last executing test programs:

4m12.391874748s ago: executing program 1 (id=1285):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0xd3f, &(0x7f00000003c0)={0x0, 0x8000000, 0x100, 0x0, 0x220}, &(0x7f0000000700)=<r3=>0x0, &(0x7f00000002c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0xce3, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r2, 0x4ac9, 0x1800, 0x0, 0x0, 0x0)

4m12.196857719s ago: executing program 1 (id=1291):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
io_setup(0x8, &(0x7f00000001c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000c00)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x8, 0x4, r1, 0x0, 0x0, 0x1}])
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f00000002c0)='GPL\x00', 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r3}, 0x10)
r4 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000005c0)={[{@resgid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@grpid}, {@init_itable_val={'init_itable', 0x3d, 0x6}}]}, 0x3, 0x42f, &(0x7f0000000d80)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
flistxattr(r4, &(0x7f0000000200)=""/187, 0xbb)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100002c34c027000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f0000000000), 0x7, 0x4c6, &(0x7f0000000100)="$eJzs3EFsFFUfAPD/bFtaoHzsx8eHgqiLaGw0tlBQOJgYjCYeNDHiQY9NWwhSqKE1EUJkSQweDYl349GrB6/qzXgy8YpHE0NCDBfA05jZnW23292l3W670v5+ybLvzbzZN2/fvDdv3mMbwJZVyv5JIoYj4lZE7I6IQmOCUvXt/t2rkw/uXp2Mcpqe/ivJDot7WTyX5O8788hIIaLwebK4o87c5SvnJ2Zmpi/l8bH5Cx+PzV2+8tK5CxNnp89OXxw/efL4saMnXhl/efWFapJfVq57Bz6bPbj/rQ9vvjPZX9s+lL/Xl6NbSlFqdioVz3U7sx7bVRdO+tulfG39T4YVy67/rLoGKu1/d/RF28oDNpE0TdPB1rvLaaPry7YAj6wken0GQG/UbvTZ82/t1WwgsG19hh89d+dU9QEoK/f9/BXxdGVjbR5koOH5tptKEfFB+e+vs1es0zwEAEC9H0/VRoIN479ixL66dP/J11CKEfHfiNgTEf+LiL0R8f+opn0sIh5v+Py+iEjb5F9qiC8f/xRur62E7WXjv1fzta3F8V/Ur4IV+/LYrojagHn6SP6djMTA4JlzM9NH2+Tx0xu/fdlqX/34L3tl+dfGgvl53O5vmKCbmpif6LjADe5cjzjQ31j+pD8iWVgJSCJif0QcWMXnFuvC51749uBCZGBpuoeXvyJtuo7WhaWK9JuI56v1X44l9b+YY9J+fXJsKGamj4xlV8GRpnn88uuNd1vl/9Dyf/9H4yFvnvjhdN6y1i6r/x1113/U1m8Xy19MIpKF9dq51edx4/cvWj7TdHr9b0ver4Rrz6WfTszPXzoasS15e/n28cVja/HsPcrV8o8cbt7+9+THZN/EExGRXcRPRsRTUX1CLEV67VBEPBMRh9uU/+fXn/2o8/Kvr6z8U037vyX1v7he3yqQlKupm+zqO3/o1oMWncfK6v94JTSSb2ne/yVLuog2Z7oksNbvDwAAAB4FhYgYrptLGo5CYXS0Oge0N3YUZmbn5l88M/vJxanqbwSKMVCozXRV54MHktr8Z7EuPt4QP5bPG3/Vt70SH52cnZnqacmBnZU2nxRGF/qCavvP/NmdKWbg38xPfmDrelj733dzg04E2HDu/7B11bX/coskZf9TBjanldz/zQXC5tSs/V/r4Bjg0ZJqy7Clrab96ytgc+mP9xbChZ6eCbDR3NNhS1rRj+Q7DqSDzXcNxfLEMdT+A/uis9PY3iSvngSykVVPct/eyVG1v6bQMk0UVveBg9GdOj2z9q/l7L6uX/xpvj7W7Rr8bkPaabNA+35jfHj9+iQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBu+icAAP//KPXcbw==")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x140400, 0x13)
ioctl$FS_IOC_ENABLE_VERITY(r6, 0x8004587d, &(0x7f0000000140)={0x2, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
getxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@known='security.selinux\x00', 0x0, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
write$cgroup_int(r7, &(0x7f0000000040)=0x900, 0x12)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r10}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000"], 0x48)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
execve(&(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

4m11.596521852s ago: executing program 1 (id=1303):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0xd3f, &(0x7f00000003c0)={0x0, 0x8000000, 0x100, 0x0, 0x220}, &(0x7f0000000700)=<r3=>0x0, &(0x7f00000002c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0xce3, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r2, 0x4ac9, 0x1800, 0x0, 0x0, 0x0)

4m11.378232963s ago: executing program 1 (id=1310):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000080)={[{@nolazytime}, {}]}, 0x6, 0x4eb, &(0x7f0000000a40)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = semget$private(0x0, 0x4, 0x0)
semop(r0, &(0x7f0000000380)=[{0x0, 0x440}, {0x3, 0xffff}], 0x2)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000080)=[0x7fff])
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000380)=""/99, 0x63)
semtimedop(r0, &(0x7f0000000280)=[{0x1, 0x401, 0x1800}, {0x0, 0x3, 0x1800}], 0x2, &(0x7f0000000180))
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000640)={{r3}, &(0x7f00000005c0), &(0x7f0000000600)='%pi6   \x00'}, 0x20)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r2, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, &(0x7f00000001c0)=[0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0xe3, &(0x7f0000000240)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0xdc, 0x8, 0x8, &(0x7f0000000340)}}, 0x10)
semctl$GETALL(r0, 0x0, 0xd, &(0x7f00000007c0)=""/47)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x7, 0x26, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x401}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@map_idx_val={0x18, 0x1, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x801, 0x0, 0x0, 0x0, 0x1c5}, @cb_func={0x18, 0xa}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0xf6, '\x00', 0x0, @fallback=0x38, r4, 0x8, &(0x7f00000000c0)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000100)={0x5, 0x8, 0x26, 0x8001}, 0x10, r5, r2, 0x1, 0x0, &(0x7f00000006c0)=[{0x2, 0x3, 0x8, 0x3}], 0x10, 0x10, @void, @value}, 0x94)
getdents64(r2, 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000063012100000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r6, 0x84, 0xa, &(0x7f0000000080)={0x800, 0x0, 0x200, 0x2, 0x2, 0x0, 0x0, 0x0, r8}, 0x20)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000800)={r8, 0x2600000, 0x10}, &(0x7f0000000840)=0xc)
getdents64(r2, 0x0, 0x44)

4m11.164596864s ago: executing program 1 (id=1311):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7220, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@map=r3, r2, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r3, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r1}, 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = open(&(0x7f0000000780)='./bus\x00', 0x143a42, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
fsetxattr$security_selinux(r5, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:tmpfs_t:s0\x00', 0x1d, 0x2)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r8=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000620000095"], &(0x7f0000000200)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', r8, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4m10.2053909s ago: executing program 1 (id=1316):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r0, 0x8004745a, 0x2000000c)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f00000001c0), 0x74)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x3ff, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.net/syz1\x00', 0x1ff)
pselect6(0xf2e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0)
mkdirat$cgroup(r3, &(0x7f00000000c0)='syz1\x00', 0x1ff)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))

4m10.20490616s ago: executing program 32 (id=1316):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r0, 0x8004745a, 0x2000000c)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f00000001c0), 0x74)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x3ff, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.net/syz1\x00', 0x1ff)
pselect6(0xf2e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0)
mkdirat$cgroup(r3, &(0x7f00000000c0)='syz1\x00', 0x1ff)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))

2m9.556655984s ago: executing program 3 (id=3189):
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_free\x00', r0, 0x0, 0xfff7ffffffffff76}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000240)='+}[@\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
creat(&(0x7f00000000c0)='./file0\x00', 0x0) (fail_nth: 2)

2m9.260162346s ago: executing program 3 (id=3194):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYRESOCT], 0x7c}}, 0x48000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x7, 0x0, &(0x7f0000000100)="e0b9547ed387db", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x10004, 0x3, 0x0, 0x1, 0x4, 0x9, 0x2, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="ec000000210001000000000000000000e0000001000000000000000000000000ff02000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000009c00110000000000000000000000000000000001ffffffff00000000000000000000000064010101000000000000000a010100000000000000000000000000000000400635000000000a0000000000000000000000000000000001ffffffff000000000000000000000000fe8000000000000000000000000000aafe8800000000000000000000000000012b00"/159], 0xec}}, 0x0)
r1 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000080)='.\x00', 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000500)=ANY=[], 0x1, 0x2b6, &(0x7f00000000c0)="$eJzs3UFrY1UUAODz0jSNukgRN4qLB7pwVaZu3bTKCGJXSgR1ocXpgCRhIIWAI5iZ1fwCl/4Pf4IbN/4Dwa3gri6qV17ee01iX9PS1hT1+1an995z73nvQrrKyeevjgYPHmXx9OTn6HazaO3FXvyZxXa0ovYk2nFe0xgA8G/we0rxW7pOZrt1+9UAAOtQ/v8v3XUtAMB6fPjxJ+/vHxzc/yDPu/Fy79mkn0XE6NmkX87vP4wvYxhHcS96cRqRzpTxu+8d3I92XtiO10fTSb/IHH32Y7X//q8Rs/zd6MV2c/5uXlrIn076m/F85LH/cLMutRcvNee/2ZAf/U688dpC/TvRi5++iEcxjAdR5M7zv9nN83fStydff1ocU+RnrehvzdbNpY113gsAAAAAAAAAAAAAAAAAAAAAAP9tO3mele17Zv17iqGq/87G6Wx+J69tL/fnKfOzeqOyP1CKqkXPNMV3dX+de3mep2rhPL8dr7T9iAAAAAAAAAAAAAAAAAAAAAAUjr96PDgcDo/GtxLU3QDqr/Vfd5+9+cjWUrkNi7euftZit4Gi1pWLo92O1RuepNLlz9WqD21e89zFUzcItuaX+1GUQX0xN9o5/e2Fv/h2+ffjwWFeralf8uAwu+ysbr3P94tTnbjpS0izCk/T8p12z0pdzurc0pvvvNA49UdK6Wr7vPVLeUfVSDZrsXG10zeroPEBi6B7/i5+uHjDCz8yNq75UQMAAAAAAAAAAAAAAAAAAFyi/K7vk6PxccPk05WprX+sKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYs/L3/4dH47OgGxHLI+eCaZW8ak0VdGJ8fMePCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/AXwEAAP//wZJM4A==")
r3 = fsopen(&(0x7f0000000080)='pipefs\x00', 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r4, 0x84, 0x79, &(0x7f0000000400)={0x0, 0x3, 0x2}, 0x8)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0xfffffffffffffda4, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = gettid()
timer_create(0x9, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
rt_sigtimedwait(&(0x7f0000000040)={[0xfffffffffffffffd]}, 0x0, 0x0, 0x8)
fsmount(r3, 0x0, 0x20)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x200000f, 0x4031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

2m8.860119608s ago: executing program 3 (id=3199):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000940)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@noquota}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e20, @rand_addr=0x64010102}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000000)={r3, 0x9, 0x30, 0x4, 0x101}, &(0x7f0000000040)=0x18)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000001c0)={r3, 0x9}, 0x8)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r7, &(0x7f0000000000)={0x1f, @none}, 0x8)
listen(r7, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6fa2", @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',\x00'])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
r9 = syz_pidfd_open(r8, 0x0)
pidfd_send_signal(r9, 0x2, 0x0, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r10, 0x0, 0x7}, 0x18)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000141007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10)
llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x20, &(0x7f0000000100)="cfe05c91a6f24dd5697fdef6", 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000850000000800000095"], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m7.987738983s ago: executing program 3 (id=3212):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000004c0), 0x4)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000440)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x2000, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0xfdef)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000400)='./file0\x00', 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16, @ANYRES8], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv")
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x5, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mm_page_alloc\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000000)={0xfffffffb}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001040)=@getlink={0x28, 0x12, 0x2fa9ccd93d5c0297, 0x70bd3d, 0x0, {0x7}, [@IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x55}]}, 0x28}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000340)={'ip_vti0\x00', &(0x7f00000002c0)={'syztnl1\x00', <r5=>0x0, 0x80, 0x1, 0x2, 0x1, {{0x9, 0x4, 0x2, 0x9, 0x24, 0x64, 0x0, 0x0, 0x29, 0x0, @multicast1, @private=0xa010102, {[@ra={0x94, 0x4}, @generic={0x87, 0x5, "844abd"}, @ra={0x94, 0x4, 0x1}, @end]}}}}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000480)={'ip6tnl0\x00', &(0x7f0000000380)={'syztnl2\x00', r5, 0x2f, 0x7f, 0x59, 0x7, 0x4, @loopback, @empty, 0x40, 0x10, 0xbbb7, 0xfffffff9}})
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ioperm(0x3, 0x9bc4, 0xfffffffffffffff9)

2m7.565745615s ago: executing program 3 (id=3220):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7220, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@map=r3, r2, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r3, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r1}, 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = open(&(0x7f0000000780)='./bus\x00', 0x143a42, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
fsetxattr$security_selinux(r5, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:tmpfs_t:s0\x00', 0x1d, 0x2)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r8=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000620000095"], &(0x7f0000000200)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', r8, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m7.269231316s ago: executing program 3 (id=3222):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

2m7.265294897s ago: executing program 33 (id=3222):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

2m2.87646096s ago: executing program 6 (id=3269):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000280)='stack\x00')
preadv2(r4, &(0x7f0000000380)=[{&(0x7f00000000c0)=""/142, 0x8e}], 0x1, 0x9e2, 0x0, 0x0)

2m2.811667691s ago: executing program 6 (id=3270):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x29, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x800}, {}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}, @alu={0x7, 0x0, 0x81eda7cfc6e7dd2b, 0x6, 0x5, 0x100, 0x1}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x4}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xff}}, @map_fd={0x18, 0x3}, @exit, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100}}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x9}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
ptrace$cont(0x21, r1, 0x7ff, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r5, 0x5453, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCMBIC(r6, 0x5415, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='kfree\x00', r7}, 0x18)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_io_uring_submit(r8, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = accept4$llc(0xffffffffffffffff, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f00000001c0)=0x10, 0x800)
ioctl$sock_SIOCOUTQ(r10, 0x5411, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2240, 0x0)
fsetxattr$trusted_overlay_redirect(r11, &(0x7f0000000300), 0x0, 0x0, 0x0)

2m2.621866791s ago: executing program 6 (id=3271):
r0 = syz_open_procfs(0x0, 0x0)
pread64(r0, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)

2m2.465231673s ago: executing program 6 (id=3272):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000580)='maps\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
pselect6(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x9}, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
exit(0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')

2m1.585123907s ago: executing program 6 (id=3285):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000100000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000040000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e61740000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000edffffff0000000000"]}, 0x3c0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r5}, 0x0, &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
r6 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x80001, 0x0)
writev(r6, 0x0, 0x0)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbbbbbbb8a0a63cdec5908060001080006040001000000ff0300ac1414bbaaaaaaaaaa36ac"], 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r9=>0x0})
sendto$packet(r8, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @link_local}, 0x14)
syz_read_part_table(0x5c9, &(0x7f0000000880)="$eJzs0jFoW0cYAOD/vaKoHYJFCLjQpRCTSUmKOiRQiVKMIrzYIaQhQ+dCMhQSyODBSFUyp8nULSGJDcaL6dBOhi7GMhgb5MnIq+dCvWkwr8h6XmxTCsZ13XzfoNP999/9d/wvONfS+CPLsiQisuJB7Md8JeLxF3+/+9uF+u2Jz+98c/deRBKPImLy2qPfBitJnnFw6i/5fCqfTxQr3bdr47sLpfUrm52x92lEYRC/EBGtwf7W7MjRekl8dfIn8z+yWFsZefb8SePFdO3hVmNmp5DHX918V23eH60+SIfzpfS43dkx39jJ6u+N3prbyKb+fH3xeqHT7VdW87xyctJK/Bct7mUDn2aD/n89s/PmcrvX7k9enX96o3ypt9x8ud/338/6mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAdgsbYy8uz5k8aL6drDrcbMzpffX6t/9lP9h1c331Wb90erD9Jh3lL679Qf696a28g+jtcXrxc6F/qV1TyvnJxOfc7W4f6/udzutfuTV+ef3ihf6i03XyY/Pz7rOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA50v99nZE3L0XkcR3ETGelmYH8awYUdo+mj9VHI4TxUr37dr47kJp/cpmZ+z9nTy+lEa04pP9/7/u/04fOuGj4dCKiPT03sU/81cAAAD//xmKiIU=")

