed
[  275.834170][T15189] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  275.927504][T15194] netlink: 216 bytes leftover after parsing attributes in process `syz.3.3804'.
[  275.936870][T15194] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3804'.
[  275.945838][T15194] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3804'.
[  276.038156][T11195] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.270712][T12845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.311744][T15218] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  277.341082][T15228] loop7: detected capacity change from 0 to 7
[  277.705800][T15247] loop7: detected capacity change from 0 to 7
[  277.927532][T15262] netlink: 'syz.0.3832': attribute type 29 has an invalid length.
[  277.943841][T15262] loop0: detected capacity change from 0 to 512
[  277.965260][T15262] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  277.973529][T15262] EXT4-fs (loop0): orphan cleanup on readonly fs
[  277.983024][T15262] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.3832: corrupted inode contents
[  277.995313][T15262] EXT4-fs (loop0): Remounting filesystem read-only
[  278.002362][T15262] EXT4-fs (loop0): 1 truncate cleaned up
[  278.008112][ T5086] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  278.018689][ T5086] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  278.033161][ T5086] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  278.069776][T15262] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  278.083909][T15262] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.980577][   T36] kernel write not supported for file bpf-prog (pid: 36 comm: kworker/1:1)
[  279.006092][T15307] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  279.006092][T15307]    program syz.2.3847 not setting count and/or reply_len properly
[  279.115288][T15320] netlink: 'syz.5.3853': attribute type 29 has an invalid length.
[  279.129715][T15320] loop5: detected capacity change from 0 to 512
[  279.165489][T15320] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  279.180290][T15320] EXT4-fs (loop5): orphan cleanup on readonly fs
[  279.191881][T15320] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3853: corrupted inode contents
[  279.225826][T15320] EXT4-fs (loop5): Remounting filesystem read-only
[  279.233007][T15320] EXT4-fs (loop5): 1 truncate cleaned up
[  279.239017][ T5078] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  279.249665][ T5078] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  279.278260][ T5078] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  279.289637][T15320] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  279.308608][T15320] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.358774][   T36] kernel write not supported for file bpf-prog (pid: 36 comm: kworker/1:1)
[  279.372373][T15331] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  279.372373][T15331]    program syz.2.3855 not setting count and/or reply_len properly
[  279.770007][T15352] loop7: detected capacity change from 0 to 7
[  279.812788][T15359] loop2: detected capacity change from 0 to 512
[  279.830157][T15359] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  279.885906][T15359] __quota_error: 672 callbacks suppressed
[  279.885920][T15359] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  279.901910][T15359] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  279.911968][T15359] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3865: Failed to acquire dquot type 1
[  279.934390][T15359] EXT4-fs (loop2): 1 truncate cleaned up
[  279.961896][T15359] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.104582][T11195] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.411167][T15386] loop5: detected capacity change from 0 to 512
[  280.448359][   T29] audit: type=1326 audit(2000000190.760:23389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15385 comm="syz.5.3872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  280.472871][   T29] audit: type=1326 audit(2000000190.760:23390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15385 comm="syz.5.3872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  280.496514][   T29] audit: type=1326 audit(2000000190.760:23391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15385 comm="syz.5.3872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3570d4ebe9 code=0x7ffc0000
[  280.521116][   T29] audit: type=1326 audit(2000000190.760:23392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15385 comm="syz.5.3872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3570d4ec23 code=0x7ffc0000
[  280.544795][   T29] audit: type=1326 audit(2000000190.770:23393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15385 comm="syz.5.3872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3570d4d69f code=0x7ffc0000
[  280.568478][   T29] audit: type=1326 audit(2000000190.790:23394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15385 comm="syz.5.3872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3570d4ec77 code=0x7ffc0000
[  280.592440][   T29] audit: type=1326 audit(2000000190.790:23395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15385 comm="syz.5.3872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3570d4d550 code=0x7ffc0000
[  280.616150][   T29] audit: type=1326 audit(2000000190.790:23396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15385 comm="syz.5.3872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3570d4e7eb code=0x7ffc0000
[  280.668370][T15386] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.688745][T15386] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  280.733895][T15396] netlink: 'syz.0.3876': attribute type 29 has an invalid length.
[  280.759266][T15396] loop0: detected capacity change from 0 to 512
[  280.775614][T15396] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  280.785255][T15396] EXT4-fs (loop0): orphan cleanup on readonly fs
[  280.795372][T15396] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.3876: corrupted inode contents
[  280.819321][T12874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.861314][T15396] EXT4-fs (loop0): Remounting filesystem read-only
[  280.874862][T15396] EXT4-fs (loop0): 1 truncate cleaned up
[  280.891143][ T5085] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  280.901903][ T5085] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  280.932931][ T5085] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  280.968370][T15396] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  280.988502][T15396] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.004274][T15414] __nla_validate_parse: 26 callbacks suppressed
[  281.004294][T15414] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3877'.
[  281.088227][T15430] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  281.088227][T15430]    program syz.2.3886 not setting count and/or reply_len properly
[  281.164617][   T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1)
[  281.178659][T15442] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  281.178659][T15442]    program syz.0.3890 not setting count and/or reply_len properly
[  281.280856][T15455] netlink: 'syz.5.3895': attribute type 29 has an invalid length.
[  281.313568][T15455] loop5: detected capacity change from 0 to 512
[  281.350292][T15455] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  281.368874][T15455] EXT4-fs (loop5): orphan cleanup on readonly fs
[  281.421449][T15455] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3895: corrupted inode contents
[  281.462948][T15455] EXT4-fs (loop5): Remounting filesystem read-only
[  281.481969][T15455] EXT4-fs (loop5): 1 truncate cleaned up
[  281.488091][ T5080] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  281.498940][ T5080] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  281.544663][ T5080] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  281.597685][T15455] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  281.611355][T15455] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.634828][T15468] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3899'.
[  281.707226][T15472] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  281.707226][T15472]    program syz.2.3900 not setting count and/or reply_len properly
[  281.804185][T15481] netlink: 'syz.1.3904': attribute type 29 has an invalid length.
[  281.826301][ T3363] kernel write not supported for file bpf-prog (pid: 3363 comm: kworker/1:2)
[  281.835965][T15481] loop1: detected capacity change from 0 to 512
[  281.837435][T15485] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  281.837435][T15485]    program syz.2.3905 not setting count and/or reply_len properly
[  281.862656][T15483] loop5: detected capacity change from 0 to 512
[  281.887891][T15483] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.905306][T15481] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  281.915946][T15481] EXT4-fs (loop1): orphan cleanup on readonly fs
[  281.929042][T15483] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  281.930420][T15481] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3904: corrupted inode contents
[  281.952084][T15481] EXT4-fs (loop1): Remounting filesystem read-only
[  281.958933][T15481] EXT4-fs (loop1): 1 truncate cleaned up
[  281.965254][ T5085] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  281.975997][ T5085] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  281.995622][ T5085] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  282.017807][T15481] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  282.031269][T15481] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.107653][T12874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.277303][T15522] netlink: 'syz.3.3912': attribute type 23 has an invalid length.
