last executing test programs:

9m24.79847815s ago: executing program 32 (id=2868):
r0 = msgget(0x2, 0x200)
msgctl$IPC_RMID(r0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00')
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000480)=""/128, 0x80}], 0x1, 0x12e, 0x0) (fail_nth: 1)

8m26.235525257s ago: executing program 5 (id=4211):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xffeffffffffffffa]}, 0x8, 0x0)
io_setup(0x206, &(0x7f0000000200)=<r0=>0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
io_submit(r0, 0x0, 0x0) (fail_nth: 4)

8m25.861726922s ago: executing program 5 (id=4216):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000118c0)='/sys/power/pm_async', 0x101201, 0xc9)
writev(r1, &(0x7f0000012f40)=[{&(0x7f0000011940)="8f", 0x1}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5)

8m25.861431913s ago: executing program 5 (id=4217):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000200)={@in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x24, 0x0, "43cad7244bde5bbd8035d89034a56bad61a87c614899a37c5d0d7da4d7fc948375f3593dbd21eb7618ffb4ff4984e01eedc37998dd16526edb40eaadabe6cd2bd9f9dfeade7787ea64309c01ae05fb70"}, 0xd8)

8m25.848334173s ago: executing program 5 (id=4220):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000008a593327fff6ec2fbeabb200000000b529630da220241ea1aabbba9148ccdfdfd5a12385be39afd83c1afb107dea3917627ea6a365c8fb0e0daab6e6102e0ff51906adad6c58f609d8c0af0aa94e223ed81e831c500fe17957894cc5f5b98b6d3dc9d1610f091e79d632f22d9a4e00"/131], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = open(&(0x7f0000000280)='.\x00', 0x20000, 0x0)
fcntl$notify(r1, 0x402, 0x5)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0xc) (async)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0xc)
open(&(0x7f00000003c0)='./bus\x00', 0x20102, 0x0) (async)
r2 = open(&(0x7f00000003c0)='./bus\x00', 0x20102, 0x0)
fcntl$setstatus(r2, 0x4, 0x46400)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f0000000200)={[{@usrjquota}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xa0f}}]}, 0x1, 0x4c4, &(0x7f0000000500)="$eJzs209sFNUfAPDvbHdpCz9+9McPURB1EY2NxhYKCgcvGE08YGLEgx6bthCkUENrIoRISQweDYl349GrB6/qzXgy8YpHE0NCDBfA05rZnWn3b2nLtgvs55Ns+97sm3nvu/Pe7Nt5uwH0rXL6J4n4T0TciIgdtWxjgXLt393bl6fu3b48FYuVysm/k2q5O2k+k++3LcuMFiIKXyRNB6yZv3jp7OTs7MyFLD++cO6T8fmLl149c27y9MzpmfMTx44dOXzo6OsTr609qDb1pXHd2fv53L4973x0/d2pYr59KPtfH0e3lKPcrilVL3a7sh7bXpdOij1sCGsyEBHp6SpVx/+OGAgnD/pFpVKpDHZ+erHS7GrLFuCRlUSvWwD0Rv5Gn37+zR+bNPV4KNw6XvsAlMZ9N3vUnilGIStTavp8m1vsQv1DEfHh4j/fpI/YoPsQAAD1fjqezwQb5n+XD0TE7rpy/83WUEYi4n8RsTMi/h8RuyLiiazskxHxVNPxyxFRWaH+clO+df5TuPmgMa4knf+9ka1tNc7/8tlfjAxkue0R+YR55mD2moxGafDUmdmZQ/UHTRrXoH5+6/evOtVfrpv/pY+0/nwumLXjZrHpBt305MLkAweeuTUasbfYHH9STAOorQQMV//uiYi9azjuSF36zMvf7VvKlBrLtY+/ZdWsUt2ypWlrF5YqKt9GvFQ7/4vRcP6X25CsvD45PhSzMwfH015wsG0dv/527b1O9d/3/P/wZ/Mubx/98eSDhr3k1tWIrXX9P/L12+X4R5KIZGm9dn7tdVz748uOn2lW1/+vNOyT9v8tyQfVdN4lPptcWLhwKGJLcqJ1+8Tyvnk+L5/GP3qg/fjfme2TvhJPR0TaiZ+JiGcj4rms7fsj4vmIOLBC/L+8+cLH649/Y6XxT7e9/jWc/+X1+vkTeeLiahMDZ/ffuNfh4rG683+kmhrNtrS//iUNF43VNrALLyEAAAA89ApR/e5/YWwpXSiMjdXuAe2KrYXZufmFV07NfXp+uvYbgZEoFfI7XbX7waUkv/85UpefaMofzu4bfz0wXM2PTc3NTvc6eOhz26pjPmkZ/6m/BnrdOmDD+ckP9K+2479uOW339U1sDLCpvP9D/6ob/51+07LomzLweGr//l/a9HYAm6/d+L+yjn2AR0vFWIa+ZvxD/yrG+0vpworlgMeNcQ19afW/4l9PojLY/qmhaC0cQxvTjOE2dfUkkc6selL78Hr2yr/+1bFMFO53nGJDHxuM1jID0ZNzcXp31zt/JfuufLeb+v3K4zSfrm/AC7W51yEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICN8m8AAAD//2+z1xU=")
vmsplice(r2, &(0x7f0000000100)=[{&(0x7f0000000180)="d5", 0x1}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x172) (async)
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x172)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs")
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) (async)
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0)