1m59.32860603s ago: executing program 6 (id=3301):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}, @NHA_ID={0x8, 0x1, 0x1}]}, 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='net/nf_conntrack_expect\x00')
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x802, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
quotactl$Q_QUOTAOFF(0xffffffff80000700, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xee00, 0x8cffffff00000000)
fchdir(r4)
r5 = socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000900)={[{@dioread_lock}, {@noblock_validity}, {@data_err_abort}, {@init_itable}, {@jqfmt_vfsold}, {@grpjquota, 0x2e}, {@nouid32}, {@inlinecrypt}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3M1vG0UbAPBnN02afibtW73QD6ihICIKSZMW6IEDIJB6ASHBoRxDGqrStEVNkGhV0YBQOSL+AuCIhMSJCyeQEAIugLjCHSFVqJcWDsho7d3EbmzHTpqY1r+ftPbM7uzOPrM79nrHdgA9q5Q9JBFbI+LXiBiqZusLlKpPN65dmvrr2qWpJMrll/5MKuWuX7s0VRQt1tuSZ0bSiPS9JPY2qHf2wsXTkzMz0+fz/NjcmTfGZi9cfPTUmcmT0yenz04cPXrk8PgTj0881lYcl5dZnsV1fc/b5/btPvbKh89PlePV7z/L9ndrvrw2jqrhtuptpRSlKOcW5w5UHh9c9db/W7bVpJMNXdwROtIXEdnh6q/0/6Hoi8WDNxTPvbuQ+aZLOwismey9aceSuX35c7rw/gXciRJ9HHpU8Y6fff4tpvW8/ui2q09nj9OV+G/k048vVNsmzT7LDlc/sfc1Wf//DeYNLibLQ8vUvzUijs///VE2RcP7EC0kbZcEAFjwVXb980ij67+07tpmez6GMhwRByNiZ0T8LyJ2RbpQ5q6IuLvD+ks35Zde//y8qcNNdiS7/nsyH9sqpuqSIq5kIbetEn9/8tqpmelDeZuMRP/GLD/eoo6vn/3lg2bLSjXXf9mU1V9cC+b78ceGjfXrnJicm1xFyHWuvhOxZ0Oj+JOFkYCsBXZHxJ4VbD9rs1MPf7ovS2/fsnT58vG3cAvGmcqfRDxUPf7zcVP8haRaU7PxybHBmJk+NFacFUv98NOVF2vz/TXpuvgH24tpcKXBNpAd/80Nz/88/qIbFOO1s53XceW395t+pll6/JM4Pl9bIj//Ny02W3b+DyQvV9ID+by3Jufmzo9HDOQz6uZPLG6tyBfls/hHDjTu/zsj/vk4X29vRGQn8T0RcW9E7M/3/b6IuD8iDrSI/7tnHni9dQut8Py/BbL4T7Q6/hHDSe14/QoSfae//bJZ/e29/h2ppEbyOe28/rW7g6tpOwAAALhdpJUx6CQdLdI1N6d2xeZ05tzs3MFSvHn2RHWsejj60+JO11DN/dDx/N5wkZ+4KX84InZUvmm0qZIfnTo3s62bgQOV3+rU9f9I09HR6rLfm33pBbhzdDSOVvuls8+/uPU7A6wrv9eE3qX/Q+/S/6F36f/Quxr1/8sRN7qwK8A68/4PvUv/h96l/0Pv0v+hJy39SXzxdysr+aX/YmLnsVWtvuaJ8tCabHm+87X61ijSqP3TjqaJJCJWVkWkrcsMtFF71xLpsmWeWq5Z+lf1nxhZYn+e2BgR7a51ed1atXiFSPzLJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFv7NwAA//8Aq+SG")
rmdir(&(0x7f0000001040)='./file0\x00')
fchdir(r5)
chdir(&(0x7f0000000140)='./file0\x00')
recvmsg(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000600)=""/235, 0xeb}, {&(0x7f0000000700)=""/167, 0xa7}], 0x3}, 0x0)
pivot_root(&(0x7f0000000300)='.\x00', &(0x7f0000000340)='./file0\x00')
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x100, &(0x7f0000000080)={<r7=>0xffffffffffffffff}, 0x13f, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f00000000c0), r7, 0x0, 0x3, 0x1}}, 0x20)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r3}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x2, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x36}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r9, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1m59.32743771s ago: executing program 34 (id=3301):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}, @NHA_ID={0x8, 0x1, 0x1}]}, 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='net/nf_conntrack_expect\x00')
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x802, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
quotactl$Q_QUOTAOFF(0xffffffff80000700, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xee00, 0x8cffffff00000000)
fchdir(r4)
r5 = socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000900)={[{@dioread_lock}, {@noblock_validity}, {@data_err_abort}, {@init_itable}, {@jqfmt_vfsold}, {@grpjquota, 0x2e}, {@nouid32}, {@inlinecrypt}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3M1vG0UbAPBnN02afibtW73QD6ihICIKSZMW6IEDIJB6ASHBoRxDGqrStEVNkGhV0YBQOSL+AuCIhMSJCyeQEAIugLjCHSFVqJcWDsho7d3EbmzHTpqY1r+ftPbM7uzOPrM79nrHdgA9q5Q9JBFbI+LXiBiqZusLlKpPN65dmvrr2qWpJMrll/5MKuWuX7s0VRQt1tuSZ0bSiPS9JPY2qHf2wsXTkzMz0+fz/NjcmTfGZi9cfPTUmcmT0yenz04cPXrk8PgTj0881lYcl5dZnsV1fc/b5/btPvbKh89PlePV7z/L9ndrvrw2jqrhtuptpRSlKOcW5w5UHh9c9db/W7bVpJMNXdwROtIXEdnh6q/0/6Hoi8WDNxTPvbuQ+aZLOwismey9aceSuX35c7rw/gXciRJ9HHpU8Y6fff4tpvW8/ui2q09nj9OV+G/k048vVNsmzT7LDlc/sfc1Wf//DeYNLibLQ8vUvzUijs///VE2RcP7EC0kbZcEAFjwVXb980ij67+07tpmez6GMhwRByNiZ0T8LyJ2RbpQ5q6IuLvD+ks35Zde//y8qcNNdiS7/nsyH9sqpuqSIq5kIbetEn9/8tqpmelDeZuMRP/GLD/eoo6vn/3lg2bLSjXXf9mU1V9cC+b78ceGjfXrnJicm1xFyHWuvhOxZ0Oj+JOFkYCsBXZHxJ4VbD9rs1MPf7ovS2/fsnT58vG3cAvGmcqfRDxUPf7zcVP8haRaU7PxybHBmJk+NFacFUv98NOVF2vz/TXpuvgH24tpcKXBNpAd/80Nz/88/qIbFOO1s53XceW395t+pll6/JM4Pl9bIj//Ny02W3b+DyQvV9ID+by3Jufmzo9HDOQz6uZPLG6tyBfls/hHDjTu/zsj/vk4X29vRGQn8T0RcW9E7M/3/b6IuD8iDrSI/7tnHni9dQut8Py/BbL4T7Q6/hHDSe14/QoSfae//bJZ/e29/h2ppEbyOe28/rW7g6tpOwAAALhdpJUx6CQdLdI1N6d2xeZ05tzs3MFSvHn2RHWsejj60+JO11DN/dDx/N5wkZ+4KX84InZUvmm0qZIfnTo3s62bgQOV3+rU9f9I09HR6rLfm33pBbhzdDSOVvuls8+/uPU7A6wrv9eE3qX/Q+/S/6F36f/Quxr1/8sRN7qwK8A68/4PvUv/h96l/0Pv0v+hJy39SXzxdysr+aX/YmLnsVWtvuaJ8tCabHm+87X61ijSqP3TjqaJJCJWVkWkrcsMtFF71xLpsmWeWq5Z+lf1nxhZYn+e2BgR7a51ed1atXiFSPzLJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFv7NwAA//8Aq+SG")
rmdir(&(0x7f0000001040)='./file0\x00')
fchdir(r5)
chdir(&(0x7f0000000140)='./file0\x00')
recvmsg(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000600)=""/235, 0xeb}, {&(0x7f0000000700)=""/167, 0xa7}], 0x3}, 0x0)
pivot_root(&(0x7f0000000300)='.\x00', &(0x7f0000000340)='./file0\x00')
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x100, &(0x7f0000000080)={<r7=>0xffffffffffffffff}, 0x13f, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f00000000c0), r7, 0x0, 0x3, 0x1}}, 0x20)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r3}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x2, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x36}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r9, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1m6.03921671s ago: executing program 5 (id=4117):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000400000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'wg1\x00'})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000280)={0x0, 0xfe, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x81, <r2=>0x0}, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r3}, 0x18)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0xff2e)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r4 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
r5 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x51)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$9p(r4, &(0x7f0000001400), 0x0)
sendfile(r4, r5, 0x0, 0xe065)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
lremovexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=@known='system.posix_acl_access\x00')
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)

1m4.818199037s ago: executing program 5 (id=4131):
r0 = socket$kcm(0x11, 0xa, 0x300)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000140)=0x800, 0x4)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4)
bind$llc(r3, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0xffffff6a)
sendfile(r3, r4, 0x0, 0xffffffff000)

1m4.707301027s ago: executing program 5 (id=4133):
syz_emit_ethernet(0x82, 0x0, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x4008084)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000800000000000005aefe4c91ff64f857b000000012000"], 0x48)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x268, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0xc8, 0x110, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'dvmrp1\x00', {0xff}}, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x2c8)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r6=>0x0})
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r5, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r7}, 0x10)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file1\x00', 0x50, &(0x7f0000000280)={[{@usrquota}, {@acl}, {@nobh}, {@mblk_io_submit}, {@dioread_nolock}]}, 0x1, 0x3eb, &(0x7f0000000880)="$eJzs3M1uG0UcAPD/br5I+uEgcUCFQwQIgoCkDgQoQqJw5eMCPICVpKXCbarGSLTkUBAnThwQNw59AQ48QFUhJCRegRdAlSqU5gC3oLV3HTe2Qyw7der8ftLIM+txZv7ezWpmvTsBHFtzEXE+IsYiYikiSvn2NE9xs5Gyeve3Nle2tzZXktjZ+fjvJJJ8W/G3kvz1RF6YTyPSbyOeutne7sb1G59XqtW1a3l5sXb56uLG9RuvXLpcubh2ce1K+Y1z5fLy0pvl1wYW64/PvXhu7L3zZ376s3RneXJyOuvvyfy91jgGZS7mmt/JXsuDbmzIJofdAQAADiTNx/7j9fF/KcbquYZSLG4OtXMAAADAQOy8k78CAAAAIywx9wcAAIARV9wHcH9rc6VIB7pxoHRotyQ8VPfejYjZ3Webt5vxj8djeZ2JQ3y+dS4irj6flLIUh/QcMgBAqzvZ+Odsp/FfGk+21JuKqI+Hpgfc/tyecvv4J7074CYfkI3/3o6I7bbxX1pUmR3LS6fqQ8WJ5MKl6trZiDgdEfMxMZWVy/u08f4/P3/U7b0s/t+SU6eLlLWfve7WSO+OTz34mdVKrdJPzK3ufR1xZrxT/Elz/JtExEwfbYx9deutbu/9f/yHa+dWxAsd9//uyj3J/usTLdaPh8XiqGj37ze/fNit/WHHn+3/mf3jn01a12va6L2N25/98XQ90yGq1vlPL8f/ZPJJPV/My76s1GrXyhGTyQft25d2P1uUi/pZ/PPPdv7/L85/Sb6m1cn8HNCr777/9eX9azTiz1LWfjEXfBiy+Fd72v+9Z16//fun3dpv3f+d48/2f2MNsPl8y0HOfwftYD/fHQAAADwq0vp1jSRdaObTdGGhcb3jiZhJq+sbtZcurH9xZbVx/WM2JtLiSlep5XpoufEzerO8tKf8akQ8HhE/lKbr5YWV9erqsIMHAACAY+JEl/l/5q8RuccfAAAAyH+oBwAAAEab+T8AAACMtH7W9Tu+meybOwLdOPKZZ45GN4aQmYgj0Y0+MsM+MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADza/gsAAP//Bdqy/A==")
r8 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r8, r8, 0x0, 0x800000009)

1m4.23611348s ago: executing program 5 (id=4137):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x23, 0x452, &(0x7f0000000880)="$eJzs3M1vFOUfAPDvTLflx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAx7othLBQQ2sihEg1Bi8mhkTPxqOJf4E3L0Y9mXjVuyEhygX0VDOzM7i77AJbtt3Kfj7JtM8z8+w+z3dnnp1n5pk2gIE1nv1IIrZFxK8RMVrPNhcYr/+6duVc9a8r56pJrKy8+UeSl7t65Vy1LFq+bmuRmUgj0o+TopJmi2fOnpit1eZPF/mppZPvTi2eOfvM8ZOzx+aPzZ+aOXTo4IHp55+bebYncWZxXd3zwcLe3a++ffG16pGL7/z4TdbebcX2xjh6ZTwL/M+VXOu2x3tdWZ9tb0gnm/vYELoyFBGViBjO+/9oDOW5utF45aO+Ng5YU9m5aVPnzcsrwF0siX63AOiP8kSfXf+WyzoNPTaEyy/WL4CyuK8VS31LJdKizHDL9W0vjUfEkeW/v8yWWKP7EAAAjT6tfnE4nm43/kvjvoZyO4o5lLGI+H9E7IyIeyJiV0TcG5GXvT8iHuiy/tapoRvHP+mlVQV2m7Lx3wvF3Fbz+K8c/cXYUJHbnsc/nBw9XpvfX3wmEzG8KctP36SO717+5bNO2xrHf9mS1V+OBYt2XKq03KCbm12azQelPXD5w4g9lXbxJ9dnApKI2B0Re7p76x1l4viTX+/tVOjW8beXdteWjla+iniivv+XoyX+UnLz+cmp/0Vtfv9UeVTc6KefL7zRqf7Vxt8r2f7f0nz8txYZSxrnaxe7r+PCb590vKZZ7fE/kryV75eRYt37s0tLp6cjRpLDeb5p/cy/ry3zZfks/ol97fv/zuI1WT0PRkR2ED8UEQ9HxCNF2x+NiMciYt9N4v/hpc7bNsL+n2v7/Xf9+G/Z/90nhk58/22n+m9v/x/MUxPFmvz77xZut4F38tkBAADAf0WaPwOfpJPX02k6OVl/hn9XbElrC4tLTx1deO/UXP1Z+bEYTss7XaMN90Onk+XiHev5meJecbn9QHHf+POhzXl+srpQm+tz7DDotnbo/5nfh/rdOmDNVdqsmxnpQ0OAddfa/1sm18+/vp6NAdZVu/M/MBia+v+N/7yhV8/aARuQ8z8Mrnb9/3xL3lwA3J2c/2FwVcJkHwwq538YXPo/DKQ7+bt+iUFORLohmiGxRol+fzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xj8BAAD//zsb7uA=")
mount(0x0, &(0x7f0000001fc0)='./file0\x00', &(0x7f0000002000)='devtmpfs\x00', 0x0, 0x0)

1m3.969175491s ago: executing program 5 (id=4140):
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4)
ioctl$USBDEVFS_DROP_PRIVILEGES(r1, 0x4004551e, &(0x7f0000000240)=0x34facec1)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="30000000101401002cbd7000fedbdf2508004b00000100000800030001000000080001000000000008004a00"], 0x30}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
open(&(0x7f0000000000)='./file0\x00', 0x80080, 0x80)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000100)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
lsm_set_self_attr(0x65, 0x0, 0x47, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
inotify_init1(0x80800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r6, @ANYBLOB="0100000000000000000001000000060006002100000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000"], 0x1c8}}, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000001200)='net/mcfilter6\x00')
preadv(r7, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4095, 0xfff}], 0x1, 0x1000000, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000340)='dctcp\x00', 0x6)
sendmmsg$inet(r3, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000bc0)='#\x00NN', 0x4}], 0x1}}], 0x1, 0x0)

1m3.541236093s ago: executing program 5 (id=4149):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
unshare(0xc000600)

1m3.540961163s ago: executing program 35 (id=4149):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
unshare(0xc000600)

1.909263569s ago: executing program 7 (id=5285):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000005c0), &(0x7f0000000780)=0xc)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, 0x0, 0xf00)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0xffffffff, 'lblc\x00', 0x1, 0x7, 0x49}, 0x2c)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x4, 0x0}, 0x4e21, 0x3, 'lc\x00', 0x2, 0x81, 0x19}, {@local, 0x4e20, 0x4, 0xc3, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e21, 0x3, 'wrr\x00', 0x4, 0x81, 0x5}, {@rand_addr=0xac1414aa, 0x4e23, 0x3, 0x1cb, 0x12d5c, 0x12d5c}}, 0x44)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r6, 0x80045505, &(0x7f0000000340)=@usbdevfs_connect)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="01000000ddff000033fd091a8f6e76b40000000000000000850000008700000018db6367ff43bfc8c4d377e91e7548725a01000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffff77b5c8f9523f787015e7c3de6fb702000508000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x88)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r8, 0x29, 0x39, &(0x7f0000000280)=ANY=[@ANYBLOB="0c0802"], 0x48)
recvmmsg(r3, &(0x7f0000000a00)=[{{&(0x7f0000000380)=@pppol2tpv3in6, 0x80, &(0x7f0000000680)=[{&(0x7f0000000000)=""/61, 0x3d}, {&(0x7f0000000400)=""/150, 0x96}, {&(0x7f0000001340)=""/4096, 0x1000}, {&(0x7f0000000500)=""/133, 0x85}, {&(0x7f00000005c0)}, {&(0x7f0000000600)=""/103, 0x67}], 0x6, &(0x7f0000002d40)=""/4096, 0x1000}, 0x3}, {{&(0x7f0000000700)=@xdp, 0x80, &(0x7f0000000780)}, 0x9}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000007c0)=""/78, 0x4e}, {&(0x7f0000000840)=""/46, 0x2e}], 0x2, &(0x7f00000008c0)=""/241, 0xf1}, 0x7ff}], 0x3, 0x40000063, &(0x7f0000000ac0)={0x0, 0x989680})

1.8567322s ago: executing program 0 (id=5287):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r3, r3, 0x0, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000001c0), 0x12)
readv(r3, &(0x7f0000000440)=[{&(0x7f0000000280)=""/153, 0x99}], 0x1)

1.84426282s ago: executing program 0 (id=5288):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYRESOCT], 0x7c}}, 0x48000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x7, 0x0, &(0x7f0000000100)="e0b9547ed387db", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x10004, 0x3, 0x0, 0x1, 0x4, 0x9, 0x2, 0x0, 0x0, 0x0, 0x10000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="ec000000210001000000000000000000e0000001000000000000000000000000ff02000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000009c00110000000000000000000000000000000001ffffffff00000000000000000000000064010101000000000000000a010100000000000000000000000000000000400635000000000a0000000000000000000000000000000001ffffffff000000000000000000000000fe8000000000000000000000000000aafe8800000000000000000000000000012b00"/158], 0xec}}, 0x0)
r1 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000080)='.\x00', 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x4c10a000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000500)=ANY=[], 0x1, 0x2b6, &(0x7f00000000c0)="$eJzs3UFrY1UUAODz0jSNukgRN4qLB7pwVaZu3bTKCGJXSgR1ocXpgCRhIIWAI5iZ1fwCl/4Pf4IbN/4Dwa3gri6qV17ee01iX9PS1hT1+1an995z73nvQrrKyeevjgYPHmXx9OTn6HazaO3FXvyZxXa0ovYk2nFe0xgA8G/we0rxW7pOZrt1+9UAAOtQ/v8v3XUtAMB6fPjxJ+/vHxzc/yDPu/Fy79mkn0XE6NmkX87vP4wvYxhHcS96cRqRzpTxu+8d3I92XtiO10fTSb/IHH32Y7X//q8Rs/zd6MV2c/5uXlrIn076m/F85LH/cLMutRcvNee/2ZAf/U688dpC/TvRi5++iEcxjAdR5M7zv9nN83fStydff1ocU+RnrehvzdbNpY113gsAAAAAAAAAAAAAAAAAAAAAAP9tO3mele17Zv17iqGq/87G6Wx+J69tL/fnKfOzeqOyP1CKqkXPNMV3dX+de3mep2rhPL8dr7T9iAAAAAAAAAAAAAAAAAAAAAAUjr96PDgcDo/GtxLU3QDqr/Vfd5+9+cjWUrkNi7euftZit4Gi1pWLo92O1RuepNLlz9WqD21e89zFUzcItuaX+1GUQX0xN9o5/e2Fv/h2+ffjwWFeralf8uAwu+ysbr3P94tTnbjpS0izCk/T8p12z0pdzurc0pvvvNA49UdK6Wr7vPVLeUfVSDZrsXG10zeroPEBi6B7/i5+uHjDCz8yNq75UQMAAAAAAAAAAAAAAAAAAFyi/K7vk6PxccPk05WprX+sKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYs/L3/4dH47OgGxHLI+eCaZW8ak0VdGJ8fMePCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/AXwEAAP//wZJM4A==")
r3 = fsopen(&(0x7f0000000080)='pipefs\x00', 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r4, 0x84, 0x79, &(0x7f0000000400)={0x0, 0x3, 0x2}, 0x8)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0xfffffffffffffda4, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = gettid()
timer_create(0x9, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
rt_sigtimedwait(&(0x7f0000000040)={[0xfffffffffffffffd]}, 0x0, 0x0, 0x8)
fsmount(r3, 0x0, 0x20)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x200000f, 0x4031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

1.83168194s ago: executing program 7 (id=5289):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xb, &(0x7f0000000040)=0x1, 0x4)
socket$inet6(0xa, 0x4, 0x5)
r3 = dup(r1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001b71eef600000000000000185100000700000003000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000280)={'wpan0\x00', <r8=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)={0x8c, r6, 0x601, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_DEVKEY={0x44, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x78}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_ID={0x1c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x912204072769715c}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x40}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x9}]}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_DEVKEY={0xc, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0xb2}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0xc0)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x54, 0x0, 0x400, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x54}}, 0x8d0)
syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00')
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[], 0x1c}}, 0x8080)
ptrace$setregs(0xd, r9, 0x0, &(0x7f00000003c0))
ptrace$cont(0x20, r9, 0x0, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000090000003c0003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x50}}, 0x4004)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x4, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x100000, 0x5dd8, 0x3, 0x0, 0x0, 0x8, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x23, 0x452, &(0x7f0000000880)="$eJzs3M1vFOUfAPDvTLflx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAx7othLBQQ2sihEg1Bi8mhkTPxqOJf4E3L0Y9mXjVuyEhygX0VDOzM7i77AJbtt3Kfj7JtM8z8+w+z3dnnp1n5pk2gIE1nv1IIrZFxK8RMVrPNhcYr/+6duVc9a8r56pJrKy8+UeSl7t65Vy1LFq+bmuRmUgj0o+TopJmi2fOnpit1eZPF/mppZPvTi2eOfvM8ZOzx+aPzZ+aOXTo4IHp55+bebYncWZxXd3zwcLe3a++ffG16pGL7/z4TdbebcX2xjh6ZTwL/M+VXOu2x3tdWZ9tb0gnm/vYELoyFBGViBjO+/9oDOW5utF45aO+Ng5YU9m5aVPnzcsrwF0siX63AOiP8kSfXf+WyzoNPTaEyy/WL4CyuK8VS31LJdKizHDL9W0vjUfEkeW/v8yWWKP7EAAAjT6tfnE4nm43/kvjvoZyO4o5lLGI+H9E7IyIeyJiV0TcG5GXvT8iHuiy/tapoRvHP+mlVQV2m7Lx3wvF3Fbz+K8c/cXYUJHbnsc/nBw9XpvfX3wmEzG8KctP36SO717+5bNO2xrHf9mS1V+OBYt2XKq03KCbm12azQelPXD5w4g9lXbxJ9dnApKI2B0Re7p76x1l4viTX+/tVOjW8beXdteWjla+iniivv+XoyX+UnLz+cmp/0Vtfv9UeVTc6KefL7zRqf7Vxt8r2f7f0nz8txYZSxrnaxe7r+PCb590vKZZ7fE/kryV75eRYt37s0tLp6cjRpLDeb5p/cy/ry3zZfks/ol97fv/zuI1WT0PRkR2ED8UEQ9HxCNF2x+NiMciYt9N4v/hpc7bNsL+n2v7/Xf9+G/Z/90nhk58/22n+m9v/x/MUxPFmvz77xZut4F38tkBAADAf0WaPwOfpJPX02k6OVl/hn9XbElrC4tLTx1deO/UXP1Z+bEYTss7XaMN90Onk+XiHev5meJecbn9QHHf+POhzXl+srpQm+tz7DDotnbo/5nfh/rdOmDNVdqsmxnpQ0OAddfa/1sm18+/vp6NAdZVu/M/MBia+v+N/7yhV8/aARuQ8z8Mrnb9/3xL3lwA3J2c/2FwVcJkHwwq538YXPo/DKQ7+bt+iUFORLohmiGxRol+fzMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xj8BAAD//zsb7uA=")
mount(0x0, &(0x7f0000001fc0)='./file0\x00', &(0x7f0000002000)='devtmpfs\x00', 0x0, &(0x7f0000002040)='dirsync')