[  282.318272][T15525] netlink: 'syz.5.3915': attribute type 29 has an invalid length.
[  282.336939][T15525] loop5: detected capacity change from 0 to 512
[  282.511420][T15525] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  282.524957][T15525] EXT4-fs (loop5): orphan cleanup on readonly fs
[  282.534335][T15525] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.3915: corrupted inode contents
[  282.553808][T15525] EXT4-fs (loop5): Remounting filesystem read-only
[  282.562253][T15525] EXT4-fs (loop5): 1 truncate cleaned up
[  282.568211][ T5082] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  282.578897][ T5082] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  282.597557][ T5082] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  282.609427][T15525] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  282.627870][T15525] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.817768][T15530] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  282.817768][T15530]    program syz.2.3916 not setting count and/or reply_len properly
[  282.867377][    T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0)
[  282.878617][T15534] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  282.878617][T15534]    program syz.5.3918 not setting count and/or reply_len properly
[  282.924845][T15536] netlink: 'syz.2.3919': attribute type 29 has an invalid length.
[  282.981674][T15536] loop2: detected capacity change from 0 to 512
[  283.021615][T15536] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  283.074593][T15544] netlink: 'syz.3.3921': attribute type 29 has an invalid length.
[  283.083289][T15536] EXT4-fs (loop2): orphan cleanup on readonly fs
[  283.099609][T15544] loop3: detected capacity change from 0 to 512
[  283.114876][T15546] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3922'.
[  283.129861][T15536] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3919: corrupted inode contents
[  283.252521][T15544] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  283.281737][T15544] EXT4-fs (loop3): orphan cleanup on readonly fs
[  283.288600][T15536] EXT4-fs (loop2): Remounting filesystem read-only
[  283.322742][T15544] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.3921: corrupted inode contents
[  283.343876][T15536] EXT4-fs (loop2): 1 truncate cleaned up
[  283.349948][ T5086] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  283.360672][ T5086] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  283.505810][ T5086] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  283.528745][T15544] EXT4-fs (loop3): Remounting filesystem read-only
[  283.535404][T15536] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  283.535983][T15536] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.548238][T15544] EXT4-fs (loop3): 1 truncate cleaned up
[  283.569816][ T5084] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  283.580402][ T5084] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  283.617995][ T5084] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  283.634253][T15544] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  283.648083][T15544] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.545180][    T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0)
[  284.559305][T15595] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  284.559305][T15595]    program syz.2.3934 not setting count and/or reply_len properly
[  284.603956][T15597] loop2: detected capacity change from 0 to 1024
[  284.612478][T15597] EXT4-fs: inline encryption not supported
[  284.618505][T15597] EXT4-fs: Ignoring removed i_version option
[  284.637108][T15604] loop0: detected capacity change from 0 to 512
[  284.637141][T15599] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3936'.
[  284.648296][T15604] ext3: Unknown parameter 'nouser_xattr'
[  284.667621][T15604] netlink: 'syz.0.3937': attribute type 1 has an invalid length.
[  284.675528][T15604] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3937'.
[  284.690971][T15597] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  284.708110][T15608] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15608 comm=syz.5.3939
[  284.724913][   T36] hid_parser_main: 48 callbacks suppressed
[  284.724933][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x1
[  284.727316][T15609] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3937'.
[  284.730864][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  284.730891][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  284.762996][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  284.771291][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  284.773473][T15609] netlink: 'syz.0.3937': attribute type 13 has an invalid length.
[  284.779242][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x2
[  284.779268][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  284.779289][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  284.822192][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  284.829740][   T36] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  284.840774][   T36] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  284.848600][T15597] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.3935: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  284.877868][T15597] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3935: couldn't read orphan inode 11 (err -117)
[  284.891575][T15609] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  284.908395][T15608] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  284.912474][T15597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  284.928201][T15615] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  285.033960][   T36] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  285.084053][T15620] loop5: detected capacity change from 0 to 512
[  285.114819][T15620] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  285.125087][T15622] netlink: 216 bytes leftover after parsing attributes in process `syz.2.3935'.
[  285.134384][T15622] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3935'.
[  285.149191][T15620] __quota_error: 755 callbacks suppressed
[  285.149208][T15620] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  285.165334][T15620] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  285.175560][T15620] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3941: Failed to acquire dquot type 1
[  285.231166][T15620] EXT4-fs (loop5): 1 truncate cleaned up
[  285.325365][T15620] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.609439][T11195] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.701858][   T29] audit: type=1326 audit(2000000196.050:24116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15637 comm="syz.0.3945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  285.726152][   T29] audit: type=1326 audit(2000000196.050:24117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15637 comm="syz.0.3945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  285.750161][   T29] audit: type=1326 audit(2000000196.050:24118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15637 comm="syz.0.3945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  285.773823][   T29] audit: type=1326 audit(2000000196.050:24119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15637 comm="syz.0.3945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  285.797951][   T29] audit: type=1326 audit(2000000196.050:24120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15637 comm="syz.0.3945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  285.822227][   T29] audit: type=1326 audit(2000000196.050:24121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15637 comm="syz.0.3945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  285.845949][   T29] audit: type=1326 audit(2000000196.050:24122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15637 comm="syz.0.3945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  285.869524][   T29] audit: type=1326 audit(2000000196.050:24123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15637 comm="syz.0.3945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  285.924893][ T3363] kernel write not supported for file bpf-prog (pid: 3363 comm: kworker/1:2)
[  285.937820][T15645] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  285.937820][T15645]    program syz.3.3947 not setting count and/or reply_len properly
[  285.999673][T12874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.166201][T15657] loop5: detected capacity change from 0 to 512
[  286.173713][T15658] loop3: detected capacity change from 0 to 512
[  286.192208][T15657] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.192264][T15658] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.209564][T15657] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  286.218454][T15658] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  286.229937][T15657] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.241821][T15658] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.405715][T15666] loop0: detected capacity change from 0 to 512
[  286.413528][T15666] EXT4-fs: Ignoring removed i_version option
[  286.426613][T15666] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  286.438836][T15666] EXT4-fs (loop0): 1 truncate cleaned up
[  286.445088][T15666] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.497622][T15666] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15666 comm=syz.0.3951
[  286.523767][T12688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.783807][T15674] loop7: detected capacity change from 0 to 7
[  286.930625][T15676] __nla_validate_parse: 1 callbacks suppressed
[  286.930641][T15676] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3954'.
[  286.949159][   T36] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  287.008251][T15685] loop5: detected capacity change from 0 to 1024
[  287.018171][T15685] EXT4-fs: inline encryption not supported
[  287.024136][T15685] EXT4-fs: Ignoring removed i_version option
[  287.035453][T15685] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  287.130884][T15685] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #11: comm syz.5.3957: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  287.153538][T15685] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3957: couldn't read orphan inode 11 (err -117)
[  287.170616][T15685] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.280500][T15696] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15696 comm=syz.3.3958
[  287.320699][T15696] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  287.326639][T15698] netlink: 216 bytes leftover after parsing attributes in process `syz.5.3957'.