8m25.699342425s ago: executing program 5 (id=4225):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7fe, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x2}, 0xffffffffffffffff, 0xb}}, 0x48)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_tos_u8={{0x11, 0x0, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x38}, 0x40010)

8m25.509315528s ago: executing program 5 (id=4229):
setpgid(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1f, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, 0x0, 0x100, 0xca, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xffffffff}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x48000}, 0x40010)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@broadcast, @random="734ef2118fba", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x600, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
recvmsg(r1, &(0x7f0000000540)={&(0x7f00000001c0)=@hci, 0x80, &(0x7f0000000140)=[{&(0x7f0000000240)=""/230, 0xe6}, {&(0x7f0000000340)=""/121, 0x79}, {&(0x7f0000000400)=""/84, 0x54}, {&(0x7f0000000480)=""/113, 0x71}], 0x4, &(0x7f0000000500)=""/1, 0x1}, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

8m25.490697678s ago: executing program 33 (id=4229):
setpgid(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1f, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x54, 0x0, 0x100, 0xca, 0x25dfdbfd, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xffffffff}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x3}]}, 0x54}, 0x1, 0x0, 0x0, 0x48000}, 0x40010)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@broadcast, @random="734ef2118fba", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x600, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
recvmsg(r1, &(0x7f0000000540)={&(0x7f00000001c0)=@hci, 0x80, &(0x7f0000000140)=[{&(0x7f0000000240)=""/230, 0xe6}, {&(0x7f0000000340)=""/121, 0x79}, {&(0x7f0000000400)=""/84, 0x54}, {&(0x7f0000000480)=""/113, 0x71}], 0x4, &(0x7f0000000500)=""/1, 0x1}, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

8m23.34360937s ago: executing program 2 (id=4265):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000c500", @ANYRES32, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008500"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getrusage(0x1, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x3, @local, 'geneve0\x00'}}, 0x1e)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0), 0x80200, 0x0)
ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000100)=0x1)
ioctl$PPPIOCCONNECT(r1, 0x4004743a, &(0x7f0000000280)=0x2000)