1.173963103s ago: executing program 7 (id=5294):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0b00020800000000000500000000000000000000765f5d8fd74fbd7c042f1fdad8bd2d78df4638ba92b6ed10335dcd3208e4937664d1008fded36e2b068f0bd378dab1c006c60c3240c65121f7e28963550f69ace8839eaf3e4e62db3b2bd288902a5b28c4ae6d24199dad988b6229115270f10ba3042f748cd2884e30591143ae386bf4e31e7f5f966a", @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800"/20, @ANYRES64=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
write$binfmt_script(r0, 0x0, 0x0)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
lsetxattr$trusted_overlay_nlink(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500), &(0x7f0000000540)={'L-', 0x8001}, 0x16, 0x1)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, 0x30100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x4, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="660a000000000000611181000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000001a000100000000000000000002000000000000000000000008001000ffffffff08001900"], 0x38}}, 0x8090)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = gettid()
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x101080e, &(0x7f00000001c0)=ANY=[@ANYBLOB="756e686964652c68696465006e6f726f636b2c73657373696f6e3d3078303030303030013030303030303030312c686964652c63007b6865636b3d7374726963f4416e6f636fd689c91ceb036442a5e8b65659212a2bbc4e30952aa22edafcc01c50d9545f6d70726573534d6e6f726f636b2c6368657f12106458668eb97fd25f742c696f636861727365743d69736f383835392d31332c63727566742c7065726d6928d7997c17d1c8704a54dc34229c72656374696f2c61756469742c004b32b19ac463afda9675ef356e50e2fb3d253ba1480f27afe645fded942f5957f2992896524e7731fa148037452b21c34c9918911ac37dff04099efbbf3c69c8fb9bdcda4683151bb24329a40b273da9bce1145213686d55a96caab752943c330423edc3876e0b859d57cd6d60dc5220aa1367c24de5e66343c128db17391d25b7aa35001e68df726f9ca1e0bfab6993329f0318602f3c51a28ed0858da3e3c47e95de50cbd34e68dd8517f1b4e1eeab0000000000e7b4ea43ef9e4d817aae8e0d2e71215bc0127620b046361adbde0b60bee63e91aa28d93cd8d79802966dbfacceffe6b1d302c5515d7323f7cca3f665a6964cba6cd16ae40bc68e94ac6b40bf96a55dcefd4024a5d7a848d08bdb5d8bb89b4c1968cf6ae0fd7858fa38b738c1ee6822f2cfdb30c3941199251d603d495ab6ce2ddb8e918e72b9171aaa287f2b19755bdc92109150850d5c14ec2ac32dee0122b28fcb3e88d5096d6352799c5f13f597695adfd21e644379e6a400000000000000000000000000fa41c3f14dca4ef03fed7e6466a4e2d4503979398731ee0fc7487e0b09466d841e2d8e64ed9e0d4333e6a79acee454fdb4fff932f123000000", @ANYRES16=r4, @ANYRES64=0x0], 0x1, 0x69a, &(0x7f00000008c0)="$eJzs3c9vG2kdx/HPOL+cLKoqQFVVddunLSulorhjZ5sqKhLrHY+TAdtjzTgokZBWZZssVZ0utEWiuSw58EtaDly57QEO/BFInDnzB8ANpBXckLgMmmfsxE78I944Lbu8X9GuJzPfeZ7vzLjz1cSeZwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOR4FdctOqoFjc0tM5xXicL6iOVZa3O6nU3cHtuv5KT/KZ/X5WzW5a8eLb6U/u+mrma/XVU+fclr/41LFx98ZTbXXX9EQp+FJm3w+cv9Jw/b7Z1np4id0cTNv07KnSJo3W8EcRjUy+u+CeLQrK2uunc3qrGpBjU/3o5bft14kZ9rhZFZ9m6b4traivEL2+FmY71Srvndmfe/UXLdVfPthexASyrE3kZQqwWNdRuTLk5j7puPv5cF+OW6MbuP2zsr45JMg4qnCSqNCyq5pVKxWCoVV++t3bvvurMnZrgpxz2kExFTf9Pic2Z6J2/gjHJp/f+bI9WUV0Ob2pIZ+OOpokih6kOWd3Tr/1t3/ZH99tb/bpW/LH3L+amdviJb/69lS64Nq/9DcjEydoVBS5wh8yf7meu08lwvta8neqi22trRsym0bWSun7WFn2Wvc2fb1r8mmeER6/LVUKBYoQLVVbZzTGeO0ZpWtSpX72lDVcUyqipQTb5ibStWS759R3mK5KuslkJFMlqWp9syKmpNa1qRka+CthVqUw2tq6Ky/p0kya4e2/2+MmIr1A0qDglY6A0qjWhpWP3//kfZ+7RT/90x9X8xl4W/7kKEqcsO7IJGHeCpnbuBs0o61/8Tun4+2QAAAAAAgPPg2L++O/az+zclJaoGNd993WkBAAAAAIApcpQs6Koc2a+06U05XP8DAAAAAPBF49h77BxJS/ZL/c7RnVCn+SPAzCtIEQAAAAAAnJG98//avJTYQSuuy5no+h8AAAAAAHwO/LJnjP3Z7hi7Sfdj/ZykuLng/PGfC4rmnIPm1tecvXK6pLzXiTnxDYBW9YpzoTNQr32Zl2R/8/yrTqe3ziCYh+MOfro7bqx/JzqWwPxMbwNDEnDSnldnO7/pY93IVrnRGWf+0X5OdknWy1I1qPkFL6w9KKpcvpBr+VutHz99/BMpOtzO3cftncL7H7Yf2VwO0lkHe2mjH/Wlkxu8M45yeWHHW7D3XAza4kVVu13+qlFfcmy/bnf7Z1Tey/V2NOoAHPX5c93MjtnNpSx2af9wxP10+/Pp9hcL9pD1bX005xxlUTy+5YMOxJAs8jaLW1nMreVb2Us3v7SdnJP/+oxUKpw8Bn1ZlHqzGL8vnH+d2Bejsujsi5U0iz+lDQ3JYmVQFhdPf0QA4HXZPapCdhDzE3W3Wx66p9bPVHfGV/d3+qv7i98miV1hRprtfDYxspe80jP6smPr0LzsiXX2yoAzutupK3kNOaO7Z6huaV9/OHoGUiftE1n8J0mSB0Xb76+PVdVP0hU+GdpvXCvNpLvw7ou9H9oB8FMf7Hyw87RUWll133bdeyXN2c3ovMzoeKZ8ZxMAcIpn7IyNcN7WjSzixqN/vJVN9VW8Lx9+paCg9/Wh2nqkO91HCFwf3OpSz9cQ7mRXreq5ajWXLj5YlI7HFnVn6FWdraU9saXD2Dl1V+mv1EexK+d8FAAAeLVujqnDg+t/vq/+39FyFrFsS/KJ6+7+Wn78CcHDYovjk39nyjsDAID/E370qbPU+oUTRUHzveLaWrHc2vBNFHrfMVFQWfdN0Gj5kbdRbqz7phmFrdALa6YZaSGo+LGJN5vNMGqZahiZZhgHW/bJ76bz6PfYr5cbrcCLmzW/HPvGCxut8oxMJYg909x8txbEG35kV46bvhdUA6/cCsKGicPNyPMLxsS+3xMYVPxGK6gG6WTDNKOgXo62zXfD2mbdNxU/9qKg2QqzBm1fXssEjWoY1W2zBSUTP+gQAIAvoucv9588bLd3no2YOND4mM7E/IAG+bwZAID/MUfleoKV8ueYEAAAAAAAAAAAAAAAAAAAAAAAOOE09/9NNDE36GZB6XDOjy4cW+t3GtSOo2knNslEbtK1urdE7D/584jgxcM53d3fG3Pwyjbw71+S3rBzlM2ZnX5fi3ZvvLoD983dbI8OjUkXDly0cHgsZqf/zyGdePr7IYuSJElGr77Qvw/nR21g/8SspGfzZzgEfaeJ/nEz/vKD37x7zuclAOfvvwEAAP//+sVC1Q==")
r5 = open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000268000/0x4000)=nil, 0x4000, 0x1000002, 0x4016012, r5, 0x0)
process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

1.098165684s ago: executing program 4 (id=5296):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}, @NHA_ID={0x8, 0x1, 0x1}]}, 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000240000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='net/nf_conntrack_expect\x00')
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x802, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
quotactl$Q_QUOTAOFF(0xffffffff80000700, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xee00, 0x8cffffff00000000)
fchdir(r4)
r5 = socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000900)={[{@dioread_lock}, {@noblock_validity}, {@data_err_abort}, {@init_itable}, {@jqfmt_vfsold}, {@grpjquota, 0x2e}, {@nouid32}, {@inlinecrypt}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3M1vG0UbAPBnN02afibtW73QD6ihICIKSZMW6IEDIJB6ASHBoRxDGqrStEVNkGhV0YBQOSL+AuCIhMSJCyeQEAIugLjCHSFVqJcWDsho7d3EbmzHTpqY1r+ftPbM7uzOPrM79nrHdgA9q5Q9JBFbI+LXiBiqZusLlKpPN65dmvrr2qWpJMrll/5MKuWuX7s0VRQt1tuSZ0bSiPS9JPY2qHf2wsXTkzMz0+fz/NjcmTfGZi9cfPTUmcmT0yenz04cPXrk8PgTj0881lYcl5dZnsV1fc/b5/btPvbKh89PlePV7z/L9ndrvrw2jqrhtuptpRSlKOcW5w5UHh9c9db/W7bVpJMNXdwROtIXEdnh6q/0/6Hoi8WDNxTPvbuQ+aZLOwismey9aceSuX35c7rw/gXciRJ9HHpU8Y6fff4tpvW8/ui2q09nj9OV+G/k048vVNsmzT7LDlc/sfc1Wf//DeYNLibLQ8vUvzUijs///VE2RcP7EC0kbZcEAFjwVXb980ij67+07tpmez6GMhwRByNiZ0T8LyJ2RbpQ5q6IuLvD+ks35Zde//y8qcNNdiS7/nsyH9sqpuqSIq5kIbetEn9/8tqpmelDeZuMRP/GLD/eoo6vn/3lg2bLSjXXf9mU1V9cC+b78ceGjfXrnJicm1xFyHWuvhOxZ0Oj+JOFkYCsBXZHxJ4VbD9rs1MPf7ovS2/fsnT58vG3cAvGmcqfRDxUPf7zcVP8haRaU7PxybHBmJk+NFacFUv98NOVF2vz/TXpuvgH24tpcKXBNpAd/80Nz/88/qIbFOO1s53XceW395t+pll6/JM4Pl9bIj//Ny02W3b+DyQvV9ID+by3Jufmzo9HDOQz6uZPLG6tyBfls/hHDjTu/zsj/vk4X29vRGQn8T0RcW9E7M/3/b6IuD8iDrSI/7tnHni9dQut8Py/BbL4T7Q6/hHDSe14/QoSfae//bJZ/e29/h2ppEbyOe28/rW7g6tpOwAAALhdpJUx6CQdLdI1N6d2xeZ05tzs3MFSvHn2RHWsejj60+JO11DN/dDx/N5wkZ+4KX84InZUvmm0qZIfnTo3s62bgQOV3+rU9f9I09HR6rLfm33pBbhzdDSOVvuls8+/uPU7A6wrv9eE3qX/Q+/S/6F36f/Quxr1/8sRN7qwK8A68/4PvUv/h96l/0Pv0v+hJy39SXzxdysr+aX/YmLnsVWtvuaJ8tCabHm+87X61ijSqP3TjqaJJCJWVkWkrcsMtFF71xLpsmWeWq5Z+lf1nxhZYn+e2BgR7a51ed1atXiFSPzLJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFv7NwAA//8Aq+SG")
rmdir(&(0x7f0000001040)='./file0\x00')
fchdir(r5)
chdir(&(0x7f0000000140)='./file0\x00')
recvmsg(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000600)=""/235, 0xeb}, {&(0x7f0000000700)=""/167, 0xa7}], 0x3}, 0x0)
pivot_root(&(0x7f0000000300)='.\x00', &(0x7f0000000340)='./file0\x00')
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x100, &(0x7f0000000080)={<r7=>0xffffffffffffffff}, 0x13f, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f00000000c0), r7, 0x0, 0x3, 0x1}}, 0x20)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r3}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x2, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x36}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r9, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.051766474s ago: executing program 0 (id=5297):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
dup(0xffffffffffffffff)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c0000001d00070f000000000000000007000000", @ANYRES32], 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000040b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_clone(0x240c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

999.045634ms ago: executing program 0 (id=5298):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r3, r3, 0x0, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000001c0), 0x12)
readv(r3, &(0x7f0000000440)=[{&(0x7f0000000280)=""/153, 0x99}], 0x1)

982.545534ms ago: executing program 0 (id=5299):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfeffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={0x4000000, {}, {0x2, 0x0, @loopback}, {0x2, 0x0, @empty}, 0x236, 0x0, 0x0, 0x0, 0xfffc})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFBR(r3, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2})
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'hsr0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@dellink={0x20, 0x11, 0x1, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r4}}, 0x20}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
ioctl$sock_inet_SIOCDELRT(r3, 0x890c, &(0x7f00000003c0)={0x0, {0x2, 0x4e21, @rand_addr=0x64010102}, {0x2, 0x4e24, @multicast1}, {0x2, 0x4e21, @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000380)='pim6reg\x00', 0xfff, 0x8000000000000000, 0x2})

807.308945ms ago: executing program 4 (id=5301):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='mmap_lock_acquire_returned\x00', r1, 0x0, 0x4}, 0x18)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))

782.293295ms ago: executing program 8 (id=5302):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @host}, 0x10)
connect$vsock_stream(r2, 0x0, 0x0)

744.798226ms ago: executing program 2 (id=5303):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000076000018110000", @ANYRES8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000720000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
truncate(&(0x7f0000000040)='./file0\x00', 0xfffe)

743.995046ms ago: executing program 0 (id=5304):
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4)
ioctl$USBDEVFS_DROP_PRIVILEGES(r1, 0x4004551e, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="30000000101401002cbd7000fedbdf2508004b000001000008"], 0x30}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000140)={0x0, &(0x7f0000000280)}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
open(&(0x7f0000000000)='./file0\x00', 0x80080, 0x80)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000100)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
lsm_set_self_attr(0x65, 0x0, 0x47, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
inotify_init1(0x80800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000340)='dctcp\x00', 0x6)
sendmmsg$inet(r3, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000bc0)='#\x00NN', 0x4}], 0x1}}], 0x1, 0x0)
sendto$inet(r3, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x0, 0x0, 0x21)

709.432516ms ago: executing program 2 (id=5305):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x36, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x800}, {}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}, @alu={0x7, 0x0, 0x81eda7cfc6e7dd2b, 0x6, 0x5, 0x100, 0x1}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x4}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xff}}, @map_fd={0x18, 0x3}, @exit, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100}}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x9}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
ptrace$cont(0x21, r1, 0x7ff, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r4, 0x5453, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCMBIC(r5, 0x5415, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='kfree\x00', r6}, 0x18)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_io_uring_submit(r7, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = accept4$llc(0xffffffffffffffff, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f00000001c0)=0x10, 0x800)
ioctl$sock_SIOCOUTQ(r9, 0x5411, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2240, 0x0)
fsetxattr$trusted_overlay_redirect(r10, &(0x7f0000000300), 0x0, 0x0, 0x0)

680.896846ms ago: executing program 4 (id=5306):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)

605.468896ms ago: executing program 4 (id=5307):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r0, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000040)={@empty, @dev={0xac, 0x14, 0x14, 0x1d}, r1}, 0xc)

604.929056ms ago: executing program 8 (id=5308):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)

604.318256ms ago: executing program 2 (id=5309):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r3, r3, 0x0, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000001c0), 0x12)
readv(r3, &(0x7f0000000440)=[{&(0x7f0000000280)=""/153, 0x99}], 0x1)

603.582706ms ago: executing program 4 (id=5310):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x7, 0x5, 0x7, 0x0, 0x20101, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x4000}}, './file0\x00'})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000171500000300000000000000001500", @ANYRES32=r0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="0100000003000000020000000600"/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r3}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x8000000, 0x238, 0xf8, 0x720d, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298)
sendto$inet(r6, 0x0, 0x0, 0x24000080, 0x0, 0x0)

590.144157ms ago: executing program 8 (id=5311):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat(0xffffffffffffff9c, 0x0, 0x441, 0x14a)
fallocate(r0, 0x20, 0x4000, 0x8000)

579.085057ms ago: executing program 2 (id=5312):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0) (fail_nth: 1)

214.302039ms ago: executing program 7 (id=5313):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x520, 0x340, 0x25, 0x148, 0x0, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x80ffffff, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@set={{0x40}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x580)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r4}, 0x0, &(0x7f0000000040)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000050900010073797a31000000004c000000050a01020000100000000000010020000c00024000000000000000010900010073797a310000000020000480140003006e657464657673696d300000000000000800014000000005"], 0xd4}}, 0x0)

195.003879ms ago: executing program 2 (id=5314):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)='0', 0xfffff, 0xfffffffffffffffc)

194.134979ms ago: executing program 8 (id=5315):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfeffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={0x4000000, {}, {0x2, 0x0, @loopback}, {0x2, 0x0, @empty}, 0x236, 0x0, 0x0, 0x0, 0xfffc})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFBR(r3, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'hsr0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@dellink={0x20, 0x11, 0x1, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r4}}, 0x20}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
ioctl$sock_inet_SIOCDELRT(r3, 0x890c, &(0x7f00000003c0)={0x0, {0x2, 0x4e21, @rand_addr=0x64010102}, {0x2, 0x4e24, @multicast1}, {0x2, 0x4e21, @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000380)='pim6reg\x00', 0xfff, 0x8000000000000000, 0x2})

149.460879ms ago: executing program 7 (id=5316):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000076000018110000", @ANYRES8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000720000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
truncate(&(0x7f0000000040)='./file0\x00', 0xfffe)

106.455339ms ago: executing program 7 (id=5317):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6, @perf_bp={0x0, 0xe}, 0x4ec0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = syz_open_dev$evdev(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000f8ffffff850000000400000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioctl$EVIOCGRAB(r0, 0x40044590, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r2, 0x8953, &(0x7f0000000100)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @random="08a503576a7f"}, 0x0, {0x2, 0x0, @loopback}, 'syz_tun\x00'})
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r4, 0x20, 0x4000, 0x8000)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
fsetxattr$security_selinux(r5, &(0x7f0000000080), &(0x7f0000000140)='system_u:object_r:dhcp_state_t:s0\x00', 0x22, 0x0)

59.370579ms ago: executing program 8 (id=5318):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x2000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6, @perf_bp={0x0, 0xe}, 0x4ec0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = syz_open_dev$evdev(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000f8ffffff850000000400000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioctl$EVIOCGRAB(r0, 0x40044590, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r2, 0x8953, &(0x7f0000000100)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @random="08a503576a7f"}, 0x0, {0x2, 0x0, @loopback}, 'syz_tun\x00'})
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
fallocate(r4, 0x20, 0x4000, 0x8000)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
fsetxattr$security_selinux(r5, &(0x7f0000000080), &(0x7f0000000140)='system_u:object_r:dhcp_state_t:s0\x00', 0x22, 0x0)

58.705549ms ago: executing program 2 (id=5319):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
write$vga_arbiter(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="6c6f636b207d6f2b6d656d0061ab19f6e7d3c10979458436f214b27be0feba820c7a4eaa433fedd1e6"], 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$packet(0x11, 0x3, 0x300)
lseek(0xffffffffffffffff, 0x1, 0x0)
r5 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r5, 0x1, &(0x7f0000258f88))
msgsnd(r5, &(0x7f0000000340)={0x3}, 0x0, 0x0)
msgrcv(r5, 0x0, 0x0, 0x1, 0x1000)
msgctl$IPC_SET(r5, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x800000000000000, 0x7, 0x2, 0x0, 0x3, 0xe8, 0x0, 0x0, 0x0, 0xffffffffffffffff})
msgctl$IPC_STAT(r5, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
shmdt(0x0)
ppoll(&(0x7f0000000040)=[{0xffffffffffffffff, 0xa0}], 0x1, &(0x7f0000000080)={0x0, 0x3938700}, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000217100000001010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000016d8ce4db711d5e46c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e30000000000000000000000014000100677265e52ea619052f9c08000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014000100626f6e64300000000000000000000000140001006970766c616e31"], 0x4b0}}, 0x0)