[  287.338375][T15698] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3957'.
[  287.344954][T15696] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  287.347555][T15698] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3957'.
[  287.534758][T15708] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3960'.
[  287.634584][T15712] netlink: 'syz.0.3962': attribute type 13 has an invalid length.
[  287.642555][T15712] netlink: 172 bytes leftover after parsing attributes in process `syz.0.3962'.
[  287.658499][T15712] erspan0: refused to change device tx_queue_len
[  287.695737][T12874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.283867][T15722] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3965'.
[  288.320080][T15724] dummy0: entered promiscuous mode
[  288.325413][T15724] dummy0: entered allmulticast mode
[  288.330000][T15726] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3967'.
[  288.396878][ T3363] kernel write not supported for file bpf-prog (pid: 3363 comm: kworker/1:2)
[  288.408260][T15735] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  288.408260][T15735]    program syz.5.3970 not setting count and/or reply_len properly
[  288.503242][T15745] netlink: 'syz.2.3975': attribute type 29 has an invalid length.
[  288.521062][T15745] loop2: detected capacity change from 0 to 512
[  288.542463][T15745] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  288.553927][T15745] EXT4-fs (loop2): orphan cleanup on readonly fs
[  288.562172][T15745] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3975: corrupted inode contents
[  288.574621][T15745] EXT4-fs (loop2): Remounting filesystem read-only
[  288.581387][T15745] EXT4-fs (loop2): 1 truncate cleaned up
[  288.600389][ T5082] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  288.611194][ T5082] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  288.624815][T15756] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15756 comm=syz.0.3978
[  288.641498][ T5082] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  288.661097][T15745] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  288.674696][T15745] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.798103][T15775] atomic_op ffff888113b59d28 conn xmit_atomic 0000000000000000
[  288.884524][   T36] kernel write not supported for file bpf-prog (pid: 36 comm: kworker/1:1)
[  288.896678][T15783] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  288.896678][T15783]    program syz.2.3985 not setting count and/or reply_len properly
[  288.943628][T15786] netlink: 'syz.2.3986': attribute type 29 has an invalid length.
[  288.957950][T15786] loop2: detected capacity change from 0 to 512
[  288.971064][T15786] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  288.979345][T15786] EXT4-fs (loop2): orphan cleanup on readonly fs
[  288.995380][T15786] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.3986: corrupted inode contents
[  289.007970][T15786] EXT4-fs (loop2): Remounting filesystem read-only
[  289.020023][T15786] EXT4-fs (loop2): 1 truncate cleaned up
[  289.026253][ T5059] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  289.037143][ T5059] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  289.095528][ T5059] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  289.169516][T15791] netlink: 'syz.1.3987': attribute type 29 has an invalid length.
[  289.186432][T15786] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  289.217680][T15786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.235355][T15791] loop1: detected capacity change from 0 to 512
[  289.253172][T15791] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  289.265706][T15791] EXT4-fs (loop1): orphan cleanup on readonly fs
[  289.277158][T15791] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.3987: corrupted inode contents
[  289.294641][T15791] EXT4-fs (loop1): Remounting filesystem read-only
[  289.307081][T15791] EXT4-fs (loop1): 1 truncate cleaned up
[  289.315629][ T5089] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  289.326341][ T5089] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  289.385609][ T5089] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  289.407772][T15791] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  289.424640][T15791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.462773][T15801] loop2: detected capacity change from 0 to 1024
[  289.469888][T15801] EXT4-fs: inline encryption not supported
[  289.476588][T15801] EXT4-fs: Ignoring removed i_version option
[  289.509826][T15801] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  289.526474][T15813] loop3: detected capacity change from 0 to 764
[  289.545051][T15801] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.3990: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  289.566734][T15801] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3990: couldn't read orphan inode 11 (err -117)
[  289.579837][T15801] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.602795][T15813] FAULT_INJECTION: forcing a failure.
[  289.602795][T15813] name failslab, interval 1, probability 0, space 0, times 0
[  289.616146][T15813] CPU: 1 UID: 0 PID: 15813 Comm: syz.3.3994 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[  289.616267][T15813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  289.616280][T15813] Call Trace:
[  289.616286][T15813]  <TASK>
[  289.616293][T15813]  __dump_stack+0x1d/0x30
[  289.616325][T15813]  dump_stack_lvl+0xe8/0x140
[  289.616343][T15813]  dump_stack+0x15/0x1b
[  289.616395][T15813]  should_fail_ex+0x265/0x280
[  289.616430][T15813]  should_failslab+0x8c/0xb0
[  289.616457][T15813]  kmem_cache_alloc_noprof+0x50/0x310
[  289.616487][T15813]  ? security_file_alloc+0x32/0x100
[  289.616576][T15813]  security_file_alloc+0x32/0x100
[  289.616660][T15813]  init_file+0x5c/0x1d0
[  289.616703][T15813]  alloc_empty_file+0x8b/0x200
[  289.616782][T15813]  path_openat+0x68/0x2170
[  289.616799][T15813]  ? __bpf_get_stackid+0x7d4/0x800
[  289.616866][T15813]  ? _parse_integer_limit+0x170/0x190
[  289.616903][T15813]  ? kstrtoull+0x111/0x140
[  289.617045][T15813]  ? kstrtouint+0x76/0xc0
[  289.617076][T15813]  do_filp_open+0x109/0x230
[  289.617102][T15813]  do_sys_openat2+0xa6/0x110
[  289.617208][T15813]  __x64_sys_openat+0xf2/0x120
[  289.617268][T15813]  x64_sys_call+0x2e9c/0x2ff0
[  289.617288][T15813]  do_syscall_64+0xd2/0x200
[  289.617316][T15813]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  289.617355][T15813]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  289.617377][T15813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.617398][T15813] RIP: 0033:0x7f5a1a9febe9
[  289.617422][T15813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.617459][T15813] RSP: 002b:00007f5a1945f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  289.617478][T15813] RAX: ffffffffffffffda RBX: 00007f5a1ac25fa0 RCX: 00007f5a1a9febe9
[  289.617491][T15813] RDX: 0000000000246840 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  289.617578][T15813] RBP: 00007f5a1945f090 R08: 0000000000000000 R09: 0000000000000000
[  289.617592][T15813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.617606][T15813] R13: 00007f5a1ac26038 R14: 00007f5a1ac25fa0 R15: 00007ffe6836c178
[  289.617628][T15813]  </TASK>
[  289.896651][T15828] 9pnet_fd: Insufficient options for proto=fd
[  289.919690][T15831] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15831 comm=syz.1.3998
[  289.947558][T15834] netlink: 'syz.0.4001': attribute type 29 has an invalid length.