8m23.34291026s ago: executing program 2 (id=4266):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_usb_connect(0x6, 0x44, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, &(0x7f0000000800)=@string={0x0, 0x3, "b7ad815340125828b26ba1998a55e1cacfcf338b4e4d3188f31091f8dec1ca108f441efa69ef134def7812c0be6850d762f0c9c2e9277b55b58e747b2c6b43e541419c5ed668076b42999202d304919f92fe8209c82559aef6356acd1d6ed25d91dda37a7282905ec0aeaac7c82e0d93eea39bb1d18281c0b5a0766adb5397c5c5bb6c81191e49729e0d41cc8ea23776365fbd1fa5c88f251ac373aee4177a417131d5f14d6e2c731cd989e1f9c1c70b406a6be32ac6b39f585cbf6b52fc842c8a371472545ee90928c9323c99f1edac739bd95dba0e7d0e1119cad4eb53a8c2e8e051c7567a212130040ecda52d1bc0a5bb68d1d140"}}, {0x0, &(0x7f0000000900)=@string={0x0, 0x3, "b3ae77425a00b5fd736584a277152023d2cc96f7ed2ac1d7896b459b3e790d4d077cde85c365fc5619babf92333dd7e6413a6da58957559c67c81ac72f3824fd93dd4ac01f706dae505917569086f02c1633df4ce09591d2b0eddeb7fa7056807b83a657d4044da09b9f75012d361cb5a98279bdb41134f5875c6a227f54f0baf7"}}, {0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="000303b9295ea041248845707c314b1109f98391a3de9a6532b999f1d16f1f2d36ef1c65fd6350051bf5544ff7a9a7bd184cd3e78d0eafdc4c50f8818206ebd1dd21c5043b6f806520bd3d7e87e53a44db7a5269cef5ddf59dcc4975100b3afa9879d8b52c86aad6599fc701ef2476fbd2b389aae33ea52834ae9300a793938e15e4bdc3c14bf232b60396a7246f0fb2a28fc40284b464cc6657e20b4b4d2f50caf88fe7091ec780f2cdfa985da0570014fd24b0be6966a4"]}]})
r1 = socket$inet(0x2, 0x3, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000080)=ANY=[@ANYRES64=r0, @ANYRES32=r1, @ANYRESOCT=r3, @ANYRESHEX], 0x0)
syz_usb_connect(0x5, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x9b, &(0x7f00000002c0)=ANY=[@ANYBLOB="9b03abe98397850d9289638d7120310994176d76ee8005e3bf5de76d569d98cc3ce7d4419c84da5f7e420900d136a14f65099da81db6c35a3e0c7fb9fe03b0fa265df2be125facefe74e0e21bb6a1889f400fb206292c4d96927f019fba2ad2987739c5e0d"]}]})
pipe(&(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000100000000000200fffc0900010073797a30000000000800024000000001cc000000030a01020000000000000000020000000900010073797a3000000000aa000300"], 0x1e4}}, 0x0)
write$binfmt_misc(r5, &(0x7f0000000000), 0xfffffecc)
splice(r4, 0x0, r6, 0x0, 0x7fff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000900c000000000000000000009500000000000000cd72c55a50be457e8b53f93b10a5853c646f32f16ff2d2d062e72fd65badda4f1e42dd84f775e5fd3da5da6b03ee9d7204b83a3e7adbecbf55edf110c8098361d0d0f2c1c84c7204d40d0e7cd24c4e5747a9c26b39ec395fdb0578928d67276b0eb3a91464c39ec6d2105c3623e5add62123d40dcbaa1a2b5554a06bf5bf9b7667b22bc01c7f89cef3ca873a8b092b7b7438d3e8d2f34af493c899ec4c90662afd6c4ffd823e27bb4ba343016a6b17d6ba32af8825aaf146b9ddc28d40105ae034f1a83027cc8d70ed06e6dfcd3d0e975eb2c39a244ac1ca12ec4905e7f46dc786cd836e3936b5"], &(0x7f0000000080)='GPL\x00', 0x82000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x7, &(0x7f0000000300)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000240)='rpc_clnt_new_err\x00', r8}, 0x18)
syslog(0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$netlink(0x10, 0x3, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r9, 0x400, 0x0)
fsetxattr$trusted_overlay_redirect(r9, &(0x7f0000000040), 0x0, 0x0, 0x0)
fremovexattr(r9, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00')