7.61013ms ago: executing program 4 (id=5320):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x2, 0x40, 0x40, 0x41, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000740)="80193ecdc01eb86c", &(0x7f0000000180), 0xfff, r1}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f00000002c0)={r1, &(0x7f00000014c0), &(0x7f0000000b40)=""/31}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat$sysfs(0xffffff9c, &(0x7f0000000200)='/sys/kernel/notes', 0x0, 0x0)
preadv(r3, &(0x7f0000000780)=[{&(0x7f00000004c0)=""/213, 0xd5}], 0x1, 0x0, 0x0)

0s ago: executing program 8 (id=5321):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x36, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x800}, {}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}, @alu={0x7, 0x0, 0x81eda7cfc6e7dd2b, 0x6, 0x5, 0x100, 0x1}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x4}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xff}}, @map_fd={0x18, 0x3}, @exit, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100}}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x9}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
ptrace$cont(0x21, r1, 0x7ff, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r4, 0x5453, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCMBIC(r5, 0x5415, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='kfree\x00', r6}, 0x18)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_io_uring_submit(r7, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = accept4$llc(0xffffffffffffffff, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f00000001c0)=0x10, 0x800)
ioctl$sock_SIOCOUTQ(r9, 0x5411, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2240, 0x0)
fsetxattr$trusted_overlay_redirect(r10, &(0x7f0000000300), 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