[  289.973620][T15834] loop0: detected capacity change from 0 to 512
[  290.049594][T15834] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  290.074818][T15834] EXT4-fs (loop0): orphan cleanup on readonly fs
[  290.114646][T15834] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.4001: corrupted inode contents
[  290.162043][T15834] EXT4-fs (loop0): Remounting filesystem read-only
[  290.169605][T15834] EXT4-fs (loop0): 1 truncate cleaned up
[  290.181785][   T29] kauditd_printk_skb: 667 callbacks suppressed
[  290.181801][   T29] audit: type=1326 audit(2000000200.560:24773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15850 comm="syz.1.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  290.215525][ T5084] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  290.226166][ T5084] Quota error (device loop0): write_blk: dquota write failed
[  290.233760][ T5084] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries
[  290.243911][ T5084] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  290.254459][ T5084] Quota error (device loop0): write_blk: dquota write failed
[  290.262329][ T5084] Quota error (device loop0): free_dqentry: Can't move quota data block (5) to free list
[  290.272749][   T29] audit: type=1326 audit(2000000200.560:24774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15850 comm="syz.1.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  290.296371][   T29] audit: type=1326 audit(2000000200.560:24775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15850 comm="syz.1.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  290.299978][ T5084] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  290.320370][   T29] audit: type=1326 audit(2000000200.560:24776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15850 comm="syz.1.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  290.330554][ T5084] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  290.354299][   T29] audit: type=1326 audit(2000000200.560:24777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15850 comm="syz.1.4004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  290.387482][T11195] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.387570][T15834] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  290.388145][T15834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.550850][T15869] 9pnet_fd: Insufficient options for proto=fd
[  290.565228][T15869] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  290.565228][T15869]    program syz.2.4009 not setting count and/or reply_len properly
[  290.882924][T15900] netlink: 'syz.3.4018': attribute type 23 has an invalid length.
[  291.037216][T15905] 9pnet_fd: Insufficient options for proto=fd
[  291.045703][T15905] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  291.045703][T15905]    program syz.0.4021 not setting count and/or reply_len properly
[  291.107578][T15913] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15913 comm=syz.0.4025
[  291.206159][T15915] netlink: 'syz.1.4024': attribute type 23 has an invalid length.
[  291.709316][T15949] 9pnet_fd: Insufficient options for proto=fd
[  291.717444][T15949] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  291.717444][T15949]    program syz.2.4034 not setting count and/or reply_len properly
[  292.141044][T15963] __nla_validate_parse: 20 callbacks suppressed
[  292.141063][T15963] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4039'.
[  292.187451][T15968] loop0: detected capacity change from 0 to 1024
[  292.194884][T15968] EXT4-fs: inline encryption not supported
[  292.201002][T15968] EXT4-fs: Ignoring removed i_version option
[  292.207647][T15968] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  292.219511][T15968] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.4040: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  292.238951][T15968] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.4040: couldn't read orphan inode 11 (err -117)
[  292.251952][T15968] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.295866][T15968] netlink: 216 bytes leftover after parsing attributes in process `syz.0.4040'.
[  292.305063][T15968] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4040'.
[  292.314252][T15968] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4040'.
[  292.429114][T12688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.614709][ T3363] kernel write not supported for file bpf-prog (pid: 3363 comm: kworker/1:2)
[  292.635485][T15982] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  292.635485][T15982]    program syz.5.4044 not setting count and/or reply_len properly
[  292.886037][T15987] netlink: 'syz.2.4046': attribute type 29 has an invalid length.
[  292.987245][T15989] dummy0: entered promiscuous mode
[  292.992916][T15989] dummy0: entered allmulticast mode
[  293.054289][T15987] loop2: detected capacity change from 0 to 512
[  293.133788][T15987] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  293.195017][T15997] loop1: detected capacity change from 0 to 512
[  293.211813][T15987] EXT4-fs (loop2): orphan cleanup on readonly fs
[  293.269302][T15987] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.4046: corrupted inode contents
[  293.319061][T15997] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.412508][T15987] EXT4-fs (loop2): Remounting filesystem read-only
[  293.439537][T15997] ext4 filesystem being mounted at /228/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.450742][T15987] EXT4-fs (loop2): 1 truncate cleaned up
[  293.458415][ T5089] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  293.469232][ T5089] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  293.495288][T16008] loop3: detected capacity change from 0 to 1024
[  293.527944][T16012] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16012 comm=syz.0.4052
[  293.540802][T16008] EXT4-fs: inline encryption not supported
[  293.546911][T16008] EXT4-fs: Ignoring removed i_version option
[  293.562322][T16008] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  293.563395][ T5089] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  293.585197][T16012] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  293.590895][T16008] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.4051: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  293.595498][T16012] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  293.620842][T15997] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.621229][T15987] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  293.650232][T16008] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4051: couldn't read orphan inode 11 (err -117)
[  293.670595][T16008] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.672851][T15987] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.742774][T16008] netlink: 216 bytes leftover after parsing attributes in process `syz.3.4051'.
[  293.752652][T16008] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4051'.
[  293.762061][T16008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4051'.
[  293.875387][T12845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.973525][T16033] loop0: detected capacity change from 0 to 512
[  293.982404][T16033] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  294.002370][T16033] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.4057: Failed to acquire dquot type 1
[  294.023804][T16033] EXT4-fs (loop0): 1 truncate cleaned up
[  294.030279][T16033] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.054186][T16035] netlink: 'syz.1.4056': attribute type 23 has an invalid length.
[  294.076244][T12688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.800625][T16051] loop7: detected capacity change from 0 to 7
[  294.826579][T16055] 9pnet_fd: Insufficient options for proto=fd
[  294.834684][T16055] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  294.834684][T16055]    program syz.2.4064 not setting count and/or reply_len properly
[  294.893567][T16059] loop2: detected capacity change from 0 to 164
[  294.903033][T16059] bond0: (slave ip6gretap0): Error: Device can not be enslaved while up
[  294.964814][T16063] loop1: detected capacity change from 0 to 512
[  294.973773][T16065] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16065 comm=syz.0.4069
[  294.990553][T16065] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  294.992731][T16063] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  295.047466][T16063] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.4068: Failed to acquire dquot type 1
[  295.068733][T16063] EXT4-fs (loop1): 1 truncate cleaned up
[  295.077228][T16063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.080551][T16072] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16072 comm=syz.0.4071
[  295.197126][   T29] kauditd_printk_skb: 385 callbacks suppressed
[  295.197143][   T29] audit: type=1326 audit(2000000205.570:25152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16077 comm="syz.0.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  295.297173][   T29] audit: type=1326 audit(2000000205.570:25153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16077 comm="syz.0.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  295.321098][   T29] audit: type=1326 audit(2000000205.570:25154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16077 comm="syz.0.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  295.344798][   T29] audit: type=1326 audit(2000000205.570:25155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16077 comm="syz.0.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  295.368476][   T29] audit: type=1326 audit(2000000205.570:25156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16077 comm="syz.0.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  295.392295][   T29] audit: type=1326 audit(2000000205.570:25157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16077 comm="syz.0.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  295.416904][   T29] audit: type=1326 audit(2000000205.670:25158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16077 comm="syz.0.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  295.441368][   T29] audit: type=1326 audit(2000000205.670:25159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16077 comm="syz.0.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  295.488778][   T29] audit: type=1326 audit(2000000205.860:25160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16077 comm="syz.0.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  295.626855][T16090] netlink: 'syz.2.4073': attribute type 23 has an invalid length.