8m21.31689614s ago: executing program 4 (id=4294):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r2 = gettid()
rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
tkill(r2, 0x12)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1c8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x20000000}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @filter_kind_options=@f_route={{0xa}, {0x178, 0x2, [@TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x16c, 0x6, [@m_mirred={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x2d, 0x6, "b9e6cb743efb5818279b291a7d56a99d728d0d3c5750442cdd89714a7135052ff6aa167b6d47ccb820"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_mirred={0x10c, 0x9, 0x0, 0x0, {{0xb}, {0x84, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0x5, 0x10000000, 0xae, 0x2}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x3, 0x10000000, 0x8, 0x8}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1336e5ff, 0x9, 0x6, 0x0, 0x1}, 0x7}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x4, 0x20000000, 0x8}, 0x2}}]}, {0x5d, 0x6, "216194e50e7faa7649d1c06839be3b59a7f1bb6c7fbd0e7344b4e9b561d4b406f4a7a0c7e6ebe935ccd4c10fd3ff9357cc52da0d5a0f390e738e2309dae089a4a01ae1f8d77e0d976b93b2929ebf4d7c028b6d90a88896647b"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}]}]}}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendto(r3, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x7d, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r6 = syz_io_uring_setup(0x762f, &(0x7f0000000140)={0x0, 0x114dd, 0x10, 0xffffffff, 0x320}, &(0x7f00000004c0)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c30000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r10, 0x0, 0x8000000000}, 0x18)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)='./file0/../file0\x00', 0xffffffffffffffff, 0x1000, 0x1})
io_uring_enter(r6, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="40000108", @ANYRES16=r11, @ANYBLOB="00032dbd7000fedbdf25120000001c00118004000600040006000400040004000100040005000400030005007400020000000800a40002000000"], 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

8m21.227211291s ago: executing program 4 (id=4295):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bdaa, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xffe2}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r5, {0xc, 0x4}, {}, {0x3, 0xa}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x2}, {0x0, 0x7, 0x2}}}]}}]}]}]}}]}, 0x70}}, 0x20040054)

8m21.161865972s ago: executing program 4 (id=4299):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x5, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li")
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_usb_disconnect(r2)
lseek(0xffffffffffffffff, 0x0, 0x3)
r3 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe4059d1ed18e2292, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000540)={0x0, @private, @multicast1}, &(0x7f0000000600)=0xc)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000008c0)={'syztnl0\x00', &(0x7f00000007c0)={'syztnl2\x00', 0x0, 0x1, 0x10, 0x5, 0x5, {{0x1d, 0x4, 0x1, 0x24, 0x74, 0x66, 0x0, 0x5, 0x29, 0x0, @empty, @remote, {[@timestamp_prespec={0x44, 0x34, 0x97, 0x3, 0xb, [{@rand_addr=0x64010101, 0x9}, {@empty, 0x3800}, {@broadcast, 0x8}, {@loopback, 0xb8}, {@loopback, 0x4}, {@rand_addr=0x64010102, 0x2}]}, @end, @rr={0x7, 0x2b, 0x7e, [@remote, @private=0xa010100, @dev={0xac, 0x14, 0x14, 0x18}, @private=0xa010102, @private=0xa010101, @remote, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @local]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000a00)={'ip6gre0\x00', &(0x7f0000000940)={'syztnl0\x00', <r5=>0x0, 0x2f, 0x1, 0x5, 0x9, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8, 0x700, 0x80000001, 0x9}})
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000c00)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000001100)={0xb0, 0x0, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [@HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x44041}, 0x3bdf2ecadbb96c9b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x80900, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x12, r6, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001540)=@newtaction={0x14, 0x30, 0x12f, 0x4000}, 0x14}}, 0x0)
statfs(&(0x7f0000001300)='./file0\x00', 0x0)