p7: detected capacity change from 0 to 512
[  310.336329][T17747] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.375067][T17752] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4534'.
[  310.404039][T17747] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.447571][T17747] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  310.513945][T17747] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.4533: Failed to acquire dquot type 0
[  310.560217][T17761] loop4: detected capacity change from 0 to 512
[  310.574020][T17761] EXT4-fs: Ignoring removed nobh option
[  310.579640][T17761] EXT4-fs: Ignoring removed mblk_io_submit option
[  310.611770][T17761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.634422][T17764] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.4533'.
[  310.665850][T17747] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.4533'.
[  310.713429][T12866] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.726176][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.800802][T17775] lo speed is unknown, defaulting to 1000
[  310.807476][T17775] lo speed is unknown, defaulting to 1000
[  310.848109][T17788] loop7: detected capacity change from 0 to 256
[  310.899208][T17792] lo speed is unknown, defaulting to 1000
[  310.918062][T17798] loop2: detected capacity change from 0 to 512
[  310.921245][T17792] lo speed is unknown, defaulting to 1000
[  310.924764][T17798] EXT4-fs: Ignoring removed nobh option
[  310.924865][T17798] EXT4-fs: Ignoring removed mblk_io_submit option
[  310.968224][T17798] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.074840][T12359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.107184][T17809] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4555'.
[  311.120828][T17809] loop2: detected capacity change from 0 to 164
[  311.144385][T17811] loop7: detected capacity change from 0 to 2048
[  311.152216][T17811] EXT4-fs: Ignoring removed mblk_io_submit option
[  311.174738][T17811] EXT4-fs (loop7): can't mount with data=, fs mounted w/o journal
[  311.203732][T17811] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4556'.
[  311.345424][   T29] kauditd_printk_skb: 442 callbacks suppressed
[  311.345438][   T29] audit: type=1326 audit(1732642237.105:21402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.0.4562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  311.398382][T17828] 9pnet: Could not find request transport: fd0x0000000000000007
[  311.417217][   T29] audit: type=1326 audit(1732642237.135:21403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.0.4562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  311.441484][   T29] audit: type=1326 audit(1732642237.135:21404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.0.4562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  311.465074][   T29] audit: type=1326 audit(1732642237.135:21405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.0.4562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  311.489322][   T29] audit: type=1326 audit(1732642237.135:21406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.0.4562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  311.513147][   T29] audit: type=1326 audit(1732642237.135:21407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.0.4562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  311.537337][   T29] audit: type=1326 audit(1732642237.135:21408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.0.4562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  311.561130][   T29] audit: type=1326 audit(1732642237.135:21409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.0.4562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  311.585347][   T29] audit: type=1326 audit(1732642237.135:21410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.0.4562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  311.588786][T17834] lo speed is unknown, defaulting to 1000
[  311.608996][   T29] audit: type=1326 audit(1732642237.135:21411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17823 comm="syz.0.4562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  311.644583][T17837] loop8: detected capacity change from 0 to 256
[  311.694525][T17841] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4565'.
[  311.726916][T17839] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  311.893634][T17809] bio_check_eod: 69961 callbacks suppressed
[  311.893652][T17809] syz.2.4555: attempt to access beyond end of device
[  311.893652][T17809] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  311.913068][T17809] syz.2.4555: attempt to access beyond end of device
[  311.913068][T17809] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  311.926611][T17809] syz.2.4555: attempt to access beyond end of device
[  311.926611][T17809] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  311.947587][T17809] syz.2.4555: attempt to access beyond end of device
[  311.947587][T17809] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  311.962168][T17834] lo speed is unknown, defaulting to 1000
[  311.963682][T17809] syz.2.4555: attempt to access beyond end of device
[  311.963682][T17809] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  311.981367][T17809] syz.2.4555: attempt to access beyond end of device
[  311.981367][T17809] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  312.000416][T17809] syz.2.4555: attempt to access beyond end of device
[  312.000416][T17809] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  312.015195][T17850] netlink: 156 bytes leftover after parsing attributes in process `syz.4.4568'.
[  312.036878][T17809] syz.2.4555: attempt to access beyond end of device
[  312.036878][T17809] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  312.068540][T17850] lo speed is unknown, defaulting to 1000
[  312.075849][T17809] syz.2.4555: attempt to access beyond end of device
[  312.075849][T17809] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  312.090213][T17850] lo speed is unknown, defaulting to 1000
[  312.102905][T17854] netlink: 60 bytes leftover after parsing attributes in process `syz.8.4570'.
[  312.114468][T17855] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4569'.
[  312.125734][T17849] loop4: detected capacity change from 0 to 256
[  312.237221][T17866] 9pnet_fd: Insufficient options for proto=fd
[  312.419008][T17879] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  312.471538][T17879] loop2: detected capacity change from 0 to 2048
[  312.585425][T17888] lo speed is unknown, defaulting to 1000
[  312.591445][T17888] lo speed is unknown, defaulting to 1000
[  312.605862][T17890] loop2: detected capacity change from 0 to 512
[  312.627355][T17893] loop4: detected capacity change from 0 to 256
[  312.635334][T17890] EXT4-fs: Ignoring removed nobh option
[  312.640927][T17890] EXT4-fs: Ignoring removed mblk_io_submit option
[  312.665698][T17890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.735268][T12359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.806242][T17902] 9pnet: Could not find request transport: fd0x0000000000000004
[  312.829005][T17905] 9pnet_fd: Insufficient options for proto=fd
[  312.903145][T17913] loop4: detected capacity change from 0 to 164
[  312.921372][T17913] syz.4.4589: attempt to access beyond end of device
[  312.921372][T17913] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  313.080074][T17917] loop7: detected capacity change from 0 to 128
[  313.106210][T17917] SELinux:  Context system_u:object_r:var_lib_t:s0 is not valid (left unmapped).
[  313.122052][T17919] lo speed is unknown, defaulting to 1000
[  313.134095][T17919] lo speed is unknown, defaulting to 1000
[  313.158038][T17922] loop8: detected capacity change from 0 to 256
[  313.320337][T17931] loop7: detected capacity change from 0 to 512
[  313.361112][T17932] lo speed is unknown, defaulting to 1000
[  313.374282][T17931] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.384152][T17932] lo speed is unknown, defaulting to 1000
[  313.408872][T17939] loop2: detected capacity change from 0 to 256
[  313.433312][T17931] ext4 filesystem being mounted at /259/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  313.450419][T17931] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  313.467780][T17931] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.4596: Failed to acquire dquot type 0
[  313.495995][T17941] IPVS: Error joining to the multicast group
[  313.573218][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.577872][T17946] loop8: detected capacity change from 0 to 256
[  313.590179][T17946] vfat: Bad value for 'time_offset'
[  314.300880][T17974] loop4: detected capacity change from 0 to 256
[  314.320213][T17973] lo speed is unknown, defaulting to 1000
[  314.377098][T17973] lo speed is unknown, defaulting to 1000
[  314.543664][T17987] IPVS: Error joining to the multicast group
[  314.559266][T17987] loop8: detected capacity change from 0 to 512
[  314.578808][T17987] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2240: inode #15: comm syz.8.4610: corrupted in-inode xattr: invalid ea_ino
[  314.598284][T17985] 9pnet: Could not find request transport: fd0x0000000000000004
[  314.605958][T17987] EXT4-fs error (device loop8): ext4_orphan_get:1394: comm syz.8.4610: couldn't read orphan inode 15 (err -117)
[  314.629536][T17993] loop2: detected capacity change from 0 to 512
[  314.643553][T17993] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  314.666994][T17993] EXT4-fs (loop2): 1 truncate cleaned up
[  314.781466][T18004] lo speed is unknown, defaulting to 1000
[  314.787636][T18004] lo speed is unknown, defaulting to 1000
[  314.826317][T18006] loop2: detected capacity change from 0 to 256
[  314.890121][T18009] __nla_validate_parse: 12 callbacks suppressed
[  314.890190][T18009] netlink: 60 bytes leftover after parsing attributes in process `syz.8.4619'.
[  314.971809][T18013] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  315.103417][T18013] loop4: detected capacity change from 0 to 2048
[  315.128994][T18021] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4622'.
[  315.239272][T18030] netlink: 100 bytes leftover after parsing attributes in process `syz.7.4626'.
[  315.250065][T18028] loop4: detected capacity change from 0 to 128
[  315.361439][T18041] netlink: 156 bytes leftover after parsing attributes in process `syz.7.4628'.
[  315.382375][T18041] lo speed is unknown, defaulting to 1000
[  315.389238][T18041] lo speed is unknown, defaulting to 1000
[  315.428432][T18036] loop7: detected capacity change from 0 to 256
[  315.467518][T18048] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4633'.
[  315.818834][T18059] loop4: detected capacity change from 0 to 512
[  315.844635][T18059] ext4 filesystem being mounted at /293/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  315.861704][T18059] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  315.889617][T18059] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.4638: Failed to acquire dquot type 0
[  315.974554][T18065] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.4638'.
[  315.985163][T18067] netlink: 100 bytes leftover after parsing attributes in process `syz.8.4640'.
[  316.010383][T18059] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.4638'.
[  316.128614][T18078] netlink: 'syz.4.4644': attribute type 10 has an invalid length.
[  316.136506][T18078] netlink: 2 bytes leftover after parsing attributes in process `syz.4.4644'.
[  316.151414][T18078] team0: entered promiscuous mode
[  316.156503][T18078] team_slave_0: entered promiscuous mode
[  316.162240][T18078] team_slave_1: entered promiscuous mode
[  316.168594][T18078] bridge0: port 3(team0) entered blocking state
[  316.175555][T18078] bridge0: port 3(team0) entered disabled state
[  316.182326][T18078] team0: entered allmulticast mode
[  316.187639][T18078] team_slave_0: entered allmulticast mode
[  316.193442][T18078] team_slave_1: entered allmulticast mode
[  316.327679][T18093] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4649'.
[  316.357590][T18093] loop7: detected capacity change from 0 to 164
[  316.903628][T18093] bio_check_eod: 37640 callbacks suppressed
[  316.903646][T18093] syz.7.4649: attempt to access beyond end of device
[  316.903646][T18093] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  316.923364][T18093] syz.7.4649: attempt to access beyond end of device
[  316.923364][T18093] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  316.937569][T18093] syz.7.4649: attempt to access beyond end of device
[  316.937569][T18093] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  316.951459][T18093] syz.7.4649: attempt to access beyond end of device
[  316.951459][T18093] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  316.965744][T18093] syz.7.4649: attempt to access beyond end of device
[  316.965744][T18093] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  316.979552][T18093] syz.7.4649: attempt to access beyond end of device
[  316.979552][T18093] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  316.993114][T18093] syz.7.4649: attempt to access beyond end of device
[  316.993114][T18093] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  317.007680][T18093] syz.7.4649: attempt to access beyond end of device
[  317.007680][T18093] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  317.022925][T18093] syz.7.4649: attempt to access beyond end of device
[  317.022925][T18093] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  317.037514][T18093] syz.7.4649: attempt to access beyond end of device
[  317.037514][T18093] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  317.173870][ T1048] usb usb2-port1: attempt power cycle
[  317.202743][T18108] 9pnet: Could not find request transport: fd0x0000000000000007
[  317.245722][T18113] loop7: detected capacity change from 0 to 512
[  317.252254][T18113] EXT4-fs: Ignoring removed nobh option
[  317.257896][T18113] EXT4-fs: Ignoring removed mblk_io_submit option
[  317.360606][   T29] kauditd_printk_skb: 318 callbacks suppressed
[  317.360621][   T29] audit: type=1326 audit(1732642243.115:21726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.0.4659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  317.390644][   T29] audit: type=1326 audit(1732642243.115:21727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.0.4659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  317.417890][   T29] audit: type=1326 audit(1732642243.125:21728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.0.4659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8e110fd2b0 code=0x7ffc0000
[  317.441964][   T29] audit: type=1326 audit(1732642243.125:21729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.0.4659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8e110fd2b0 code=0x7ffc0000
[  317.466214][   T29] audit: type=1326 audit(1732642243.125:21730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.0.4659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  317.490026][   T29] audit: type=1326 audit(1732642243.125:21731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.0.4659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  317.514293][   T29] audit: type=1326 audit(1732642243.125:21732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18121 comm="syz.0.4659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  317.535351][T18134] loop4: detected capacity change from 0 to 2048
[  317.561903][T18134] EXT4-fs: Ignoring removed mblk_io_submit option
[  317.578813][T18134] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  317.639788][T18142] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  317.699719][T18152] loop7: detected capacity change from 0 to 512
[  317.720103][T18152] ext4 filesystem being mounted at /282/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  317.731931][T18152] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  317.746526][T18152] Quota error (device loop7): write_blk: dquota write failed
[  317.753975][T18152] Quota error (device loop7): qtree_write_dquot: Error -28 occurred while creating quota
[  317.763889][T18152] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.4671: Failed to acquire dquot type 0
[  317.819683][T18158] lo speed is unknown, defaulting to 1000
[  317.825759][T18158] lo speed is unknown, defaulting to 1000
[  317.907506][   T29] audit: type=1326 audit(1732642243.665:21733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18165 comm="syz.7.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  318.151432][T18182] bond1: entered promiscuous mode
[  318.156584][T18182] bond1: entered allmulticast mode
[  318.162582][T18182] 8021q: adding VLAN 0 to HW filter on device bond1
[  318.175077][T18182] bond1 (unregistering): Released all slaves
[  318.206918][T18185] netlink: 'syz.0.4682': attribute type 10 has an invalid length.
[  318.215169][T18185] geneve1: entered promiscuous mode
[  318.223079][T18185] bond0: (slave geneve1): Enslaving as an active interface with an up link
[  318.547090][T18190] lo speed is unknown, defaulting to 1000
[  318.553044][T18190] lo speed is unknown, defaulting to 1000
[  318.590675][T18191] loop4: detected capacity change from 0 to 256
[  318.728878][T18198] loop4: detected capacity change from 0 to 512
[  318.735496][T18198] EXT4-fs: Ignoring removed nobh option
[  318.741122][T18198] EXT4-fs: Ignoring removed mblk_io_submit option
[  318.921376][T18212] 9pnet: Could not find request transport: fd0x0000000000000007
[  318.966348][T18215] lo speed is unknown, defaulting to 1000
[  318.972283][T18215] lo speed is unknown, defaulting to 1000
[  319.015874][T18220] loop4: detected capacity change from 0 to 256
[  319.074505][ T1048] usb usb2-port1: unable to enumerate USB device
[  319.081641][T18038] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  319.093660][T18038] vhci_hcd: invalid port number 23
[  319.098789][T18038] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub.
[  319.100306][T18225] lo speed is unknown, defaulting to 1000
[  319.145496][T18225] lo speed is unknown, defaulting to 1000
[  319.502749][T18244] loop2: detected capacity change from 0 to 256
[  319.526892][T18242] lo speed is unknown, defaulting to 1000
[  319.549274][T18242] lo speed is unknown, defaulting to 1000
[  319.926696][T18265] loop8: detected capacity change from 0 to 2048
[  319.971581][T18265] EXT4-fs mount: 12 callbacks suppressed
[  319.971595][T18265] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.990827][T18267] __nla_validate_parse: 13 callbacks suppressed
[  319.990841][T18267] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4715'.
[  320.093574][T18265] bpf_get_probe_write_proto: 5 callbacks suppressed
[  320.100705][T18265] syz.8.4714[18265] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  320.101063][T18265] syz.8.4714[18265] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  320.132395][T18265] syz.8.4714[18265] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  320.168596][T18278] loop7: detected capacity change from 0 to 2048
[  320.212411][T18286] loop2: detected capacity change from 0 to 256
[  320.221043][T18281] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  320.226575][T18278] EXT4-fs: Ignoring removed mblk_io_submit option
[  320.236422][T18286] vfat: Bad value for 'time_offset'
[  320.252628][T18281] EXT4-fs (loop8): Delayed block allocation failed for inode 16 at logical offset 736 with max blocks 32 with error 28
[  320.265279][T18281] EXT4-fs (loop8): This should not happen!! Data will be lost
[  320.265279][T18281] 
[  320.272779][T18278] EXT4-fs (loop7): can't mount with data=, fs mounted w/o journal
[  320.275629][T18281] EXT4-fs (loop8): Total free blocks count 0
[  320.288784][T18281] EXT4-fs (loop8): Free/Dirty block details
[  320.294755][T18281] EXT4-fs (loop8): free_blocks=2415919104
[  320.300474][T18281] EXT4-fs (loop8): dirty_blocks=752
[  320.306149][T18281] EXT4-fs (loop8): Block reservation details
[  320.312218][T18281] EXT4-fs (loop8): i_reserved_data_blocks=47
[  320.330666][T18278] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4717'.
[  320.428023][   T40] EXT4-fs (loop8): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 720 with error 28
[  320.637113][T18304] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4720'.
[  320.982524][T18315] netlink: 60 bytes leftover after parsing attributes in process `syz.8.4729'.
[  321.043737][T18313] netlink: 156 bytes leftover after parsing attributes in process `syz.0.4730'.
[  321.087444][T18313] lo speed is unknown, defaulting to 1000
[  321.093496][T18313] lo speed is unknown, defaulting to 1000
[  321.531874][T18355] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4745'.
[  321.556632][T18355] loop2: detected capacity change from 0 to 164
[  321.571665][T18359] loop4: detected capacity change from 0 to 512
[  321.582234][T18359] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  321.594040][T18359] EXT4-fs (loop4): 1 truncate cleaned up
[  321.600096][T18359] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.654587][T12866] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.670251][T18366] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4748'.
[  321.764255][T18376] ªªªªªª: renamed from syzkaller0
[  321.769487][T18376] FAULT_INJECTION: forcing a failure.
[  321.769487][T18376] name failslab, interval 1, probability 0, space 0, times 0
[  321.782158][T18376] CPU: 1 UID: 0 PID: 18376 Comm: syz.4.4753 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  321.792598][T18376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  321.802654][T18376] Call Trace:
[  321.805935][T18376]  <TASK>
[  321.808950][T18376]  dump_stack_lvl+0xf2/0x150
[  321.813597][T18376]  dump_stack+0x15/0x20
[  321.817791][T18376]  should_fail_ex+0x223/0x230
[  321.822511][T18376]  should_failslab+0x8f/0xb0
[  321.827102][T18376]  __kmalloc_noprof+0xab/0x3f0
[  321.831901][T18376]  ? kobject_rename+0x125/0x350
[  321.836770][T18376]  ? kobject_get_path+0x126/0x160
[  321.841806][T18376]  kobject_rename+0x125/0x350
[  321.846559][T18376]  ? sysfs_rename_link_ns+0x105/0x120
[  321.852003][T18376]  device_rename+0x12a/0x1a0
[  321.856598][T18376]  dev_change_name+0x1ed/0x610
[  321.861412][T18376]  ? selinux_capable+0x1f2/0x260
[  321.866352][T18376]  ? full_name_hash+0x93/0xe0
[  321.871111][T18376]  dev_ifsioc+0x5d2/0xa10
[  321.875450][T18376]  dev_ioctl+0x774/0xab0
[  321.879695][T18376]  sock_do_ioctl+0x11c/0x260
[  321.884294][T18376]  sock_ioctl+0x46a/0x640
[  321.888702][T18376]  ? __pfx_sock_ioctl+0x10/0x10
[  321.893555][T18376]  __se_sys_ioctl+0xc9/0x140
[  321.898162][T18376]  __x64_sys_ioctl+0x43/0x50
[  321.902793][T18376]  x64_sys_call+0x1690/0x2dc0
[  321.907477][T18376]  do_syscall_64+0xc9/0x1c0
[  321.912052][T18376]  ? clear_bhb_loop+0x55/0xb0
[  321.914627][T18355] bio_check_eod: 17296 callbacks suppressed
[  321.914641][T18355] syz.2.4745: attempt to access beyond end of device
[  321.914641][T18355] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  321.916733][T18376]  ? clear_bhb_loop+0x55/0xb0
[  321.922825][T18355] syz.2.4745: attempt to access beyond end of device
[  321.922825][T18355] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  321.935945][T18376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.935978][T18376] RIP: 0033:0x7fbc353ae919
[  321.935995][T18376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.936014][T18376] RSP: 002b:00007fbc33a21038 EFLAGS: 00000246
[  321.948211][T18355] syz.2.4745: attempt to access beyond end of device
[  321.948211][T18355] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  321.954021][T18376]  ORIG_RAX: 0000000000000010
[  321.954032][T18376] RAX: ffffffffffffffda RBX: 00007fbc35565fa0 RCX: 00007fbc353ae919
[  321.954047][T18376] RDX: 0000000020002280 RSI: 0000000000008923 RDI: 0000000000000005
[  321.954061][T18376] RBP: 00007fbc33a21090 R08: 0000000000000000 R09: 0000000000000000
[  321.960410][T18355] syz.2.4745: attempt to access beyond end of device
[  321.960410][T18355] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  321.964330][T18376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.964345][T18376] R13: 0000000000000000 R14: 00007fbc35565fa0 R15: 00007ffd74cff4a8
[  321.964367][T18376]  </TASK>
[  322.066391][T18355] syz.2.4745: attempt to access beyond end of device
[  322.066391][T18355] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  322.080443][T18355] syz.2.4745: attempt to access beyond end of device
[  322.080443][T18355] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  322.093998][T18355] syz.2.4745: attempt to access beyond end of device
[  322.093998][T18355] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  322.107872][T18355] syz.2.4745: attempt to access beyond end of device
[  322.107872][T18355] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  322.121339][T18355] syz.2.4745: attempt to access beyond end of device
[  322.121339][T18355] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  322.135433][T18355] syz.2.4745: attempt to access beyond end of device
[  322.135433][T18355] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  322.387219][   T29] kauditd_printk_skb: 368 callbacks suppressed
[  322.387276][   T29] audit: type=1326 audit(1732642248.145:22102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18390 comm="syz.8.4758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6732ade919 code=0x7ffc0000
[  322.417860][   T29] audit: type=1326 audit(1732642248.145:22103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18390 comm="syz.8.4758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6732ade919 code=0x7ffc0000
[  322.455508][T18399] loop7: detected capacity change from 0 to 256
[  322.455537][   T29] audit: type=1326 audit(1732642248.175:22104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18390 comm="syz.8.4758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f6732ade919 code=0x7ffc0000
[  322.455562][   T29] audit: type=1326 audit(1732642248.175:22105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18390 comm="syz.8.4758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6732ade919 code=0x7ffc0000
[  322.509640][   T29] audit: type=1326 audit(1732642248.175:22106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18390 comm="syz.8.4758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f6732ade919 code=0x7ffc0000
[  322.533961][   T29] audit: type=1326 audit(1732642248.175:22107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18390 comm="syz.8.4758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6732ade919 code=0x7ffc0000
[  322.557550][   T29] audit: type=1326 audit(1732642248.175:22108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18390 comm="syz.8.4758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f6732ade919 code=0x7ffc0000
[  322.559865][T18399] vfat: Bad value for 'time_offset'
[  322.581832][   T29] audit: type=1326 audit(1732642248.215:22109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18394 comm="syz.4.4761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc353ae919 code=0x7ffc0000
[  322.610556][   T29] audit: type=1326 audit(1732642248.215:22110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18394 comm="syz.4.4761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc353ad2b0 code=0x7ffc0000
[  322.634919][   T29] audit: type=1326 audit(1732642248.215:22111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18394 comm="syz.4.4761" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc353ad2b0 code=0x7ffc0000
[  322.782963][T18404] IPVS: Error joining to the multicast group
[  322.783452][T18405] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  322.810784][T18410] loop4: detected capacity change from 0 to 2048
[  322.819148][T18416] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  322.932075][T18421] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4762'.
[  323.344417][T18441] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  323.419396][T18452] lo speed is unknown, defaulting to 1000
[  323.427007][T18452] lo speed is unknown, defaulting to 1000
[  323.461015][T18454] loop7: detected capacity change from 0 to 256
[  323.600333][T18457] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4777'.
[  323.611346][T18457] loop7: detected capacity change from 0 to 164
[  323.875341][T18462] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4778'.
[  323.946989][T18464] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  324.008202][T18464] loop2: detected capacity change from 0 to 2048
[  324.127057][T18484] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  324.267431][T18494] lo speed is unknown, defaulting to 1000