[  295.797467][T12006] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.833281][   T29] audit: type=1326 audit(2000000206.200:25161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16094 comm="syz.1.4075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  297.199874][T16126] FAULT_INJECTION: forcing a failure.
[  297.199874][T16126] name failslab, interval 1, probability 0, space 0, times 0
[  297.212718][T16126] CPU: 1 UID: 0 PID: 16126 Comm: syz.3.4084 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[  297.212790][T16126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  297.212881][T16126] Call Trace:
[  297.212889][T16126]  <TASK>
[  297.212899][T16126]  __dump_stack+0x1d/0x30
[  297.212924][T16126]  dump_stack_lvl+0xe8/0x140
[  297.212997][T16126]  dump_stack+0x15/0x1b
[  297.213017][T16126]  should_fail_ex+0x265/0x280
[  297.213082][T16126]  should_failslab+0x8c/0xb0
[  297.213111][T16126]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  297.213152][T16126]  ? alloc_inode+0x9a/0x170
[  297.213197][T16126]  alloc_inode+0x9a/0x170
[  297.213217][T16126]  alloc_anon_inode+0x1e/0x170
[  297.213238][T16126]  aio_setup_ring+0x91/0x760
[  297.213275][T16126]  ioctx_alloc+0x2c4/0x4e0
[  297.213339][T16126]  ? fput+0x8f/0xc0
[  297.213371][T16126]  __se_sys_io_setup+0x6b/0x1b0
[  297.213457][T16126]  __x64_sys_io_setup+0x31/0x40
[  297.213478][T16126]  x64_sys_call+0x2eff/0x2ff0
[  297.213499][T16126]  do_syscall_64+0xd2/0x200
[  297.213523][T16126]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  297.213617][T16126]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  297.213643][T16126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.213670][T16126] RIP: 0033:0x7f5a1a9febe9
[  297.213685][T16126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.213703][T16126] RSP: 002b:00007f5a1945f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  297.213735][T16126] RAX: ffffffffffffffda RBX: 00007f5a1ac25fa0 RCX: 00007f5a1a9febe9
[  297.213751][T16126] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004
[  297.213766][T16126] RBP: 00007f5a1945f090 R08: 0000000000000000 R09: 0000000000000000
[  297.213860][T16126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.213875][T16126] R13: 00007f5a1ac26038 R14: 00007f5a1ac25fa0 R15: 00007ffe6836c178
[  297.213896][T16126]  </TASK>
[  297.449144][   T36] kernel write not supported for file bpf-prog (pid: 36 comm: kworker/1:1)
[  297.490682][T16121] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  297.490682][T16121]    program syz.0.4081 not setting count and/or reply_len properly
[  297.530896][T16130] loop5: detected capacity change from 0 to 512
[  297.551227][T16130] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  297.569580][T16132] loop3: detected capacity change from 0 to 512
[  297.577065][T16132] EXT4-fs: Ignoring removed orlov option
[  297.587631][T16132] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  297.608773][T16137] loop0: detected capacity change from 0 to 1024
[  297.611928][T16130] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4085: Failed to acquire dquot type 1
[  297.616125][T16137] EXT4-fs: inline encryption not supported
[  297.632473][T16137] EXT4-fs: Ignoring removed i_version option
[  297.633942][T16130] EXT4-fs (loop5): 1 truncate cleaned up
[  297.639320][T16137] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  297.645102][T16130] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.672593][T16132] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  297.692284][T16132] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.4086: corrupted in-inode xattr: e_value size too large
[  297.731580][T16137] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.4088: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  297.754415][T12874] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.838416][T16132] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4086: couldn't read orphan inode 15 (err -117)
[  297.842084][T16137] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.4088: couldn't read orphan inode 11 (err -117)
[  297.882796][T16137] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.896116][T16132] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.203833][T16137] __nla_validate_parse: 5 callbacks suppressed
[  298.203849][T16137] netlink: 216 bytes leftover after parsing attributes in process `syz.0.4088'.
[  298.219578][T16137] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4088'.
[  298.228964][T16137] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4088'.
[  298.239998][T12845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.322937][T16162] loop3: detected capacity change from 0 to 1024
[  298.329903][T16162] EXT4-fs: inline encryption not supported
[  298.335862][T16162] EXT4-fs: Ignoring removed i_version option
[  298.342866][T16162] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  298.354847][T16162] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.4093: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  298.394369][T16162] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4093: couldn't read orphan inode 11 (err -117)
[  298.498362][T12688] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.603150][T16162] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.112914][T16176] netlink: 216 bytes leftover after parsing attributes in process `syz.3.4093'.
[  299.122089][T16176] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4093'.
[  299.131204][T16176] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4093'.
[  299.495602][T16187] loop7: detected capacity change from 0 to 7
[  299.658240][T12845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.734162][T16206] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16206 comm=syz.3.4106
[  299.751591][T16206] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  299.761684][T16206] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  299.800377][T16208] loop5: detected capacity change from 0 to 512
[  299.837813][T16208] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  299.862677][T16208] EXT4-fs (loop5): orphan cleanup on readonly fs
[  299.890564][T16208] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4107: corrupted inode contents
[  299.939706][T16208] EXT4-fs (loop5): Remounting filesystem read-only
[  299.977920][T16208] EXT4-fs (loop5): 1 truncate cleaned up
[  299.986123][ T5084] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  299.996901][ T5084] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  300.014208][ T5084] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  300.041262][T16208] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  300.070269][T16208] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.092286][T16227] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4113'.
[  300.176919][T16238] loop0: detected capacity change from 0 to 512
[  300.200234][   T29] kauditd_printk_skb: 410 callbacks suppressed
[  300.200311][   T29] audit: type=1326 audit(2000000210.570:25564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.0.4117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fadc63cd84a code=0x7ffc0000
[  300.229991][   T29] audit: type=1326 audit(2000000210.570:25565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.0.4117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fadc63cd84a code=0x7ffc0000
[  300.253418][   T29] audit: type=1326 audit(2000000210.570:25566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.0.4117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fadc63cd457 code=0x7ffc0000
[  300.258630][T16243] FAULT_INJECTION: forcing a failure.