8m20.388742954s ago: executing program 4 (id=4311):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x2, &(0x7f0000000b40)=ANY=[@ANYRES32=0x0, @ANYBLOB="5e0de6d0a46fa97f7414d5d4beddb6230d028c2985c07fd13ab9cd215be43701b0695c176f010c8522dc892d07fde1c4dd61620c6f145357d324923d98eafd69fcb6929e5d0149b55ad366cb405eb1db194e21eff7ee1ffd0fc491f7a1bd5ef94daa60e4ca4f86b607c0bfa43209a15cc602bced1e30290c9c66b61c0ce079072dc9c55937e87e811990c0a91e53fb7262746f85989515c54010fd24e6ce0415a26322ae81df827d5dcd02a05bea25986e519c3ec6192d3b14cf5fe367c9165b7e625e7c8389494b52ea3019206695e90ce8167dbf5a4157b8943bb48d9b485936f5e27d9538b9a26e5aba36d03db6093d2d3572600e08431993ce973d4cc18848c4593672ae571311d7723653de6825ebf2cb1ea583fe04db14c9ce1762a6b8f00dfd20f64f9acc3ced5097658b468f02c66bb8a7a586d00970044ace79a1202a934310f37359976a87a4b407ee8c3838f48255c0dd8dec7e6be5ef228cb602d83169cc3cdd372823665e0173e6d17bce2a6fb31d80542852c651fbb12c1f875a9f9f7654944b6054fbd6a2755f1eac851d3574df50e5bcf52b771784b7494278b1ee4954fcc101a27cd2caa6bed9d137b06ac60716f64745446165f75818f9ee4d0d02407e33f2cbe25398555191dc68ca32d57d986da35f029b57bc9ddbdb3c7286994688782975d4e91dfd0ae1aca248ac78df50ecf1a84b8a88577c1884bd97c96b3feea64f35e34b41ee47cc845f9240bfabb68c11e1dec3ae7aa4642af97341fb2358ec2c9fffb1c0bb90f375020e7a14c3c46c41766614442a0eeb6c5a55c6dc8d735ad8f724be9123a12f1416ed9404a070da645be79878b39e36eb461ec426c46a5d0201543fa3ccd8b0c305655aee8dbbae71e1f187bae5abe882e52a41dfb52a057704dbf359f993f0fde8bcab0f8ba7ec1f84e7386e8c72c81a6317bc937529063f8f5cf7b8753592629199a0e63773f9d1c63373738804b8267c989434168ecdfd0805e8936f99b5dffbab3a2c326a8bcf5881fe5f79cf58bea52d236abdfb1986331fabb9aab70f3e50acf81e2f5b4db83a73f9d0ec011f840fc5f62e5762cd4abfabebe5737d1486d65ad58f846c29bb1e94c7b20b04a34be7be0ec348f502dffb12f7e4140f8d70120ff1015664afa4c0dab33e5c04ea296ae48c0f4d7c67db9c319de481e018299990c727eb95b6746cc5bbfbdee52a77d96f2406b2f883eb3cce1deb571bc322dd113d69aac36e3816ca2256067391a1d10386503d2788eb5f3289ed462c3bea4951e2e9843cfa0ee70826c2d29ab31a902ccd9f82e43e56a6299b3f5c19ab010ee56c7d71031684ab754c1a442c386b93fa66dcc36f9c1d372434e75a5a7f8651ec4bb2b46ab61fc45a019abf8e20107e9a228ec07ecadfcb2f2373bf977cdedcdaa103bba3b70fb2ab373070f3fa88ef3ff54c1bf05df0350c3d9f8fc6d35734798bfe454da9128e2011e33e8b7602d3e45c160eb85ff49d722c1d049de00b151a938c5cb59861e19669b381f0ebcae398a93789ce8e2579aaf7b1493db08d71165d6c60396e0f2626b9f4609965d6c063fc071592e5eb58b707a942ab6a8a09192fd0bd3f0964c9ff7c978fbb46bd951f0d60c296f00d38c78bdee7f9e894b04b174a15aa68ff527376b3fc319996400f2e705cdf15f133a59a496402afc90824306d0f5c49993d3fa24ede9304f11fd30b31e7ce0517d9ea1919f2f5ef3ed1ede8f39872e17e0fbfdf1a9342dc65b192cb01dcbae1bbfab8b3fa2db08b09cd2aa9ad36ad9d4fc7039dafe688b1dff5986e172cc2e3476caa63ad6603568b2290252dc015c12323a980c6a347ec50efc9aea18c124bb21877b3807df36b71ad0e108f819988b8769cd1a6ec5d5b853939845187763ccc818d50146b912e3c76dbb7d893d787c898727be3b369c1c0526845b4ce2e842dbb120b2d7174203b3096f381743f4e0480206a13aee6f6514818dc77c5bf1e0476c1e391a71d2c58cc862063c5723bb0e7eb06e7e2d22252793c5b65c77c850530ef57f894145b332708371a06135382b7eea0782f8f7a88392c2be365934785685a2af96aa2b6e2035c3cb6f556071be1fb411f8c8497c041573e261a205d40b098ac2546cf2d25b7947c503ed6c9c9c3217a8695e1ca1b359ac92b91740344796243fac99189c0c46215df1a42478ebdb8c4a8d99e6ee985886de89c5d33f9485891da2023ce3d3c3b7b620c4231100c1911730f9d03e90ccf9cd10e4c7953e79a10913d683b3860db3c40f53f85ef77b9bdc108661a1d7b6c28d3c9f1c8bdd4d6110ba986c1f639de668a027740124ecdf54ab9e877f3208dad0139d434eb76ad3d6fb08ef20b6bdca5392d5e21ff9be075658192e70ff175beaa325397b45bdf9d5025935f9369d6a8bb9e368cab2beae3b891faeb1c9623104cacebffac39be98e324991983a268fce8226ef81184e4f2bab4b05f4c0111bcff4de5633fe26dda28197418470c59a254d18320afb3264ba857e0666e35e504d93054c8fc6e5e6bde8845abd33f6607d988da0e41831bb1228dcd83a894d094fdae1f592078d6d1b79dc8dc40d76e7b065b7ddb42b82773251dfd887fd0083d581deefd2cc8bf133f239aa7d014b67cd27eab9c40578449f61aef4831d1cef26902d886f29ada6624c45ef13caea199e8e98a14eb66559cb55296d7b1bfe87ff39c4e29598a014d723d245a2501301d2e9ac28caa8848532acc0c142b45f02e2daf692ba28decf4e0f6afcf5eeaa84e5282b91c3026d7c350bae653b2fcae8b77e9236348be3717552db2351cb289a4848cfaef7fcca4d246c91aeb619c7fdfc2a740736fd3677599d7e0092cd32274817188964b2be954bcfb3bc7928367be69d05688509f0b1edfbdb2138d766cff0bed83d67fea0ed79a6d02cee5ff6a4a6c6cd05f769cae141cc543af8705d1878953b63b3b1bb9f65e3c35891e9716959627b8bd8cda654dbaf44b2240144d587b2ee6b7c14d4246a920eeb5dd6adde20e4782f015a39b7e1287a3b00d93e7ae0dab496644aa5e833fc2334777c41b8935461c845d44f82fbdd821d413ed3b4a8c35ce5e36729b755c10400e66f49e012b7b1416744498d99093074574068230236c3559a25b4badfc4610cd4bca127b17434a76f10638e26cd77bdc8d9063398def2a36b115b381d03ea4a556aa608bde59c0e6662c0a1382d4bb26563e42b80d21c8400e4f48ccf62bbff0faa291cca6d5093cf12ac83979505bcf31682c225d9f5d02b43a83c4b0d9a9ceaab087b9acf6ec300f3e82f1fb348786704dfb536cdb65e1e35a8e68c9cd2490b198c1d0d46fb7f51ea8f5e210d3547