[  324.279648][T18494] lo speed is unknown, defaulting to 1000
[  324.299280][T18503] loop2: detected capacity change from 0 to 256
[  324.493912][T18513] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  324.570198][T18520] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  324.589808][T18513] loop4: detected capacity change from 0 to 2048
[  324.605870][T18527] FAULT_INJECTION: forcing a failure.
[  324.605870][T18527] name failslab, interval 1, probability 0, space 0, times 0
[  324.618546][T18527] CPU: 1 UID: 0 PID: 18527 Comm: syz.7.4801 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  324.628975][T18527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  324.639055][T18527] Call Trace:
[  324.642330][T18527]  <TASK>
[  324.645260][T18527]  dump_stack_lvl+0xf2/0x150
[  324.649907][T18527]  dump_stack+0x15/0x20
[  324.654114][T18527]  should_fail_ex+0x223/0x230
[  324.658809][T18527]  should_failslab+0x8f/0xb0
[  324.663390][T18527]  __kmalloc_node_noprof+0xad/0x410
[  324.668587][T18527]  ? __kvmalloc_node_noprof+0x72/0x170
[  324.674044][T18527]  __kvmalloc_node_noprof+0x72/0x170
[  324.679331][T18527]  bpf_test_run_xdp_live+0x11e/0x1040
[  324.684818][T18527]  ? bpf_dispatcher_xdp_func+0x20/0x30
[  324.690289][T18527]  ? cpus_read_unlock+0x7b/0xc0
[  324.695133][T18527]  ? __static_call_update+0x362/0x3a0
[  324.700557][T18527]  ? 0xffffffffa0003c00
[  324.704748][T18527]  ? synchronize_rcu+0x46/0x320
[  324.709665][T18527]  ? 0xffffffffa0003c00
[  324.713837][T18527]  ? bpf_dispatcher_change_prog+0x747/0x840
[  324.719858][T18527]  ? 0xffffffffa0003c00
[  324.724118][T18527]  ? 0xffffffffa0001ad8
[  324.728264][T18527]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  324.734210][T18527]  bpf_prog_test_run_xdp+0x51d/0x8b0
[  324.739490][T18527]  ? __rcu_read_unlock+0x4e/0x70
[  324.744486][T18527]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  324.750322][T18527]  bpf_prog_test_run+0x20f/0x3a0
[  324.755261][T18527]  __sys_bpf+0x400/0x7a0
[  324.759501][T18527]  __x64_sys_bpf+0x43/0x50
[  324.763929][T18527]  x64_sys_call+0x2914/0x2dc0
[  324.768615][T18527]  do_syscall_64+0xc9/0x1c0
[  324.773192][T18527]  ? clear_bhb_loop+0x55/0xb0
[  324.777942][T18527]  ? clear_bhb_loop+0x55/0xb0
[  324.782618][T18527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.788509][T18527] RIP: 0033:0x7f6fd52ce919
[  324.792913][T18527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.812588][T18527] RSP: 002b:00007f6fd3947038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  324.821057][T18527] RAX: ffffffffffffffda RBX: 00007f6fd5485fa0 RCX: 00007f6fd52ce919
[  324.829081][T18527] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  324.837046][T18527] RBP: 00007f6fd3947090 R08: 0000000000000000 R09: 0000000000000000
[  324.845022][T18527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.852985][T18527] R13: 0000000000000000 R14: 00007f6fd5485fa0 R15: 00007ffc9ae5b158
[  324.861050][T18527]  </TASK>
[  325.011382][T18533] lo speed is unknown, defaulting to 1000
[  325.044296][T18533] lo speed is unknown, defaulting to 1000
[  325.057616][T18547] loop7: detected capacity change from 0 to 2048
[  325.071191][T18547] EXT4-fs: Ignoring removed mblk_io_submit option
[  325.078042][T18552] __nla_validate_parse: 5 callbacks suppressed
[  325.078055][T18552] netlink: 60 bytes leftover after parsing attributes in process `syz.8.4813'.
[  325.098561][T18547] EXT4-fs (loop7): can't mount with data=, fs mounted w/o journal
[  325.111714][T18547] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4809'.
[  325.213418][T18559] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  325.294174][T18559] loop7: detected capacity change from 0 to 2048
[  325.420090][T18579] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4821'.
[  325.422744][T18578] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4820'.
[  325.429324][T18575] loop8: detected capacity change from 0 to 512
[  325.443351][T18575] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  325.475529][T18575] EXT4-fs (loop8): 1 truncate cleaned up
[  325.481900][T18575] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.585652][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.596938][T18587] lo speed is unknown, defaulting to 1000
[  325.603586][T18587] lo speed is unknown, defaulting to 1000
[  325.635533][T18589] loop8: detected capacity change from 0 to 256
[  325.642122][T18589] vfat: Bad value for 'time_offset'
[  325.925871][T18596] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4824'.
[  326.007538][T18597] loop7: detected capacity change from 0 to 512
[  326.018161][T18597] EXT4-fs: Ignoring removed nobh option
[  326.024064][T18597] EXT4-fs: Ignoring removed mblk_io_submit option
[  326.115145][T18599] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4826'.
[  326.127705][T18597] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.163395][T18599] lo speed is unknown, defaulting to 1000
[  326.180724][T18599] lo speed is unknown, defaulting to 1000
[  326.200677][T18605] loop2: detected capacity change from 0 to 256
[  326.213158][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.288699][T18609] loop7: detected capacity change from 0 to 512
[  326.319061][T18609] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.342327][T18609] ext4 filesystem being mounted at /318/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  326.357908][T18609] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  326.373055][T18609] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.4830: Failed to acquire dquot type 0
[  326.388657][T18618] loop2: detected capacity change from 0 to 512
[  326.422774][T18622] loop4: detected capacity change from 0 to 256
[  326.429647][T18622] vfat: Bad value for 'time_offset'
[  326.441412][T18618] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.478095][T18618] ext4 filesystem being mounted at /372/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  326.492682][T18618] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  326.507626][T18618] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.4833: Failed to acquire dquot type 0
[  326.574977][T18627] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.4830'.
[  326.585321][T18609] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.4830'.
[  326.628371][T18630] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.4833'.
[  326.645828][T18618] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.4833'.
[  326.677803][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.854281][T12359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.107053][T18649] lo speed is unknown, defaulting to 1000
[  327.129207][T18649] lo speed is unknown, defaulting to 1000
[  327.158672][T18656] loop2: detected capacity change from 0 to 512
[  327.199500][T18656] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  327.243501][T18656] EXT4-fs (loop2): 1 truncate cleaned up
[  327.258142][T18656] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.419176][T18665] loop4: detected capacity change from 0 to 164
[  327.431171][T12359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.441590][T18665] bio_check_eod: 43426 callbacks suppressed
[  327.441603][T18665] syz.4.4847: attempt to access beyond end of device
[  327.441603][T18665] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  327.462264][T18665] syz.4.4847: attempt to access beyond end of device
[  327.462264][T18665] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  327.484338][T18665] syz.4.4847: attempt to access beyond end of device
[  327.484338][T18665] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  327.508153][T18665] syz.4.4847: attempt to access beyond end of device
[  327.508153][T18665] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  327.534526][T18667] syz.4.4847: attempt to access beyond end of device
[  327.534526][T18667] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  327.548323][T18665] syz.4.4847: attempt to access beyond end of device
[  327.548323][T18665] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  327.561797][T18667] syz.4.4847: attempt to access beyond end of device
[  327.561797][T18667] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  327.575325][T18665] syz.4.4847: attempt to access beyond end of device
[  327.575325][T18665] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  327.588836][T18665] syz.4.4847: attempt to access beyond end of device
[  327.588836][T18665] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  327.602984][T18665] syz.4.4847: attempt to access beyond end of device
[  327.602984][T18665] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  328.176217][T18692] loop7: detected capacity change from 0 to 512
[  328.224989][T18692] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.237920][T18692] ext4 filesystem being mounted at /325/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  328.247955][T18697] loop8: detected capacity change from 0 to 512
[  328.251199][T18692] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  328.270212][T18692] __quota_error: 388 callbacks suppressed
[  328.270227][T18692] Quota error (device loop7): write_blk: dquota write failed
[  328.273881][T18697] EXT4-fs: Ignoring removed nobh option
[  328.276031][T18692] Quota error (device loop7): qtree_write_dquot: Error -28 occurred while creating quota
[  328.283370][T18697] EXT4-fs: Ignoring removed mblk_io_submit option
[  328.305332][T18692] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.4858: Failed to acquire dquot type 0
[  328.408638][T18697] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.425188][T18712] loop4: detected capacity change from 0 to 512
[  328.446554][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.457981][T18714] lo speed is unknown, defaulting to 1000
[  328.466638][T18714] lo speed is unknown, defaulting to 1000
[  328.474896][T18712] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.488049][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.498131][T18712] ext4 filesystem being mounted at /358/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  328.512982][T18712] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  328.529928][T18718] loop2: detected capacity change from 0 to 256
[  328.533066][T18712] Quota error (device loop4): write_blk: dquota write failed
[  328.543585][T18712] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  328.553466][T18712] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.4866: Failed to acquire dquot type 0
[  328.651107][T12866] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.661268][   T29] audit: type=1326 audit(1732642254.405:22496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18719 comm="syz.7.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  328.685554][   T29] audit: type=1326 audit(1732642254.405:22497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18719 comm="syz.7.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  328.709213][   T29] audit: type=1326 audit(1732642254.405:22498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18719 comm="syz.7.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  328.733588][   T29] audit: type=1326 audit(1732642254.405:22499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18719 comm="syz.7.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  328.757879][   T29] audit: type=1326 audit(1732642254.405:22500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18719 comm="syz.7.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  328.781468][   T29] audit: type=1326 audit(1732642254.405:22501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18719 comm="syz.7.4868" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  329.198763][T18748] lo speed is unknown, defaulting to 1000
[  329.215559][T18748] lo speed is unknown, defaulting to 1000
[  329.221643][T18750] FAULT_INJECTION: forcing a failure.
[  329.221643][T18750] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  329.234791][T18750] CPU: 1 UID: 0 PID: 18750 Comm: syz.4.4879 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  329.245207][T18750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  329.255259][T18750] Call Trace:
[  329.258535][T18750]  <TASK>
[  329.261468][T18750]  dump_stack_lvl+0xf2/0x150
[  329.266080][T18750]  dump_stack+0x15/0x20
[  329.270318][T18750]  should_fail_ex+0x223/0x230
[  329.275040][T18750]  should_fail+0xb/0x10
[  329.279208][T18750]  should_fail_usercopy+0x1a/0x20
[  329.284278][T18750]  _copy_to_user+0x20/0xa0
[  329.288815][T18750]  __x64_sys_clock_adjtime+0x164/0x1d0
[  329.294292][T18750]  x64_sys_call+0x21eb/0x2dc0
[  329.299096][T18750]  do_syscall_64+0xc9/0x1c0
[  329.303607][T18750]  ? clear_bhb_loop+0x55/0xb0
[  329.308332][T18750]  ? clear_bhb_loop+0x55/0xb0
[  329.313028][T18750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.318977][T18750] RIP: 0033:0x7fbc353ae919
[  329.323475][T18750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.343154][T18750] RSP: 002b:00007fbc33a21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[  329.351575][T18750] RAX: ffffffffffffffda RBX: 00007fbc35565fa0 RCX: 00007fbc353ae919
[  329.359589][T18750] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000000
[  329.367646][T18750] RBP: 00007fbc33a21090 R08: 0000000000000000 R09: 0000000000000000
[  329.375630][T18750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  329.383660][T18750] R13: 0000000000000001 R14: 00007fbc35565fa0 R15: 00007ffd74cff4a8
[  329.391726][T18750]  </TASK>
[  329.665165][T18784] loop2: detected capacity change from 0 to 256
[  329.667133][T18785] loop8: detected capacity change from 0 to 2048
[  329.671859][T18784] vfat: Bad value for 'time_offset'
[  329.678483][T18785] EXT4-fs: Ignoring removed mblk_io_submit option
[  329.701820][T18785] EXT4-fs (loop8): can't mount with data=, fs mounted w/o journal
[  330.391348][T18799] loop4: detected capacity change from 0 to 512
[  330.401878][T18799] EXT4-fs: Ignoring removed nobh option
[  330.407567][T18799] EXT4-fs: Ignoring removed mblk_io_submit option
[  330.429132][T18799] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.460518][T18809] lo speed is unknown, defaulting to 1000
[  330.467459][T18809] lo speed is unknown, defaulting to 1000
[  330.498537][T12866] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.541540][T18813] loop4: detected capacity change from 0 to 512
[  330.563582][T18813] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  330.598786][T18813] EXT4-fs (loop4): 1 truncate cleaned up
[  330.608921][T18813] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.716383][T18819] __nla_validate_parse: 19 callbacks suppressed
[  330.716399][T18819] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4904'.
[  330.749812][T12866] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.776683][T18819] loop8: detected capacity change from 0 to 164
[  330.899929][T18829] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4908'.
[  330.959296][T18832] FAULT_INJECTION: forcing a failure.
[  330.959296][T18832] name failslab, interval 1, probability 0, space 0, times 0
[  330.972060][T18832] CPU: 1 UID: 0 PID: 18832 Comm: syz.2.4909 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  330.982528][T18832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  330.992654][T18832] Call Trace:
[  330.995933][T18832]  <TASK>
[  330.998864][T18832]  dump_stack_lvl+0xf2/0x150
[  331.003523][T18832]  dump_stack+0x15/0x20
[  331.007698][T18832]  should_fail_ex+0x223/0x230
[  331.012459][T18832]  should_failslab+0x8f/0xb0
[  331.017093][T18832]  kmem_cache_alloc_noprof+0x52/0x320
[  331.022520][T18832]  ? fcntl_setlk+0x53/0x980
[  331.027130][T18832]  fcntl_setlk+0x53/0x980
[  331.031480][T18832]  ? should_fail_ex+0xd7/0x230
[  331.035146][T18838] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4910'.
[  331.036244][T18832]  do_fcntl+0x560/0xdd0
[  331.049287][T18832]  __se_sys_fcntl+0xbd/0x1b0
[  331.053967][T18832]  __x64_sys_fcntl+0x43/0x50
[  331.058564][T18832]  x64_sys_call+0x2129/0x2dc0
[  331.063248][T18832]  do_syscall_64+0xc9/0x1c0
[  331.067762][T18832]  ? clear_bhb_loop+0x55/0xb0
[  331.072509][T18832]  ? clear_bhb_loop+0x55/0xb0
[  331.077197][T18832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.083172][T18832] RIP: 0033:0x7f98e194e919
[  331.087582][T18832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.107242][T18832] RSP: 002b:00007f98dffc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  331.115693][T18832] RAX: ffffffffffffffda RBX: 00007f98e1b05fa0 RCX: 00007f98e194e919
[  331.123666][T18832] RDX: 00000000200000c0 RSI: 0000000000000025 RDI: 0000000000000003
[  331.131663][T18832] RBP: 00007f98dffc7090 R08: 0000000000000000 R09: 0000000000000000
[  331.139686][T18832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.147662][T18832] R13: 0000000000000000 R14: 00007f98e1b05fa0 R15: 00007ffc7ecc6518
[  331.155647][T18832]  </TASK>
[  331.209120][T18840] lo speed is unknown, defaulting to 1000
[  331.211068][T18842] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4913'.
[  331.228511][T18840] lo speed is unknown, defaulting to 1000
[  331.236784][T18844] netlink: 156 bytes leftover after parsing attributes in process `syz.2.4914'.
[  331.238048][T18845] loop7: detected capacity change from 0 to 256
[  331.362852][T18844] lo speed is unknown, defaulting to 1000
[  331.378469][T18844] lo speed is unknown, defaulting to 1000
[  331.385985][T18848] loop2: detected capacity change from 0 to 256
[  331.407441][T18847] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4915'.
[  331.566249][T18852] lo speed is unknown, defaulting to 1000
[  331.643904][T18852] lo speed is unknown, defaulting to 1000
[  331.794275][T18871] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  331.891833][T18871] loop2: detected capacity change from 0 to 2048
[  331.911372][T18880] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  332.062101][T18885] loop8: detected capacity change from 0 to 512
[  332.071308][T18889] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4928'.
[  332.081762][T18887] lo speed is unknown, defaulting to 1000
[  332.090737][T18885] EXT4-fs: Ignoring removed nobh option
[  332.096420][T18885] EXT4-fs: Ignoring removed mblk_io_submit option
[  332.111243][T18890] loop2: detected capacity change from 0 to 256
[  332.131174][T18887] lo speed is unknown, defaulting to 1000
[  332.178571][T18892] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4929'.
[  332.214789][T18885] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.388666][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.466376][T18899] wireguard0: entered promiscuous mode
[  332.471879][T18899] wireguard0: entered allmulticast mode
[  332.482786][T18916] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  332.551014][T18915] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  332.659225][T18929] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4941'.
[  332.661220][T18915] loop7: detected capacity change from 0 to 2048
[  332.678400][T18929] loop4: detected capacity change from 0 to 164
[  332.698910][T18929] bio_check_eod: 25246 callbacks suppressed
[  332.698925][T18929] syz.4.4941: attempt to access beyond end of device
[  332.698925][T18929] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  332.734478][T18929] syz.4.4941: attempt to access beyond end of device
[  332.734478][T18929] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  332.748591][T18929] syz.4.4941: attempt to access beyond end of device
[  332.748591][T18929] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  332.783776][T18929] syz.4.4941: attempt to access beyond end of device
[  332.783776][T18929] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  332.802813][T18932] syz.4.4941: attempt to access beyond end of device
[  332.802813][T18932] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  332.817475][T18929] syz.4.4941: attempt to access beyond end of device
[  332.817475][T18929] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  332.858795][T18932] syz.4.4941: attempt to access beyond end of device
[  332.858795][T18932] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  332.893495][T18929] syz.4.4941: attempt to access beyond end of device
[  332.893495][T18929] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  332.917373][T18938] loop2: detected capacity change from 0 to 512
[  332.927806][T18938] EXT4-fs: Ignoring removed nobh option
[  332.933408][T18938] EXT4-fs: Ignoring removed mblk_io_submit option
[  332.940794][T18932] syz.4.4941: attempt to access beyond end of device
[  332.940794][T18932] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  332.954644][T18929] syz.4.4941: attempt to access beyond end of device
[  332.954644][T18929] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  332.977411][T18938] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.994603][T18943] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4946'.
[  333.040560][T12359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.241872][T18950] lo speed is unknown, defaulting to 1000
[  333.260177][T18954] loop8: detected capacity change from 0 to 512
[  333.268666][T18955] loop2: detected capacity change from 0 to 256
[  333.276356][T18950] lo speed is unknown, defaulting to 1000
[  333.287791][T18954] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  333.321895][T18954] EXT4-fs (loop8): invalid journal inode
[  333.332148][T18954] EXT4-fs (loop8): can't get journal size
[  333.346417][T18954] EXT4-fs (loop8): 1 truncate cleaned up
[  333.357301][T18954] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.380456][T18954] EXT4-fs warning (device loop8): verify_group_input:137: Cannot add at group 4095 (only 1 groups)
[  333.454816][T18967] lo speed is unknown, defaulting to 1000
[  333.455126][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.464115][T18967] lo speed is unknown, defaulting to 1000
[  333.470580][T18965] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  333.613811][T18965] loop7: detected capacity change from 0 to 2048
[  333.631426][T18980] loop8: detected capacity change from 0 to 164
[  333.736364][T18986] loop7: detected capacity change from 0 to 2048
[  333.743386][T18986] EXT4-fs: Ignoring removed mblk_io_submit option
[  333.762556][T18986] EXT4-fs (loop7): can't mount with data=, fs mounted w/o journal
[  333.842130][T18993] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  333.966395][   T29] kauditd_printk_skb: 208 callbacks suppressed
[  333.966410][   T29] audit: type=1326 audit(1732642259.725:22710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18998 comm="syz.7.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  334.040853][   T29] audit: type=1326 audit(1732642259.725:22711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18998 comm="syz.7.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  334.065134][   T29] audit: type=1326 audit(1732642259.725:22712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18998 comm="syz.7.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  334.088930][   T29] audit: type=1326 audit(1732642259.725:22713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18998 comm="syz.7.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  334.113190][   T29] audit: type=1326 audit(1732642259.725:22714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18998 comm="syz.7.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  334.137392][   T29] audit: type=1326 audit(1732642259.725:22715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18998 comm="syz.7.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  334.161164][   T29] audit: type=1326 audit(1732642259.725:22716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18998 comm="syz.7.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  334.185571][   T29] audit: type=1326 audit(1732642259.725:22717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18998 comm="syz.7.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  334.209267][   T29] audit: type=1326 audit(1732642259.775:22718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18998 comm="syz.7.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  334.233432][   T29] audit: type=1326 audit(1732642259.775:22719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18998 comm="syz.7.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fd52ce919 code=0x7ffc0000
[  334.242426][T19005] loop7: detected capacity change from 0 to 512
[  334.317798][T19005] EXT4-fs: Ignoring removed nobh option
[  334.323424][T19005] EXT4-fs: Ignoring removed mblk_io_submit option
[  334.333225][T19005] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.389659][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.431058][T19010] loop2: detected capacity change from 0 to 512
[  334.460762][T19012] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  334.466274][T19010] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.482001][T19010] ext4 filesystem being mounted at /400/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.483826][T19010] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  334.483997][T19010] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.4970: Failed to acquire dquot type 0
[  334.655157][T12359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.703583][T19012] loop7: detected capacity change from 0 to 2048
[  334.722499][T19038] lo speed is unknown, defaulting to 1000
[  334.750165][T19038] lo speed is unknown, defaulting to 1000
[  334.811149][T19047] FAULT_INJECTION: forcing a failure.
[  334.811149][T19047] name failslab, interval 1, probability 0, space 0, times 0
[  334.824713][T19047] CPU: 0 UID: 0 PID: 19047 Comm: syz.4.4983 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  334.835137][T19047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  334.845328][T19047] Call Trace:
[  334.848628][T19047]  <TASK>
[  334.851645][T19047]  dump_stack_lvl+0xf2/0x150
[  334.856288][T19047]  dump_stack+0x15/0x20
[  334.860462][T19047]  should_fail_ex+0x223/0x230
[  334.865224][T19047]  should_failslab+0x8f/0xb0
[  334.869911][T19047]  __kmalloc_noprof+0xab/0x3f0
[  334.874712][T19047]  ? security_key_alloc+0x4d/0x130
[  334.879833][T19047]  security_key_alloc+0x4d/0x130
[  334.884779][T19047]  key_alloc+0x61c/0xa40
[  334.889035][T19047]  ? __kmalloc_noprof+0x36c/0x3f0
[  334.894082][T19047]  keyring_alloc+0x44/0xb0
[  334.898541][T19047]  lookup_user_key+0x318/0xdf0
[  334.903324][T19047]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  334.909617][T19047]  __se_sys_add_key+0x24b/0x320
[  334.914514][T19047]  ? fput+0x1c4/0x200
[  334.918560][T19047]  __x64_sys_add_key+0x67/0x80
[  334.923354][T19047]  x64_sys_call+0x2964/0x2dc0
[  334.928094][T19047]  do_syscall_64+0xc9/0x1c0
[  334.932694][T19047]  ? clear_bhb_loop+0x55/0xb0
[  334.937473][T19047]  ? clear_bhb_loop+0x55/0xb0
[  334.942231][T19047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.948141][T19047] RIP: 0033:0x7fbc353ae919
[  334.952555][T19047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.972184][T19047] RSP: 002b:00007fbc33a21038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  334.980694][T19047] RAX: ffffffffffffffda RBX: 00007fbc35565fa0 RCX: 00007fbc353ae919
[  334.988680][T19047] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000020000280
[  334.996787][T19047] RBP: 00007fbc33a21090 R08: ffffffffffffffff R09: 0000000000000000
[  335.004764][T19047] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[  335.012743][T19047] R13: 0000000000000000 R14: 00007fbc35565fa0 R15: 00007ffd74cff4a8
[  335.020730][T19047]  </TASK>
[  335.155615][T19058] loop2: detected capacity change from 0 to 164
[  335.158211][T19060] loop8: detected capacity change from 0 to 512
[  335.210683][T19060] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.258059][T19060] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  335.297223][T19060] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  335.344737][T19060] EXT4-fs error (device loop8): ext4_acquire_dquot:6938: comm syz.8.4989: Failed to acquire dquot type 0
[  335.427030][T19070] IPVS: Error joining to the multicast group
[  335.466965][T19070] loop4: detected capacity change from 0 to 512
[  335.488547][T19070] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.4992: corrupted in-inode xattr: invalid ea_ino
[  335.504298][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.561440][T19070] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.4992: couldn't read orphan inode 15 (err -117)
[  335.603443][T19070] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.619948][T19081] lo speed is unknown, defaulting to 1000