[  300.258630][T16243] name failslab, interval 1, probability 0, space 0, times 0
[  300.277160][   T29] audit: type=1326 audit(2000000210.570:25567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16237 comm="syz.0.4117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fadc63d038a code=0x7ffc0000
[  300.285805][T16238] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  300.289822][T16243] CPU: 1 UID: 0 PID: 16243 Comm: syz.5.4118 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[  300.289853][T16243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  300.289867][T16243] Call Trace:
[  300.289875][T16243]  <TASK>
[  300.289884][T16243]  __dump_stack+0x1d/0x30
[  300.289983][T16243]  dump_stack_lvl+0xe8/0x140
[  300.290004][T16243]  dump_stack+0x15/0x1b
[  300.290023][T16243]  should_fail_ex+0x265/0x280
[  300.290059][T16243]  should_failslab+0x8c/0xb0
[  300.290103][T16243]  kmem_cache_alloc_noprof+0x50/0x310
[  300.290140][T16243]  ? security_inode_alloc+0x37/0x100
[  300.290169][T16243]  security_inode_alloc+0x37/0x100
[  300.290196][T16243]  inode_init_always_gfp+0x4b7/0x500
[  300.290252][T16243]  ? __pfx_sock_alloc_inode+0x10/0x10
[  300.290405][T16243]  alloc_inode+0x58/0x170
[  300.290427][T16243]  __sock_create+0x122/0x5b0
[  300.290456][T16243]  ? fput+0x8f/0xc0
[  300.290566][T16243]  __sys_socket+0xb0/0x180
[  300.290594][T16243]  __x64_sys_socket+0x3f/0x50
[  300.290643][T16243]  x64_sys_call+0x1147/0x2ff0
[  300.290666][T16243]  do_syscall_64+0xd2/0x200
[  300.290692][T16243]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  300.290719][T16243]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  300.290771][T16243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.290799][T16243] RIP: 0033:0x7f3570d4ebe9
[  300.290817][T16243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.290908][T16243] RSP: 002b:00007f356f796038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  300.290942][T16243] RAX: ffffffffffffffda RBX: 00007f3570f76090 RCX: 00007f3570d4ebe9
[  300.290956][T16243] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000028
[  300.290969][T16243] RBP: 00007f356f796090 R08: 0000000000000000 R09: 0000000000000000
[  300.290983][T16243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.291032][T16243] R13: 00007f3570f76128 R14: 00007f3570f76090 R15: 00007fffaab052d8
[  300.291051][T16243]  </TASK>
[  300.291076][T16243] socket: no more sockets
[  300.317690][T16238] EXT4-fs (loop0): orphan cleanup on readonly fs
[  300.361634][T16249] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4120'.
[  300.691612][T16238] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.4117: corrupted inode contents
[  300.707155][T16252] dummy0: entered promiscuous mode
[  300.712999][T16252] dummy0: entered allmulticast mode
[  300.722405][T16238] EXT4-fs (loop0): Remounting filesystem read-only
[  300.730788][T16238] EXT4-fs (loop0): 1 truncate cleaned up
[  300.737885][ T5089] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  300.748727][ T5089] Quota error (device loop0): write_blk: dquota write failed
[  300.756263][ T5089] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries
[  300.766736][ T5089] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  300.777687][ T5089] Quota error (device loop0): write_blk: dquota write failed
[  300.785250][ T5089] Quota error (device loop0): free_dqentry: Can't move quota data block (5) to free list
[  300.853511][ T5089] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  300.863690][ T5089] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  300.877056][ T5089] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  300.887709][T16238] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  300.906348][T16238] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.005386][T16270] loop2: detected capacity change from 0 to 1024
[  301.021420][T16270] EXT4-fs: inline encryption not supported
[  301.027349][T16270] EXT4-fs: Ignoring removed i_version option
[  301.029058][T16272] 9pnet_fd: Insufficient options for proto=fd
[  301.046550][T16270] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  301.061340][T16272] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  301.061340][T16272]    program syz.3.4127 not setting count and/or reply_len properly
[  301.077955][T16270] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.4128: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  301.112429][T16279] loop5: detected capacity change from 0 to 512
[  301.153927][T16279] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  301.155332][T16270] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4128: couldn't read orphan inode 11 (err -117)
[  301.289460][T16291] loop3: detected capacity change from 0 to 1024
[  301.296422][T16291] EXT4-fs: inline encryption not supported
[  301.302409][T16291] EXT4-fs: Ignoring removed i_version option
[  301.319367][T16291] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  301.376803][T16297] loop2: detected capacity change from 0 to 512
[  301.402705][T16297] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  301.406437][T16291] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.4134: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  301.430382][T16291] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4134: couldn't read orphan inode 11 (err -117)
[  301.444934][T16297] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.4135: Failed to acquire dquot type 1
[  301.485149][T16297] EXT4-fs (loop2): 1 truncate cleaned up
[  302.619692][T16330] loop2: detected capacity change from 0 to 1024
[  302.637708][T16330] EXT4-fs: inline encryption not supported
[  302.643808][T16330] EXT4-fs: Ignoring removed i_version option
[  302.705733][T16330] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  303.047852][T16334] loop1: detected capacity change from 0 to 1024
[  303.057915][T16336] 9pnet_fd: Insufficient options for proto=fd
[  303.064908][T16330] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.4141: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  303.068966][T16334] EXT4-fs: inline encryption not supported
[  303.089237][T16334] EXT4-fs: Ignoring removed i_version option
[  303.101750][T16336] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  303.101750][T16336]    program syz.5.4147 not setting count and/or reply_len properly
[  303.115703][T16330] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4141: couldn't read orphan inode 11 (err -117)
[  303.131570][T16334] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  303.160935][T16334] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz.1.4146: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  303.203739][T16334] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.4146: couldn't read orphan inode 11 (err -117)
[  303.231324][T16344] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16344 comm=syz.5.4150
[  303.285284][T16346] loop0: detected capacity change from 0 to 512
[  303.292689][T16346] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  303.306689][T16344] __nla_validate_parse: 12 callbacks suppressed
[  303.306707][T16344] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  303.394453][T16346] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.4151: Failed to acquire dquot type 1
[  303.412876][T16344] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  303.445226][T16346] EXT4-fs (loop0): 1 truncate cleaned up
[  303.505663][T16357] netlink: 216 bytes leftover after parsing attributes in process `syz.1.4146'.
[  303.515210][T16357] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4146'.
[  303.524268][T16357] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4146'.
[  303.535278][T16358] 9pnet_fd: Insufficient options for proto=fd
[  303.555410][T16358] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  303.555410][T16358]    program syz.2.4154 not setting count and/or reply_len properly
[  303.606529][T16366] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16366 comm=syz.5.4157
[  303.630133][T16367] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4155'.
[  303.674063][T16366] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  303.689401][T16366] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  303.775569][T16377] loop5: detected capacity change from 0 to 512
[  303.838594][T16377] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  303.847062][T16377] EXT4-fs (loop5): orphan cleanup on readonly fs
[  303.858962][T16377] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4161: corrupted inode contents
[  303.897992][T16377] EXT4-fs (loop5): Remounting filesystem read-only
[  303.905628][T16377] EXT4-fs (loop5): 1 truncate cleaned up
[  303.911898][ T5086] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  303.922547][ T5086] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  303.944832][ T5086] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  304.163775][T16389] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4164'.
[  304.745705][T16416] netlink: 'syz.1.4169': attribute type 23 has an invalid length.
[  304.941868][T16425] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16425 comm=syz.5.4175
[  304.958697][T16425] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  305.270370][   T29] kauditd_printk_skb: 348 callbacks suppressed
[  305.270386][   T29] audit: type=1400 audit(2000000215.550:25906): avc:  denied  { bind } for  pid=16430 comm="syz.5.4176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  305.296151][   T29] audit: type=1400 audit(2000000215.550:25907): avc:  denied  { listen } for  pid=16430 comm="syz.5.4176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  305.316126][   T29] audit: type=1400 audit(2000000215.560:25908): avc:  denied  { write } for  pid=16430 comm="syz.5.4176" path="socket:[49649]" dev="sockfs" ino=49649 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  305.339859][   T29] audit: type=1400 audit(2000000215.610:25909): avc:  denied  { shutdown } for  pid=16430 comm="syz.5.4176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  305.423857][   T29] audit: type=1400 audit(2000000215.750:25910): avc:  denied  { connect } for  pid=16430 comm="syz.5.4176" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  305.445598][   T29] audit: type=1326 audit(2000000215.750:25911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16408 comm="syz.0.4170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  305.469349][   T29] audit: type=1326 audit(2000000215.750:25912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16408 comm="syz.0.4170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  305.493454][   T29] audit: type=1326 audit(2000000215.750:25913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16408 comm="syz.0.4170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  305.517323][   T29] audit: type=1326 audit(2000000215.750:25914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16408 comm="syz.0.4170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  305.541343][   T29] audit: type=1326 audit(2000000215.750:25915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16408 comm="syz.0.4170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fadc63cebe9 code=0x7ffc0000
[  305.597009][T16439] loop3: detected capacity change from 0 to 512
[  305.619684][T16439] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  305.631499][T16439] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.4174: Failed to acquire dquot type 1
[  305.643659][T16439] EXT4-fs (loop3): 1 truncate cleaned up
[  305.653930][T16451] loop1: detected capacity change from 0 to 512
[  305.661899][T16451] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  305.735745][T16467] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16467 comm=syz.2.4184
[  305.786100][T16472] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16472 comm=syz.2.4186
[  306.504771][T16495] x_tables: ip_tables: udp match: only valid for protocol 17
[  306.829463][T16509] loop1: detected capacity change from 0 to 1024
[  306.836776][T16509] EXT4-fs: inline encryption not supported
[  306.842706][T16509] EXT4-fs: Ignoring removed i_version option
[  306.862763][T16511] 9pnet_fd: Insufficient options for proto=fd
[  306.901374][T16511] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  306.901374][T16511]    program syz.5.4197 not setting count and/or reply_len properly
[  307.010377][T16513] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16513 comm=syz.2.4198
[  307.022472][T16509] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  307.044797][T16509] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz.1.4196: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  307.067458][T16509] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.4196: couldn't read orphan inode 11 (err -117)
[  307.648082][T16547] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode active-backup(1)
[  308.021687][T16561] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16561 comm=syz.2.4211
[  308.037804][T16560] loop5: detected capacity change from 0 to 512
[  308.048774][T16560] EXT4-fs: Ignoring removed orlov option
[  308.055033][T16560] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  308.068194][T16560] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  308.078008][T16560] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.4210: corrupted in-inode xattr: e_value size too large
[  308.092383][T16560] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.4210: couldn't read orphan inode 15 (err -117)
[  308.231427][T16573] netlink: 'syz.2.4216': attribute type 29 has an invalid length.
[  308.238544][T16575] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16575 comm=syz.5.4217
[  308.250230][T16573] loop2: detected capacity change from 0 to 512
[  308.283589][T16573] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  308.300310][T16573] EXT4-fs (loop2): orphan cleanup on readonly fs
[  308.308531][T16573] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.4216: corrupted inode contents
[  308.330841][T16573] EXT4-fs (loop2): Remounting filesystem read-only
[  308.337495][T16573] EXT4-fs (loop2): 1 truncate cleaned up
[  308.343507][ T5085] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  308.354291][ T5085] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  308.369846][ T5085] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  308.408859][T16586] __nla_validate_parse: 24 callbacks suppressed
[  308.408873][T16586] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4221'.
[  308.546729][T16597] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4226'.
[  309.830367][T16608] netlink: 'syz.0.4229': attribute type 23 has an invalid length.
[  309.898915][T16619] netlink: 'syz.1.4232': attribute type 29 has an invalid length.
[  309.913653][T16619] loop1: detected capacity change from 0 to 512
[  309.941556][T16619] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  309.950160][T16619] EXT4-fs (loop1): orphan cleanup on readonly fs
[  309.958769][T16619] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.4232: corrupted inode contents
[  309.972074][T16619] EXT4-fs (loop1): Remounting filesystem read-only
[  309.978850][T16619] EXT4-fs (loop1): 1 truncate cleaned up
[  309.984922][T16626] netlink: 'syz.3.4230': attribute type 23 has an invalid length.
[  309.993022][ T5084] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  310.003683][ T5084] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  310.014714][ T5084] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  310.025618][T16619] EXT4-fs mount: 26 callbacks suppressed
[  310.025711][T16619] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  310.047634][T16619] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.243285][T16656] netlink: 'syz.0.4240': attribute type 29 has an invalid length.
[  310.258355][T16656] loop0: detected capacity change from 0 to 512
[  310.272003][T16656] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  310.280291][T16656] EXT4-fs (loop0): orphan cleanup on readonly fs
[  310.288248][T16656] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.4240: corrupted inode contents
[  310.300739][T16656] EXT4-fs (loop0): Remounting filesystem read-only
[  310.307527][T16656] EXT4-fs (loop0): 1 truncate cleaned up
[  310.314516][ T5086] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  310.325425][ T5086] __quota_error: 497 callbacks suppressed
[  310.325442][ T5086] Quota error (device loop0): write_blk: dquota write failed
[  310.338650][ T5086] Quota error (device loop0): remove_free_dqentry: Can't write block (5) with free entries
[  310.348687][ T5086] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  310.359226][ T5086] Quota error (device loop0): write_blk: dquota write failed
[  310.366844][ T5086] Quota error (device loop0): free_dqentry: Can't move quota data block (5) to free list
[  310.410184][ T5086] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  310.420991][ T5086] Quota error (device loop0): v2_write_file_info: Can't write info structure
[  310.429954][ T5086] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  310.444771][T16656] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  310.457207][   T29] audit: type=1326 audit(2000000220.830:26399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16643 comm="syz.1.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  310.457771][T16656] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.482851][   T29] audit: type=1326 audit(2000000220.870:26400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16643 comm="syz.1.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  310.516547][   T29] audit: type=1326 audit(2000000220.900:26401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16643 comm="syz.1.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  310.540361][   T29] audit: type=1326 audit(2000000220.900:26402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16643 comm="syz.1.4238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf6c1aebe9 code=0x7ffc0000
[  311.461870][T16674] loop1: detected capacity change from 0 to 1764
[  311.584354][T16674] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4244'.
[  311.606891][T16674] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4244'.
[  311.619841][T16684] netlink: 'syz.3.4248': attribute type 29 has an invalid length.