[  335.639974][T19081] lo speed is unknown, defaulting to 1000
[  335.648551][T19084] loop8: detected capacity change from 0 to 256
[  335.712949][T12866] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.778435][T19088] lo speed is unknown, defaulting to 1000
[  335.816610][T19088] lo speed is unknown, defaulting to 1000
[  335.876070][T19098] FAULT_INJECTION: forcing a failure.
[  335.876070][T19098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.889242][T19098] CPU: 1 UID: 0 PID: 19098 Comm: syz.4.5001 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  335.899720][T19098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  335.909774][T19098] Call Trace:
[  335.913044][T19098]  <TASK>
[  335.915968][T19098]  dump_stack_lvl+0xf2/0x150
[  335.920631][T19098]  dump_stack+0x15/0x20
[  335.924846][T19098]  should_fail_ex+0x223/0x230
[  335.929561][T19098]  should_fail+0xb/0x10
[  335.933711][T19098]  should_fail_usercopy+0x1a/0x20
[  335.938731][T19098]  _copy_to_user+0x20/0xa0
[  335.943157][T19098]  simple_read_from_buffer+0xa0/0x110
[  335.948543][T19098]  proc_fail_nth_read+0xf9/0x140
[  335.953545][T19098]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  335.959161][T19098]  vfs_read+0x1a2/0x700
[  335.963338][T19098]  ? ldsem_up_read+0x91/0xe0
[  335.967957][T19098]  ? __rcu_read_unlock+0x4e/0x70
[  335.972886][T19098]  ? __fget_files+0x17c/0x1c0
[  335.977557][T19098]  ksys_read+0xe8/0x1b0
[  335.981726][T19098]  __x64_sys_read+0x42/0x50
[  335.986269][T19098]  x64_sys_call+0x2874/0x2dc0
[  335.990947][T19098]  do_syscall_64+0xc9/0x1c0
[  335.995460][T19098]  ? clear_bhb_loop+0x55/0xb0
[  336.000318][T19098]  ? clear_bhb_loop+0x55/0xb0
[  336.004991][T19098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.010882][T19098] RIP: 0033:0x7fbc353ad35c
[  336.015365][T19098] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  336.034965][T19098] RSP: 002b:00007fbc33a00030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  336.043366][T19098] RAX: ffffffffffffffda RBX: 00007fbc35566080 RCX: 00007fbc353ad35c
[  336.051326][T19098] RDX: 000000000000000f RSI: 00007fbc33a000a0 RDI: 0000000000000005
[  336.059324][T19098] RBP: 00007fbc33a00090 R08: 0000000000000000 R09: 0000000000000000
[  336.067287][T19098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.075254][T19098] R13: 0000000000000000 R14: 00007fbc35566080 R15: 00007ffd74cff4a8
[  336.083222][T19098]  </TASK>
[  336.284803][T19103] __nla_validate_parse: 11 callbacks suppressed
[  336.284818][T19103] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5002'.
[  336.312870][T19103] loop2: detected capacity change from 0 to 164
[  336.410873][T19114] loop7: detected capacity change from 0 to 128
[  336.448196][T19116] FAULT_INJECTION: forcing a failure.
[  336.448196][T19116] name failslab, interval 1, probability 0, space 0, times 0
[  336.460894][T19116] CPU: 1 UID: 0 PID: 19116 Comm: syz.0.5008 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  336.471316][T19116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  336.481369][T19116] Call Trace:
[  336.484686][T19116]  <TASK>
[  336.487648][T19116]  dump_stack_lvl+0xf2/0x150
[  336.492273][T19116]  dump_stack+0x15/0x20
[  336.496451][T19116]  should_fail_ex+0x223/0x230
[  336.501146][T19116]  should_failslab+0x8f/0xb0
[  336.505741][T19116]  kmem_cache_alloc_noprof+0x52/0x320
[  336.511161][T19116]  ? audit_log_start+0x34c/0x6b0
[  336.516128][T19116]  audit_log_start+0x34c/0x6b0
[  336.521041][T19116]  audit_seccomp+0x4b/0x130
[  336.525551][T19116]  __seccomp_filter+0x6fa/0x1180
[  336.530485][T19116]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  336.536193][T19116]  ? vfs_write+0x596/0x920
[  336.540680][T19116]  ? __schedule+0x6fa/0x930
[  336.545195][T19116]  __secure_computing+0x9f/0x1c0
[  336.550146][T19116]  syscall_trace_enter+0xd1/0x1f0
[  336.555184][T19116]  do_syscall_64+0xaa/0x1c0
[  336.559771][T19116]  ? clear_bhb_loop+0x55/0xb0
[  336.564463][T19116]  ? clear_bhb_loop+0x55/0xb0
[  336.569155][T19116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.575067][T19116] RIP: 0033:0x7f8e110fe919
[  336.579531][T19116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.599176][T19116] RSP: 002b:00007f8e0f771038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  336.607626][T19116] RAX: ffffffffffffffda RBX: 00007f8e112b5fa0 RCX: 00007f8e110fe919
[  336.615629][T19116] RDX: 0000000000000001 RSI: 0000000000000408 RDI: 0000000000004205
[  336.623598][T19116] RBP: 00007f8e0f771090 R08: 0000000000000000 R09: 0000000000000000
[  336.631605][T19116] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  336.639572][T19116] R13: 0000000000000000 R14: 00007f8e112b5fa0 R15: 00007fff7447d898
[  336.647616][T19116]  </TASK>
[  336.706417][T19124] loop7: detected capacity change from 0 to 164
[  336.729486][T19124] Unable to read rock-ridge attributes
[  336.739866][T19124] Unable to read rock-ridge attributes
[  336.792763][T19130] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5014'.
[  336.806289][T19128] lo speed is unknown, defaulting to 1000
[  336.814434][T19130] loop7: detected capacity change from 0 to 164
[  336.821122][T19128] lo speed is unknown, defaulting to 1000
[  337.126877][T19137] loop4: detected capacity change from 0 to 512
[  337.137514][T19135] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5015'.
[  337.166340][T19137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  337.248965][T19141] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  337.252526][T19137] ext4 filesystem being mounted at /390/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.269191][T19137] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  337.283804][T19137] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.5016: Failed to acquire dquot type 0
[  337.313275][T19144] lo speed is unknown, defaulting to 1000
[  337.329427][T19144] lo speed is unknown, defaulting to 1000
[  337.354486][T19152] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5016'.
[  337.374196][T19137] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5016'.
[  337.390434][T19150] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5021'.
[  337.414367][T12866] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.543532][T19160] hsr_slave_0: left promiscuous mode
[  337.561430][T19161] netlink: 156 bytes leftover after parsing attributes in process `syz.4.5024'.
[  337.609982][T19161] lo speed is unknown, defaulting to 1000
[  337.634115][T19161] lo speed is unknown, defaulting to 1000
[  337.672347][T19166] loop4: detected capacity change from 0 to 256
[  337.701200][T19168] loop7: detected capacity change from 0 to 512
[  337.719077][T19165] lo speed is unknown, defaulting to 1000
[  337.734910][T19168] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  337.748639][T19170] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5028'.
[  337.750999][T19171] loop2: detected capacity change from 0 to 256
[  337.776330][T19165] lo speed is unknown, defaulting to 1000
[  337.783905][T19168] EXT4-fs (loop7): 1 truncate cleaned up
[  337.795804][T19168] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  337.882779][T19175] loop8: detected capacity change from 0 to 512
[  337.924037][T19175] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  337.965227][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.976163][T19175] EXT4-fs (loop8): 1 truncate cleaned up
[  337.982177][T19175] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.034607][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.080153][T19189] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5035'.
[  338.201847][T19200] lo speed is unknown, defaulting to 1000
[  338.209299][T19200] lo speed is unknown, defaulting to 1000
[  338.224097][T19205] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5042'.
[  338.236826][T19205] loop7: detected capacity change from 0 to 164
[  338.260573][T19205] bio_check_eod: 90204 callbacks suppressed
[  338.260589][T19205] syz.7.5042: attempt to access beyond end of device
[  338.260589][T19205] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  338.289368][T19205] syz.7.5042: attempt to access beyond end of device
[  338.289368][T19205] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  338.306174][T19211] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  338.319143][T19205] syz.7.5042: attempt to access beyond end of device
[  338.319143][T19205] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  338.355850][T19220] syz.7.5042: attempt to access beyond end of device
[  338.355850][T19220] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  338.369409][T19205] syz.7.5042: attempt to access beyond end of device
[  338.369409][T19205] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  338.387283][T19205] syz.7.5042: attempt to access beyond end of device
[  338.387283][T19205] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  338.405339][T19221] loop8: detected capacity change from 0 to 512
[  338.425135][T19205] syz.7.5042: attempt to access beyond end of device
[  338.425135][T19205] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  338.444503][T19220] syz.7.5042: attempt to access beyond end of device
[  338.444503][T19220] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  338.459530][T19205] syz.7.5042: attempt to access beyond end of device
[  338.459530][T19205] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  338.474303][T19220] syz.7.5042: attempt to access beyond end of device
[  338.474303][T19220] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  338.496071][T19221] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.558606][T19221] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  338.602994][T19221] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  338.652939][T19221] EXT4-fs error (device loop8): ext4_acquire_dquot:6938: comm syz.8.5048: Failed to acquire dquot type 0
[  338.752718][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.809737][T19241] loop2: detected capacity change from 0 to 2048
[  338.846946][T19241] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.847135][T19249] xt_hashlimit: max too large, truncated to 1048576
[  338.877986][T19249] Cannot find set identified by id 0 to match
[  338.885678][T12359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.983129][T19251] 9pnet_fd: Insufficient options for proto=fd
[  339.001735][T19255] loop2: detected capacity change from 0 to 512
[  339.020325][T19255] EXT4-fs: Ignoring removed nobh option
[  339.025956][T19255] EXT4-fs: Ignoring removed mblk_io_submit option
[  339.060004][T19255] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.098014][T19266] loop8: detected capacity change from 0 to 164
[  339.125493][T12359] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.139300][T19269] lo speed is unknown, defaulting to 1000
[  339.161436][T19269] lo speed is unknown, defaulting to 1000
[  339.170340][   T29] kauditd_printk_skb: 489 callbacks suppressed
[  339.170355][   T29] audit: type=1326 audit(1732642264.925:23199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19271 comm="syz.2.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  339.263662][   T29] audit: type=1326 audit(1732642264.925:23200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19271 comm="syz.2.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  339.287484][   T29] audit: type=1326 audit(1732642264.925:23201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19271 comm="syz.2.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  339.311099][   T29] audit: type=1326 audit(1732642264.925:23202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19271 comm="syz.2.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  339.334787][   T29] audit: type=1326 audit(1732642264.925:23203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19271 comm="syz.2.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  339.358399][   T29] audit: type=1326 audit(1732642264.925:23204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19271 comm="syz.2.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  339.381973][   T29] audit: type=1326 audit(1732642264.925:23205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19271 comm="syz.2.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  339.407462][   T29] audit: type=1326 audit(1732642264.925:23206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19271 comm="syz.2.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  339.438036][   T29] audit: type=1326 audit(1732642264.925:23207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19271 comm="syz.2.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  339.461671][   T29] audit: type=1326 audit(1732642264.925:23208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19271 comm="syz.2.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  339.694860][T19299] 9pnet_fd: Insufficient options for proto=fd
[  339.756540][T19306] loop4: detected capacity change from 0 to 512
[  339.786521][T19306] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  339.841472][T19306] EXT4-fs (loop4): 1 truncate cleaned up
[  339.857189][T19306] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.963495][T12866] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.026994][T19328] loop7: detected capacity change from 0 to 512
[  340.045107][T19336] loop4: detected capacity change from 0 to 164
[  340.073181][T19339] gretap0: invalid flags given to default FDB implementation
[  340.082717][T19328] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.099385][T19328] ext4 filesystem being mounted at /371/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  340.172318][T19353] 9pnet_fd: Insufficient options for proto=fd
[  340.198068][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.295752][T19364] loop7: detected capacity change from 0 to 256
[  340.314137][T19364] vfat: Bad value for 'time_offset'
[  340.486451][T19370] loop8: detected capacity change from 0 to 512
[  340.493773][T19370] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  340.648179][T19370] EXT4-fs (loop8): 1 truncate cleaned up
[  340.658674][T19370] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.818298][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.224583][T19397] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  341.261806][T19407] loop7: detected capacity change from 0 to 164
[  341.291113][T19404] IPVS: Error joining to the multicast group
[  341.356004][T19417] 
@ÿ: renamed from veth0_vlan
[  341.365864][T19415] loop8: detected capacity change from 0 to 512
[  341.372384][T19415] EXT4-fs: Ignoring removed nobh option
[  341.377997][T19415] EXT4-fs: Ignoring removed mblk_io_submit option
[  341.404408][T19415] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.465536][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.534484][T19423] __nla_validate_parse: 8 callbacks suppressed
[  341.534498][T19423] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5112'.
[  341.650187][T19431] loop8: detected capacity change from 0 to 512
[  341.664718][T19431] EXT4-fs: Ignoring removed nobh option
[  341.712211][T19431] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.736086][T19431] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  341.783394][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.885375][T19440] syz.2.5120[19440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  341.885493][T19440] syz.2.5120[19440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  341.913743][T19440] syz.2.5120[19440] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  342.049973][T19446] IPVS: Error joining to the multicast group
[  342.278989][T19472] lo speed is unknown, defaulting to 1000
[  342.294566][T19472] lo speed is unknown, defaulting to 1000
[  342.330548][T19481] loop7: detected capacity change from 0 to 2048
[  342.356399][T19481] syz.7.5130[19481] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  342.356529][T19481] syz.7.5130[19481] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  342.368103][T19481] syz.7.5130[19481] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  342.417285][T19482] IPVS: Error joining to the multicast group
[  342.442061][T19479] loop8: detected capacity change from 0 to 512
[  342.451038][T19479] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2240: inode #15: comm syz.8.5134: corrupted in-inode xattr: invalid ea_ino
[  342.464910][T19479] EXT4-fs error (device loop8): ext4_orphan_get:1394: comm syz.8.5134: couldn't read orphan inode 15 (err -117)
[  342.479154][T19479] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  342.578404][T19492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5133'.
[  342.671550][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.908405][T19496] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5136'.
[  342.923957][T19496] loop7: detected capacity change from 0 to 164
[  342.947692][T19498] loop8: detected capacity change from 0 to 512
[  342.978351][T19498] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  343.002712][T19498] EXT4-fs (loop8): 1 truncate cleaned up
[  343.009621][T19498] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  343.016887][T19500] loop4: detected capacity change from 0 to 8192
[  343.071597][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.250809][T19516] lo speed is unknown, defaulting to 1000
[  343.261558][T19516] lo speed is unknown, defaulting to 1000
[  343.274208][T19496] bio_check_eod: 73529 callbacks suppressed
[  343.274222][T19496] syz.7.5136: attempt to access beyond end of device
[  343.274222][T19496] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  343.296396][T19514] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.5144'.
[  343.300861][T19519] loop8: detected capacity change from 0 to 256
[  343.313778][T19496] syz.7.5136: attempt to access beyond end of device
[  343.313778][T19496] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  343.332492][T19517] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.5144'.
[  343.341759][T19496] syz.7.5136: attempt to access beyond end of device
[  343.341759][T19496] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  343.341870][T19496] syz.7.5136: attempt to access beyond end of device
[  343.341870][T19496] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  343.369444][T19496] syz.7.5136: attempt to access beyond end of device
[  343.369444][T19496] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  343.384466][T19496] syz.7.5136: attempt to access beyond end of device
[  343.384466][T19496] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  343.399030][T19496] syz.7.5136: attempt to access beyond end of device
[  343.399030][T19496] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  343.412895][T19496] syz.7.5136: attempt to access beyond end of device
[  343.412895][T19496] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  343.427439][T19496] syz.7.5136: attempt to access beyond end of device
[  343.427439][T19496] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  343.441121][T19496] syz.7.5136: attempt to access beyond end of device
[  343.441121][T19496] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  343.910083][T19548] binfmt_misc: register: failed to install interpreter file ./file0
[  343.922657][T19548] netlink: 'syz.2.5157': attribute type 1 has an invalid length.
[  343.930538][T19548] netlink: 'syz.2.5157': attribute type 3 has an invalid length.
[  343.938392][T19548] netlink: 204 bytes leftover after parsing attributes in process `syz.2.5157'.
[  343.954576][T19550] loop4: detected capacity change from 0 to 512
[  343.995498][T19550] ext4 filesystem being mounted at /414/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  344.012442][T19550] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  344.037793][T19550] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.5159: Failed to acquire dquot type 0
[  344.065974][T19563] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  344.118589][T19571] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5159'.
[  344.136276][T19550] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5159'.
[  344.181721][T19579] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5169'.
[  344.193190][   T29] kauditd_printk_skb: 771 callbacks suppressed
[  344.193206][T19575] hsr_slave_0: left promiscuous mode
[  344.193222][   T29] audit: type=1326 audit(1732642269.945:23978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19578 comm="syz.2.5169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  344.193483][   T29] audit: type=1326 audit(1732642269.945:23979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19578 comm="syz.2.5169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  344.257893][T19575] hsr_slave_1: left promiscuous mode
[  344.274644][T19579] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5169'.
[  344.283633][   T29] audit: type=1326 audit(1732642270.005:23980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19578 comm="syz.2.5169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  344.307234][   T29] audit: type=1326 audit(1732642270.005:23981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19578 comm="syz.2.5169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  344.330829][   T29] audit: type=1326 audit(1732642270.015:23982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19578 comm="syz.2.5169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  344.354656][   T29] audit: type=1326 audit(1732642270.015:23983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19578 comm="syz.2.5169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  344.378328][   T29] audit: type=1326 audit(1732642270.015:23984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19578 comm="syz.2.5169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98e194e919 code=0x7ffc0000
[  344.401951][   T29] audit: type=1326 audit(1732642270.015:23985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.4.5170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc353ae919 code=0x7ffc0000
[  344.425607][   T29] audit: type=1326 audit(1732642270.015:23986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.4.5170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc353ae919 code=0x7ffc0000
[  344.449214][   T29] audit: type=1326 audit(1732642270.015:23987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19580 comm="syz.4.5170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbc353ae919 code=0x7ffc0000
[  344.524081][T19582] IPVS: Error joining to the multicast group
[  344.537926][T19582] loop4: detected capacity change from 0 to 512
[  344.550968][T19582] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.5170: corrupted in-inode xattr: invalid ea_ino
[  344.568868][T19590] bond1: entered promiscuous mode
[  344.574008][T19590] bond1: entered allmulticast mode
[  344.584140][T19590] 8021q: adding VLAN 0 to HW filter on device bond1
[  344.604145][T19582] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.5170: couldn't read orphan inode 15 (err -117)
[  344.617619][T19590] bond1 (unregistering): Released all slaves
[  344.685780][T19597] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  344.704623][T19600] netlink: 'syz.2.5176': attribute type 6 has an invalid length.
[  344.712394][T19600] IPv6: NLM_F_CREATE should be specified when creating new route
[  344.742015][T19602] loop4: detected capacity change from 0 to 512
[  344.762816][T19602] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  344.791754][T19602] EXT4-fs (loop4): 1 truncate cleaned up
[  344.861260][T19615] lo speed is unknown, defaulting to 1000
[  344.867425][T19615] lo speed is unknown, defaulting to 1000
[  345.198223][T19640] xt_hashlimit: max too large, truncated to 1048576
[  345.298987][T19643] No such timeout policy "syz1"
[  345.345378][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  345.722147][T19623] syz.2.5186 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=1000
[  345.736972][T19623] CPU: 0 UID: 0 PID: 19623 Comm: syz.2.5186 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  345.747391][T19623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  345.757493][T19623] Call Trace:
[  345.760757][T19623]  <TASK>
[  345.763675][T19623]  dump_stack_lvl+0xf2/0x150
[  345.768265][T19623]  dump_stack+0x15/0x20
[  345.772485][T19623]  dump_header+0x83/0x2d0
[  345.776814][T19623]  oom_kill_process+0x341/0x4c0
[  345.781700][T19623]  out_of_memory+0x9af/0xbe0
[  345.786275][T19623]  ? css_next_descendant_pre+0x11c/0x140
[  345.791973][T19623]  mem_cgroup_out_of_memory+0x13e/0x190
[  345.797609][T19623]  try_charge_memcg+0x508/0x7f0
[  345.802510][T19623]  ? crypto_cbc_module_init+0x10/0x20
[  345.807900][T19623]  obj_cgroup_charge_pages+0xbd/0x1a0
[  345.813269][T19623]  __memcg_kmem_charge_page+0x9d/0x170
[  345.818780][T19623]  __alloc_pages_noprof+0x1bc/0x340
[  345.824164][T19623]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  345.829683][T19623]  alloc_pages_noprof+0xe1/0x100
[  345.834631][T19623]  __vmalloc_node_range_noprof+0x6eb/0xe80
[  345.840452][T19623]  __kvmalloc_node_noprof+0x121/0x170
[  345.845827][T19623]  ? ip_set_alloc+0x1f/0x30
[  345.850374][T19623]  ip_set_alloc+0x1f/0x30
[  345.854716][T19623]  hash_netiface_create+0x273/0x730
[  345.859917][T19623]  ? __nla_parse+0x40/0x60
[  345.864392][T19623]  ? __pfx_hash_netiface_create+0x10/0x10
[  345.870109][T19623]  ip_set_create+0x359/0x8a0
[  345.874699][T19623]  ? strnstr+0x61/0x100
[  345.878902][T19623]  ? __nla_parse+0x40/0x60
[  345.883356][T19623]  nfnetlink_rcv_msg+0x4a9/0x570
[  345.888324][T19623]  netlink_rcv_skb+0x12c/0x230
[  345.893077][T19623]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  345.898534][T19623]  nfnetlink_rcv+0x16c/0x15d0
[  345.903207][T19623]  ? kmem_cache_free+0xdc/0x2d0
[  345.908130][T19623]  ? nlmon_xmit+0x51/0x60
[  345.912471][T19623]  ? __kfree_skb+0x102/0x150
[  345.917051][T19623]  ? consume_skb+0x49/0x160
[  345.921603][T19623]  ? nlmon_xmit+0x51/0x60
[  345.925972][T19623]  ? dev_hard_start_xmit+0x3c1/0x3f0
[  345.931261][T19623]  ? __dev_queue_xmit+0xb6e/0x2090
[  345.936399][T19623]  ? ref_tracker_free+0x3a5/0x410
[  345.941418][T19623]  ? __dev_queue_xmit+0x186/0x2090
[  345.946525][T19623]  ? __netlink_deliver_tap+0x4c6/0x4f0
[  345.952017][T19623]  netlink_unicast+0x599/0x670
[  345.956788][T19623]  netlink_sendmsg+0x5cc/0x6e0
[  345.961545][T19623]  ? __pfx_netlink_sendmsg+0x10/0x10
[  345.966894][T19623]  __sock_sendmsg+0x140/0x180
[  345.971567][T19623]  ____sys_sendmsg+0x312/0x410
[  345.976473][T19623]  __sys_sendmsg+0x19d/0x230
[  345.981063][T19623]  __x64_sys_sendmsg+0x46/0x50
[  345.985907][T19623]  x64_sys_call+0x2734/0x2dc0
[  345.990657][T19623]  do_syscall_64+0xc9/0x1c0
[  345.995208][T19623]  ? clear_bhb_loop+0x55/0xb0
[  345.999886][T19623]  ? clear_bhb_loop+0x55/0xb0
[  346.004627][T19623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.010614][T19623] RIP: 0033:0x7f98e194e919
[  346.015020][T19623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.034713][T19623] RSP: 002b:00007f98dffc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  346.043116][T19623] RAX: ffffffffffffffda RBX: 00007f98e1b05fa0 RCX: 00007f98e194e919
[  346.051087][T19623] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005
[  346.059049][T19623] RBP: 00007f98e19c197e R08: 0000000000000000 R09: 0000000000000000
[  346.067011][T19623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  346.074973][T19623] R13: 0000000000000000 R14: 00007f98e1b05fa0 R15: 00007ffc7ecc6518
[  346.083065][T19623]  </TASK>
[  346.086387][T19623] memory: usage 307196kB, limit 307200kB, failcnt 329
[  346.094218][T19623] memory+swap: usage 307660kB, limit 9007199254740988kB, failcnt 0
[  346.102145][T19623] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  346.109475][T19623] Memory cgroup stats for /syz2:
[  346.109771][T19623] cache 4096
[  346.118173][T19623] rss 4096
[  346.121200][T19623] shmem 0
[  346.124797][T19623] mapped_file 4096
[  346.128671][T19623] dirty 0
[  346.131810][T19623] writeback 0
[  346.135126][T19623] workingset_refault_anon 360
[  346.139805][T19623] workingset_refault_file 1584
[  346.144592][T19623] swap 475136
[  346.147897][T19623] swapcached 8192
[  346.151565][T19623] pgpgin 1027092
[  346.155731][T19623] pgpgout 1027089
[  346.159366][T19623] pgfault 353807
[  346.162904][T19623] pgmajfault 228
[  346.166646][T19623] inactive_anon 0
[  346.170395][T19623] active_anon 8192
[  346.174150][T19623] inactive_file 4096
[  346.178038][T19623] active_file 0
[  346.181523][T19623] unevictable 0
[  346.185583][T19623] hierarchical_memory_limit 314572800