[  311.623238][T16680] netlink: 'syz.0.4245': attribute type 23 has an invalid length.
[  311.635495][T16684] loop3: detected capacity change from 0 to 512
[  311.652079][T16684] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  311.660542][T16684] EXT4-fs (loop3): orphan cleanup on readonly fs
[  311.671384][T16684] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #16: comm syz.3.4248: corrupted inode contents
[  311.683931][T16684] EXT4-fs (loop3): Remounting filesystem read-only
[  311.701428][T16684] EXT4-fs (loop3): 1 truncate cleaned up
[  311.717803][T16689] 9pnet_fd: Insufficient options for proto=fd
[  311.724256][ T5084] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  311.735562][ T5084] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  311.764278][T16690] FAULT_INJECTION: forcing a failure.
[  311.764278][T16690] name fail_futex, interval 1, probability 0, space 0, times 1
[  311.777229][T16690] CPU: 1 UID: 0 PID: 16690 Comm: syz.2.4249 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[  311.777260][T16690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  311.777272][T16690] Call Trace:
[  311.777288][T16690]  <TASK>
[  311.777298][T16690]  __dump_stack+0x1d/0x30
[  311.777330][T16690]  dump_stack_lvl+0xe8/0x140
[  311.777353][T16690]  dump_stack+0x15/0x1b
[  311.777370][T16690]  should_fail_ex+0x265/0x280
[  311.777408][T16690]  should_fail+0xb/0x20
[  311.777464][T16690]  get_futex_key+0x8e3/0xbd0
[  311.777490][T16690]  futex_wait_requeue_pi+0x15c/0x640
[  311.777545][T16690]  ? __pfx_futex_wake_mark+0x10/0x10
[  311.777581][T16690]  do_futex+0x136/0x380
[  311.777609][T16690]  __se_sys_futex+0x2ed/0x360
[  311.777688][T16690]  __x64_sys_futex+0x78/0x90
[  311.777717][T16690]  x64_sys_call+0x2e39/0x2ff0
[  311.777773][T16690]  do_syscall_64+0xd2/0x200
[  311.777801][T16690]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  311.777828][T16690]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  311.777884][T16690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.777910][T16690] RIP: 0033:0x7f625b32ebe9
[  311.777927][T16690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.777946][T16690] RSP: 002b:00007f6259d97038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  311.778026][T16690] RAX: ffffffffffffffda RBX: 00007f625b555fa0 RCX: 00007f625b32ebe9
[  311.778039][T16690] RDX: 0000000000000000 RSI: 000080000000000b RDI: 000020000000cffc
[  311.778053][T16690] RBP: 00007f6259d97090 R08: 0000200000048000 R09: 0000000000000300
[  311.778069][T16690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.778084][T16690] R13: 00007f625b556038 R14: 00007f625b555fa0 R15: 00007ffc70012bb8
[  311.778105][T16690]  </TASK>
[  311.834492][ T5084] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  311.960749][T16689] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  311.960749][T16689]    program syz.5.4250 not setting count and/or reply_len properly
[  311.968159][    T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0)
[  311.992940][T16684] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  312.013279][T16696] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  312.013279][T16696]    program syz.0.4251 not setting count and/or reply_len properly
[  312.040589][T16684] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.078895][T16702] netlink: 'syz.5.4255': attribute type 29 has an invalid length.
[  312.097012][T16702] loop5: detected capacity change from 0 to 512
[  312.114097][T16702] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  312.124749][T16702] EXT4-fs (loop5): orphan cleanup on readonly fs
[  312.136389][T16702] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #16: comm syz.5.4255: corrupted inode contents
[  312.149215][T16702] EXT4-fs (loop5): Remounting filesystem read-only
[  312.159421][T16702] EXT4-fs (loop5): 1 truncate cleaned up
[  312.213481][ T5086] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  312.224109][ T5086] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  312.266582][ T5086] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  312.277287][T16702] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  312.290622][T16702] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.669958][T16721] loop7: detected capacity change from 0 to 7
[  313.006788][T16731] syz_tun: entered allmulticast mode
[  313.017260][    T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0)
[  313.062164][T16733] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  313.062164][T16733]    program syz.0.4260 not setting count and/or reply_len properly
[  313.111189][ T5085] ==================================================================
[  313.119394][ T5085] BUG: KCSAN: data-race in __stop_tty / pty_write_room
[  313.126263][ T5085] 
[  313.128603][ T5085] write to 0xffff888136c9e9bc of 1 bytes by task 16736 on cpu 0:
[  313.136398][ T5085]  __stop_tty+0x36/0x90
[  313.140548][ T5085]  n_tty_ioctl_helper+0x1e9/0x210
[  313.145656][ T5085]  n_tty_ioctl+0x101/0x200
[  313.150085][ T5085]  tty_ioctl+0x842/0xb80
[  313.154346][ T5085]  __se_sys_ioctl+0xcb/0x140
[  313.159047][ T5085]  __x64_sys_ioctl+0x43/0x50
[  313.163670][ T5085]  x64_sys_call+0x1816/0x2ff0
[  313.168367][ T5085]  do_syscall_64+0xd2/0x200
[  313.172886][ T5085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.178778][ T5085] 
[  313.181092][ T5085] read to 0xffff888136c9e9bc of 1 bytes by task 5085 on cpu 1:
[  313.188657][ T5085]  pty_write_room+0x19/0x70
[  313.193159][ T5085]  tty_write_room+0x3f/0x60
[  313.198175][ T5085]  __process_echoes+0x36/0x6b0
[  313.202934][ T5085]  n_tty_receive_buf_common+0x8e4/0xbe0
[  313.208475][ T5085]  n_tty_receive_buf2+0x33/0x40
[  313.213331][ T5085]  tty_ldisc_receive_buf+0x63/0xf0
[  313.218444][ T5085]  tty_port_default_receive_buf+0x59/0x90
[  313.224172][ T5085]  flush_to_ldisc+0x148/0x340
[  313.228856][ T5085]  process_scheduled_works+0x4ce/0x9d0
[  313.234323][ T5085]  worker_thread+0x582/0x770
[  313.238913][ T5085]  kthread+0x486/0x510
[  313.242982][ T5085]  ret_from_fork+0xda/0x150
[  313.247493][ T5085]  ret_from_fork_asm+0x1a/0x30
[  313.252259][ T5085] 
[  313.254572][ T5085] value changed: 0x00 -> 0x01
[  313.259228][ T5085] 
[  313.261534][ T5085] Reported by Kernel Concurrency Sanitizer on:
[  313.267811][ T5085] CPU: 1 UID: 0 PID: 5085 Comm: kworker/u8:51 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT(voluntary) 
[  313.280167][ T5085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  313.290401][ T5085] Workqueue: events_unbound flush_to_ldisc
[  313.296222][ T5085] ==================================================================
[  313.320580][T16740] netlink: 'syz.3.4261': attribute type 23 has an invalid length.
[  313.430157][T16744] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=16744 comm=syz.5.4262
[  313.459138][T16730] syz_tun: left allmulticast mode