[  346.191048][T19623] hierarchical_memsw_limit 9223372036854771712
[  346.197361][T19623] total_cache 4096
[  346.201306][T19623] total_rss 4096
[  346.204880][T19623] total_shmem 0
[  346.208332][T19623] total_mapped_file 4096
[  346.212662][T19623] total_dirty 0
[  346.216716][T19623] total_writeback 0
[  346.220552][T19623] total_workingset_refault_anon 360
[  346.225805][T19623] total_workingset_refault_file 1584
[  346.231092][T19623] total_swap 475136
[  346.234982][T19623] total_swapcached 8192
[  346.239147][T19623] total_pgpgin 1027092
[  346.243215][T19623] total_pgpgout 1027089
[  346.247901][T19623] total_pgfault 353816
[  346.252108][T19623] total_pgmajfault 228
[  346.256294][T19623] total_inactive_anon 0
[  346.260517][T19623] total_active_anon 8192
[  346.265134][T19623] total_inactive_file 4096
[  346.269659][T19623] total_active_file 0
[  346.274241][T19623] total_unevictable 0
[  346.278228][T19623] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5186,pid=19620,uid=0
[  346.292966][T19623] Memory cgroup out of memory: Killed process 19620 (syz.2.5186) total-vm:93268kB, anon-rss:744kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000
[  346.382246][T19667] loop4: detected capacity change from 0 to 8192
[  346.399621][T19667] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  346.498724][T19640] Cannot find set identified by id 0 to match
[  346.518398][T19623] syz.2.5186 (19623) used greatest stack depth: 6288 bytes left
[  346.519587][T19669] lo speed is unknown, defaulting to 1000
[  346.538710][T19669] lo speed is unknown, defaulting to 1000
[  346.565039][T19674] loop8: detected capacity change from 0 to 512
[  346.586559][T19674] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  346.621933][T19674] EXT4-fs (loop8): 1 truncate cleaned up
[  346.713783][T19683] IPVS: Error joining to the multicast group
[  346.760517][T19692] __nla_validate_parse: 1 callbacks suppressed
[  346.760533][T19692] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5209'.
[  346.908570][T19703] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5214'.
[  346.979309][T19707] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5216'.
[  347.452554][T19733] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5226'.
[  347.468413][T19735] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5228'.
[  347.507041][T19739] netlink: 108 bytes leftover after parsing attributes in process `syz.7.5229'.
[  347.516151][T19739] netlink: 108 bytes leftover after parsing attributes in process `syz.7.5229'.
[  347.525224][T19739] netlink: 108 bytes leftover after parsing attributes in process `syz.7.5229'.
[  347.667344][T19747] loop4: detected capacity change from 0 to 512
[  347.681253][T19750] loop7: detected capacity change from 0 to 256
[  347.689305][T19750] vfat: Bad value for 'time_offset'
[  347.783416][T19754] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5234'.
[  347.831867][T19747] EXT4-fs warning (device loop4): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  348.015222][T19763] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5233'.
[  348.345755][T19776] IPVS: Error joining to the multicast group
[  348.348846][T19768] loop8: detected capacity change from 0 to 1764
[  348.429830][T19783] loop4: detected capacity change from 0 to 512
[  348.441258][T19783] EXT4-fs: Ignoring removed nobh option
[  348.446938][T19783] EXT4-fs: Ignoring removed mblk_io_submit option
[  348.496637][T19789] lo speed is unknown, defaulting to 1000
[  348.531085][T19789] lo speed is unknown, defaulting to 1000
[  348.711154][T19808] xt_hashlimit: max too large, truncated to 1048576
[  349.005835][T19822] IPVS: Error joining to the multicast group
[  349.022963][T19823] lo speed is unknown, defaulting to 1000
[  349.041893][T19823] lo speed is unknown, defaulting to 1000
[  349.652022][T19838] loop8: detected capacity change from 0 to 512
[  349.679367][T19838] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  349.689470][   T29] kauditd_printk_skb: 923 callbacks suppressed
[  349.689483][   T29] audit: type=1326 audit(1732642275.425:24910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19839 comm="syz.0.5260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  349.719332][   T29] audit: type=1326 audit(1732642275.425:24911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19839 comm="syz.0.5260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  349.742953][   T29] audit: type=1326 audit(1732642275.425:24912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19839 comm="syz.0.5260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  349.766539][   T29] audit: type=1326 audit(1732642275.425:24913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19839 comm="syz.0.5260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  349.790129][   T29] audit: type=1326 audit(1732642275.425:24914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19839 comm="syz.0.5260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  349.813699][   T29] audit: type=1326 audit(1732642275.425:24915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19839 comm="syz.0.5260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  349.837391][   T29] audit: type=1326 audit(1732642275.425:24916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19839 comm="syz.0.5260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  349.860950][   T29] audit: type=1326 audit(1732642275.425:24917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19839 comm="syz.0.5260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  349.884578][   T29] audit: type=1326 audit(1732642275.425:24918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19839 comm="syz.0.5260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  349.908186][   T29] audit: type=1326 audit(1732642275.425:24919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19839 comm="syz.0.5260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e110fe919 code=0x7ffc0000
[  349.924282][T19838] EXT4-fs (loop8): 1 truncate cleaned up
[  350.037901][T19808] Cannot find set identified by id 0 to match
[  350.098532][T19850] xt_hashlimit: max too large, truncated to 1048576
[  350.110482][T19850] Cannot find set identified by id 0 to match
[  350.110708][T19835] syz.8.5259: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  350.120231][T19852] loop7: detected capacity change from 0 to 512
[  350.131769][T19835] CPU: 0 UID: 0 PID: 19835 Comm: syz.8.5259 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  350.147885][T19835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  350.157969][T19835] Call Trace:
[  350.161249][T19835]  <TASK>
[  350.164176][T19835]  dump_stack_lvl+0xf2/0x150
[  350.168786][T19835]  dump_stack+0x15/0x20
[  350.172939][T19835]  warn_alloc+0x145/0x1b0
[  350.177349][T19835]  ? __schedule+0x6fa/0x930
[  350.181899][T19835]  ? __vmalloc_node_range_noprof+0x88/0xe80
[  350.187836][T19835]  __vmalloc_node_range_noprof+0xaa/0xe80
[  350.193583][T19835]  ? __pfx_futex_wake_mark+0x10/0x10
[  350.198883][T19835]  ? __rcu_read_unlock+0x4e/0x70
[  350.203816][T19835]  ? avc_has_perm_noaudit+0x1cc/0x210
[  350.209233][T19835]  ? should_fail_ex+0x31/0x230
[  350.214028][T19835]  ? xskq_create+0x36/0xd0
[  350.218438][T19835]  ? should_failslab+0x8f/0xb0
[  350.223193][T19835]  vmalloc_user_noprof+0x59/0x70
[  350.228125][T19835]  ? xskq_create+0x79/0xd0
[  350.232556][T19835]  xskq_create+0x79/0xd0
[  350.236789][T19835]  xsk_init_queue+0x82/0xd0
[  350.241282][T19835]  xsk_setsockopt+0x409/0x520
[  350.245950][T19835]  ? __pfx_xsk_setsockopt+0x10/0x10
[  350.251207][T19835]  __sys_setsockopt+0x187/0x200
[  350.256055][T19835]  __x64_sys_setsockopt+0x66/0x80
[  350.261070][T19835]  x64_sys_call+0x282e/0x2dc0
[  350.265743][T19835]  do_syscall_64+0xc9/0x1c0
[  350.270283][T19835]  ? clear_bhb_loop+0x55/0xb0
[  350.275061][T19835]  ? clear_bhb_loop+0x55/0xb0
[  350.279754][T19835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.285664][T19835] RIP: 0033:0x7f6732ade919
[  350.290099][T19835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.309819][T19835] RSP: 002b:00007f6731151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  350.318240][T19835] RAX: ffffffffffffffda RBX: 00007f6732c95fa0 RCX: 00007f6732ade919
[  350.326210][T19835] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000010
[  350.334177][T19835] RBP: 00007f6732b5197e R08: 0000000000000020 R09: 0000000000000000
[  350.342144][T19835] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000000
[  350.350107][T19835] R13: 0000000000000000 R14: 00007f6732c95fa0 R15: 00007ffda7a4e018
[  350.358139][T19835]  </TASK>
[  350.361311][T19835] Mem-Info:
[  350.373492][T19835] active_anon:6581 inactive_anon:10 isolated_anon:0
[  350.373492][T19835]  active_file:17409 inactive_file:2096 isolated_file:0
[  350.373492][T19835]  unevictable:0 dirty:195 writeback:0
[  350.373492][T19835]  slab_reclaimable:3326 slab_unreclaimable:23833
[  350.373492][T19835]  mapped:28946 shmem:1567 pagetables:1181
[  350.373492][T19835]  sec_pagetables:0 bounce:0
[  350.373492][T19835]  kernel_misc_reclaimable:0
[  350.373492][T19835]  free:1855947 free_pcp:31719 free_cma:0
[  350.418733][T19835] Node 0 active_anon:26440kB inactive_anon:40kB active_file:69636kB inactive_file:8384kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:115784kB dirty:780kB writeback:0kB shmem:6268kB writeback_tmp:0kB kernel_stack:3904kB pagetables:4724kB sec_pagetables:0kB all_unreclaimable? no
[  350.447249][T19835] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  350.474778][T19835] lowmem_reserve[]: 0 2866 7844 0
[  350.479911][T19835] Node 0 DMA32 free:2950316kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953948kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB
[  350.509099][T19835] lowmem_reserve[]: 0 0 4978 0
[  350.519149][T19835] Node 0 Normal free:4457984kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:26556kB inactive_anon:40kB active_file:69636kB inactive_file:8384kB unevictable:0kB writepending:780kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:122832kB local_pcp:6212kB free_cma:0kB
[  350.549938][T19835] lowmem_reserve[]: 0 0 0 0
[  350.560862][T19835] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  350.574255][T19835] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 1*16kB (M) 2*32kB (M) 3*64kB (M) 3*128kB (M) 2*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950316kB
[  350.590464][T19835] Node 0 Normal: 1133*4kB (UME) 353*8kB (UME) 424*16kB (UME) 1368*32kB (UME) 962*64kB (UME) 450*128kB (UM) 784*256kB (UME) 662*512kB (UME) 686*1024kB (UME) 182*2048kB (UM) 653*4096kB (UM) = 4466620kB
[  350.610587][T19835] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  350.619932][T19835] 21123 total pagecache pages
[  350.624616][T19835] 3 pages in swap cache
[  350.626853][T19852] EXT4-fs mount: 13 callbacks suppressed
[  350.626932][T19852] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.628742][T19835] Free swap  = 123828kB
[  350.635201][T19852] ext4 filesystem being mounted at /403/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  350.647369][T19835] Total swap = 124996kB
[  350.647379][T19835] 2097051 pages RAM
[  350.647385][T19835] 0 pages HighMem/MovableOnly
[  350.647392][T19835] 80172 pages reserved
[  350.697903][T19852] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  350.712472][T19852] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.5265: Failed to acquire dquot type 0
[  350.742986][T19857] lo speed is unknown, defaulting to 1000
[  350.752081][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.759220][T19857] lo speed is unknown, defaulting to 1000
[  350.762432][T19862] IPVS: Error joining to the multicast group
[  350.823106][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.824498][T19862] loop4: detected capacity change from 0 to 512
[  350.869791][T19862] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.5268: corrupted in-inode xattr: invalid ea_ino
[  350.894591][T19868] lo speed is unknown, defaulting to 1000
[  350.911588][T19862] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.5268: couldn't read orphan inode 15 (err -117)
[  350.925475][T19875] loop8: detected capacity change from 0 to 256
[  350.927397][T19862] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.942255][T19877] FAULT_INJECTION: forcing a failure.
[  350.942255][T19877] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  350.945758][T19868] lo speed is unknown, defaulting to 1000
[  350.957765][T19877] CPU: 0 UID: 0 PID: 19877 Comm: syz.7.5274 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  350.973904][T19877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  350.983957][T19877] Call Trace:
[  350.987238][T19877]  <TASK>
[  350.990171][T19877]  dump_stack_lvl+0xf2/0x150
[  350.994774][T19877]  dump_stack+0x15/0x20
[  350.999017][T19877]  should_fail_ex+0x223/0x230
[  351.003709][T19877]  should_fail+0xb/0x10
[  351.007867][T19877]  should_fail_usercopy+0x1a/0x20
[  351.012964][T19877]  _copy_from_user+0x1e/0xb0
[  351.017560][T19877]  get_timespec64+0x49/0x140
[  351.022235][T19877]  __x64_sys_mq_timedsend+0x92/0x150
[  351.027569][T19877]  x64_sys_call+0x2a68/0x2dc0
[  351.032241][T19877]  do_syscall_64+0xc9/0x1c0
[  351.036741][T19877]  ? clear_bhb_loop+0x55/0xb0
[  351.041430][T19877]  ? clear_bhb_loop+0x55/0xb0
[  351.046188][T19877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.052076][T19877] RIP: 0033:0x7f6fd52ce919
[  351.056484][T19877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.076218][T19877] RSP: 002b:00007f6fd3947038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2
[  351.084623][T19877] RAX: ffffffffffffffda RBX: 00007f6fd5485fa0 RCX: 00007f6fd52ce919
[  351.092623][T19877] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  351.100581][T19877] RBP: 00007f6fd3947090 R08: 0000000020000340 R09: 0000000000000000
[  351.108542][T19877] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001
[  351.116607][T19877] R13: 0000000000000000 R14: 00007f6fd5485fa0 R15: 00007ffc9ae5b158
[  351.124570][T19877]  </TASK>
[  351.253261][T12866] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.317321][T19894] loop4: detected capacity change from 0 to 164
[  351.337015][T19894] bio_check_eod: 6146 callbacks suppressed
[  351.337067][T19894] syz.4.5278: attempt to access beyond end of device
[  351.337067][T19894] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  351.379680][T19894] syz.4.5278: attempt to access beyond end of device
[  351.379680][T19894] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  351.409728][T19894] syz.4.5278: attempt to access beyond end of device
[  351.409728][T19894] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  351.423267][T19901] syz.4.5278: attempt to access beyond end of device
[  351.423267][T19901] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  351.441379][T19894] syz.4.5278: attempt to access beyond end of device
[  351.441379][T19894] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  351.455850][T19903] FAULT_INJECTION: forcing a failure.
[  351.455850][T19903] name failslab, interval 1, probability 0, space 0, times 0
[  351.468917][T19894] syz.4.5278: attempt to access beyond end of device
[  351.468917][T19894] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  351.468993][T19894] syz.4.5278: attempt to access beyond end of device
[  351.468993][T19894] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  351.469030][T19894] syz.4.5278: attempt to access beyond end of device
[  351.469030][T19894] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  351.469129][T19894] syz.4.5278: attempt to access beyond end of device
[  351.469129][T19894] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  351.469163][T19894] syz.4.5278: attempt to access beyond end of device
[  351.469163][T19894] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  351.482575][T19903] CPU: 0 UID: 0 PID: 19903 Comm: syz.0.5284 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  351.482605][T19903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  351.482616][T19903] Call Trace:
[  351.482623][T19903]  <TASK>
[  351.562725][T19903]  dump_stack_lvl+0xf2/0x150
[  351.567378][T19903]  dump_stack+0x15/0x20
[  351.571538][T19903]  should_fail_ex+0x223/0x230
[  351.576260][T19903]  should_failslab+0x8f/0xb0
[  351.580925][T19903]  kmem_cache_alloc_noprof+0x52/0x320
[  351.586292][T19903]  ? alloc_empty_file+0xd0/0x200
[  351.591338][T19903]  ? _raw_spin_unlock+0x26/0x50
[  351.596181][T19903]  alloc_empty_file+0xd0/0x200
[  351.600993][T19903]  alloc_file_pseudo+0xc3/0x140
[  351.605920][T19903]  anon_inode_getfile+0xa3/0x120
[  351.610874][T19903]  do_epoll_create+0x1ec/0x280
[  351.615715][T19903]  __x64_sys_epoll_create+0x35/0x50
[  351.620939][T19903]  x64_sys_call+0x2b26/0x2dc0
[  351.625652][T19903]  do_syscall_64+0xc9/0x1c0
[  351.630300][T19903]  ? clear_bhb_loop+0x55/0xb0
[  351.634974][T19903]  ? clear_bhb_loop+0x55/0xb0
[  351.639646][T19903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.645540][T19903] RIP: 0033:0x7f8e110fe919
[  351.649967][T19903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.669571][T19903] RSP: 002b:00007f8e0f771038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5
[  351.677973][T19903] RAX: ffffffffffffffda RBX: 00007f8e112b5fa0 RCX: 00007f8e110fe919
[  351.685940][T19903] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  351.693910][T19903] RBP: 00007f8e0f771090 R08: 0000000000000000 R09: 0000000000000000
[  351.701872][T19903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.709835][T19903] R13: 0000000000000000 R14: 00007f8e112b5fa0 R15: 00007fff7447d898
[  351.717803][T19903]  </TASK>
[  351.778381][ T3394] IPVS: starting estimator thread 0...
[  351.863869][T19913] lo speed is unknown, defaulting to 1000
[  351.872425][T19913] lo speed is unknown, defaulting to 1000
[  351.893793][T19911] IPVS: using max 2448 ests per chain, 122400 per kthread
[  351.907868][T19915] IPVS: Error joining to the multicast group
[  351.950958][T19915] loop7: detected capacity change from 0 to 512
[  351.987561][T19915] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2240: inode #15: comm syz.7.5289: corrupted in-inode xattr: invalid ea_ino
[  352.026949][T19915] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.5289: couldn't read orphan inode 15 (err -117)
[  352.055090][T19929] FAULT_INJECTION: forcing a failure.
[  352.055090][T19929] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  352.068352][T19929] CPU: 1 UID: 0 PID: 19929 Comm: syz.8.5293 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  352.078781][T19929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  352.088869][T19929] Call Trace:
[  352.092162][T19929]  <TASK>
[  352.095103][T19929]  dump_stack_lvl+0xf2/0x150
[  352.099734][T19929]  dump_stack+0x15/0x20
[  352.103938][T19929]  should_fail_ex+0x223/0x230
[  352.108705][T19929]  should_fail_alloc_page+0xfd/0x110
[  352.111536][T19915] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.113990][T19929]  __alloc_pages_noprof+0x109/0x340
[  352.114017][T19929]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  352.137052][T19929]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  352.142469][T19929]  handle_mm_fault+0xdd7/0x2ac0
[  352.147354][T19929]  exc_page_fault+0x296/0x650
[  352.152052][T19929]  asm_exc_page_fault+0x26/0x30
[  352.156993][T19929] RIP: 0010:rep_stos_alternative+0x5b/0x80
[  352.162806][T19929] Code: 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 <48> 89 47 38 48 83 c7 40 48 83 e9 40 48 83 f9 40 73 d3 83 f9 08 73
[  352.182427][T19929] RSP: 0018:ffffc90000ec3da8 EFLAGS: 00050206
[  352.188517][T19929] RAX: 0000000000000000 RBX: 00000001207d1ffe RCX: 00000000fffff036
[  352.196560][T19929] RDX: 0000000000000000 RSI: 00000000207d2008 RDI: 00000000207d2fc8
[  352.204520][T19929] RBP: 00000000fffffff6 R08: ffffffff835c2d29 R09: 0000000000000000
[  352.212480][T19929] R10: 0001ffffffffffff R11: 0001c90000ec3e1f R12: 00000000207d2008
[  352.220441][T19929] R13: 0000000000000008 R14: 00007ffffffff000 R15: ffff8881033fcc78
[  352.228417][T19929]  ? evdev_ioctl_handler+0x1359/0x1650
[  352.233925][T19929]  evdev_ioctl_handler+0x1378/0x1650
[  352.239255][T19929]  ? do_vfs_ioctl+0x96e/0x1530
[  352.244037][T19929]  evdev_ioctl+0x24/0x30
[  352.248371][T19929]  ? __pfx_evdev_ioctl+0x10/0x10
[  352.253320][T19929]  __se_sys_ioctl+0xc9/0x140
[  352.257991][T19929]  __x64_sys_ioctl+0x43/0x50
[  352.262603][T19929]  x64_sys_call+0x1690/0x2dc0
[  352.267296][T19929]  do_syscall_64+0xc9/0x1c0
[  352.271851][T19929]  ? clear_bhb_loop+0x55/0xb0
[  352.276551][T19929]  ? clear_bhb_loop+0x55/0xb0
[  352.281299][T19929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.287193][T19929] RIP: 0033:0x7f6732ade919
[  352.291650][T19929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.311253][T19929] RSP: 002b:00007f6731151038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  352.319730][T19929] RAX: ffffffffffffffda RBX: 00007f6732c95fa0 RCX: 00007f6732ade919
[  352.327765][T19929] RDX: 00000000200000c0 RSI: 0000000080104592 RDI: 0000000000000003
[  352.335757][T19929] RBP: 00007f6731151090 R08: 0000000000000000 R09: 0000000000000000
[  352.343730][T19929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.351762][T19929] R13: 0000000000000000 R14: 00007f6732c95fa0 R15: 00007ffda7a4e018
[  352.359744][T19929]  </TASK>
[  352.526098][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.559555][T19935] loop4: detected capacity change from 0 to 512
[  352.569087][T19933] __nla_validate_parse: 13 callbacks suppressed
[  352.569101][T19933] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5294'.
[  352.587229][T19933] loop7: detected capacity change from 0 to 164
[  352.607161][T19935] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.629844][T19935] ext4 filesystem being mounted at /435/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  352.668301][T19936] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5295'.
[  352.671220][T19935] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  352.689769][T19936] loop8: detected capacity change from 0 to 512
[  352.692861][T19935] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.5296: Failed to acquire dquot type 0
[  352.733670][T19936] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  352.783956][T19936] EXT4-fs (loop8): 1 truncate cleaned up
[  352.794587][T19936] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  352.796397][T19935] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5296'.
[  352.816704][T19947] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5296'.
[  352.833760][T19936] netlink: 24 bytes leftover after parsing attributes in process `syz.8.5295'.
[  352.842753][T19936] IPv6: NLM_F_CREATE should be specified when creating new route
[  352.908784][T12866] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.918540][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.082670][T19977] loop8: detected capacity change from 0 to 512
[  353.111098][T19977] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  353.124071][T19979] FAULT_INJECTION: forcing a failure.
[  353.124071][T19979] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  353.137183][T19979] CPU: 1 UID: 0 PID: 19979 Comm: syz.2.5312 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  353.147627][T19979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  353.157759][T19979] Call Trace:
[  353.161108][T19979]  <TASK>
[  353.164053][T19979]  dump_stack_lvl+0xf2/0x150
[  353.168761][T19979]  dump_stack+0x15/0x20
[  353.172940][T19979]  should_fail_ex+0x223/0x230
[  353.177720][T19979]  should_fail+0xb/0x10
[  353.181878][T19979]  should_fail_usercopy+0x1a/0x20
[  353.186969][T19979]  _copy_from_user+0x1e/0xb0
[  353.191585][T19979]  copy_msghdr_from_user+0x54/0x2a0
[  353.196880][T19979]  ? __fget_files+0x17c/0x1c0
[  353.201629][T19979]  __sys_sendmsg+0x13e/0x230
[  353.206268][T19979]  __x64_sys_sendmsg+0x46/0x50
[  353.211058][T19979]  x64_sys_call+0x2734/0x2dc0
[  353.215788][T19979]  do_syscall_64+0xc9/0x1c0
[  353.220297][T19979]  ? clear_bhb_loop+0x55/0xb0
[  353.224991][T19979]  ? clear_bhb_loop+0x55/0xb0
[  353.229713][T19979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.235692][T19979] RIP: 0033:0x7f98e194e919
[  353.240102][T19979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.259716][T19979] RSP: 002b:00007f98dffc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  353.268242][T19979] RAX: ffffffffffffffda RBX: 00007f98e1b05fa0 RCX: 00007f98e194e919
[  353.276236][T19979] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  353.284217][T19979] RBP: 00007f98dffc7090 R08: 0000000000000000 R09: 0000000000000000
[  353.292183][T19979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.300183][T19979] R13: 0000000000000000 R14: 00007f98e1b05fa0 R15: 00007ffc7ecc6518
[  353.308161][T19979]  </TASK>
[  353.415288][T19977] EXT4-fs (loop8): 1 truncate cleaned up
[  353.421407][T19977] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.457230][T19984] xt_hashlimit: max too large, truncated to 1048576
[  353.465371][T19984] Cannot find set identified by id 0 to match
[  353.488676][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.568316][T19992] loop8: detected capacity change from 0 to 512
[  353.579028][T19992] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  353.600751][T19992] EXT4-fs (loop8): 1 truncate cleaned up
[  353.604517][T19995] loop7: detected capacity change from 0 to 512
[  353.607044][T19992] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.626788][T19995] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  353.651942][T16624] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.666655][T16624] ==================================================================
[  353.674767][T16624] BUG: KCSAN: data-race in __find_get_block / has_bh_in_lru
[  353.682075][T16624] 
[  353.684393][T16624] read-write to 0xffff888237d2ba28 of 8 bytes by task 19995 on cpu 1:
[  353.692537][T16624]  __find_get_block+0x434/0x8a0
[  353.697393][T16624]  bdev_getblk+0x139/0x3b0
[  353.701809][T16624]  ext4_xattr_block_set+0x1432/0x1ca0
[  353.707178][T16624]  ext4_expand_extra_isize_ea+0xb37/0xf70
[  353.712896][T16624]  __ext4_expand_extra_isize+0x243/0x280
[  353.718527][T16624]  __ext4_mark_inode_dirty+0x2c5/0x440
[  353.723986][T16624]  ext4_inline_data_truncate+0x4d2/0x6b0
[  353.729614][T16624]  ext4_truncate+0x2f3/0xb10
[  353.734199][T16624]  ext4_process_orphan+0x113/0x1c0
[  353.739301][T16624]  ext4_orphan_cleanup+0x696/0x9e0
[  353.744409][T16624]  ext4_fill_super+0x36bb/0x3a10
[  353.749333][T16624]  get_tree_bdev_flags+0x29f/0x310
[  353.754432][T16624]  get_tree_bdev+0x1f/0x30
[  353.758839][T16624]  ext4_get_tree+0x1c/0x30
[  353.763244][T16624]  vfs_get_tree+0x56/0x1e0
[  353.767649][T16624]  do_new_mount+0x227/0x690
[  353.772140][T16624]  path_mount+0x49b/0xb30
[  353.776458][T16624]  __se_sys_mount+0x27c/0x2d0
[  353.781125][T16624]  __x64_sys_mount+0x67/0x80
[  353.785703][T16624]  x64_sys_call+0x2c84/0x2dc0
[  353.790373][T16624]  do_syscall_64+0xc9/0x1c0
[  353.794873][T16624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.800767][T16624] 
[  353.803082][T16624] read to 0xffff888237d2ba28 of 8 bytes by task 16624 on cpu 0:
[  353.810698][T16624]  has_bh_in_lru+0x35/0x1f0
[  353.815198][T16624]  smp_call_function_many_cond+0x2d5/0xc20
[  353.821005][T16624]  on_each_cpu_cond_mask+0x3c/0x90
[  353.826113][T16624]  invalidate_bh_lrus+0x2a/0x30
[  353.830959][T16624]  blkdev_flush_mapping+0x9b/0x1a0
[  353.836069][T16624]  bdev_release+0x2f9/0x420
[  353.840570][T16624]  blkdev_release+0x15/0x20
[  353.845066][T16624]  __fput+0x17a/0x6d0
[  353.849041][T16624]  ____fput+0x1c/0x30
[  353.853014][T16624]  task_work_run+0x13a/0x1a0
[  353.857610][T16624]  syscall_exit_to_user_mode+0xa8/0x120
[  353.863152][T16624]  do_syscall_64+0xd6/0x1c0
[  353.867654][T16624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.873543][T16624] 
[  353.875852][T16624] value changed: 0xffff888106b9d888 -> 0xffff888106b9d8f0
[  353.882946][T16624] 
[  353.885254][T16624] Reported by Kernel Concurrency Sanitizer on:
[  353.891387][T16624] CPU: 0 UID: 0 PID: 16624 Comm: syz-executor Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  353.901960][T16624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  353.912003][T16624] ==================================================================
[  353.923739][T19995] EXT4-fs (loop7): 1 truncate cleaned up
[  353.929688][T19995] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.978101][T13646] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.