c9577396a6619476871b3260ea49a5bb95825192688cff7e22520b821ceeeccc1f54471b76ae855c3733054be0ce00a4c44de27e45c2c0569de1b7c1621089f731fe64022e5b2225f3d85b71d4dba61a0a51b2a93687a33fa26f586da98f7b811221c717180d717546ef88e8ef37fdb381643f9eb32fbf327f37dc16f725b384d7bec64fb64a25836dd46a3ed3403ae2d9c751056d6db1983c0b36226bef498caa786c78f26a0e56b6fae8034df8fe9e76b466c6f67774c6bcdfa4429c3a5fb1edaa3f0e44f60f13a63c9ed19f360a30dcbdff3a30c8003a5c0eb51d8f1620fc58134550c46a7e66cfcb411c9bb151fe823ef2dbdfaad4ed4b54bd02740aad65163d30c43425c05032107fdb2de4b9be600fd35a33abda297087cd206cc56ade830c52524130ca577cc34f7538fd1bdb1c0608ede243a47cc6021447183509091511565b138126840859812db525691bd0b357bd6499e70ae3aa2d2711298dda1b4f274a6c24e31f548693c2ffb86ac957b00fe7fb802c72cf70977a116972fe9ccfdf206977c6137d152010132a6a3b01197769a418126b57ad67661c555d8c11ad8c09c8ba43a4ff55b28bf37ff03febf4688f30a3ab759b0088810c7e7d45eeeee778fdc9cd0efc719a84170d47246e9ed1e072799d7e2419bab5af06f3d319e2e19819237b6b5ba746d221796086570e1bf3365078d4c9806c7949e773c752665a73adfc3ee5d24fd17c653009ad1f3f5a0b3184c99f72dea417702391bcc4f2d1f924298c056d18b4083e075255799b77ed11b003cb5b54f26f28716582dffbcb3fbb9891c2b27ee8a0e3ea8e0412a13e63920ef0886e97b7b22aea7d22734459fe2f09007e16160b0770b6e5235c6cd19fd76b9305615018a0b1ec748a2daedb768680ec63b5c4cc8848221e474c7f3e24f339ce640534e682209d119c29652b95b4d63e1633b31f4c31b27f67ddd456c2816bf9f60457c36c1b6f011251a30b708cb218e25523f967c90a320eaa1e7d9aa8bcfc3c46d89881a9ca821ee324ee883aa7fcfb528e588e05e9e9cdaa7ae84ef5dabba76681d9b2b16af60b0ec3770e5d44b72fdfa193ba723875ea8bc93d50fb22b2ebb576826da6c4e1f7574e4d9ef140986fdc01b0334d8a646e7ac43d12c12463d8142236432e5f03ba68beec4c578016c396ac719e108a6ff7c1d2c7aaea8085dd176f716cbb815f944153657289625f22a8ee62e596d498ed2246ae8daa093280f5e33677ccdb95682faecf22d091c31fd8a0d541adcdb78090368ccdba3afda265ca1bd4bd412b236892ca41a629cdd6bd96529ba789a8f25f7122902f9bd121b050ea3075cf9c8ab7051ec2e7647b5e7ca81ab314863868c2519b0700b924d862fcae1ad13c08cece894ee7026ed0795166e8abac03f593285a8e82a05d0354a8b9e464e363660b7b2674a109397fbb0d191dcd32b1aad1ff7742b7a208ba423058329038ff7e54c963322b1ab821af6d500a996afdf94086293ec0089ebebc7996b76f3a315d7e515c5c56363c8fbf8f5af457bc8ee55ab884b2129cc064e0540315bb758441c25e2c4675972966581ce8dbe69cb52e6ed39b6ea6f752f1d2014cf5e30928815ddff44fc2b7260eafa9a9fb647f2f211ef3a79bd0d2d46d2e64db000db30350977c5b7638565c0db0115e7affbf3b554dc4a7066c50a6a22c6e75487d8624bc2c46a97f51a93009f747cb685af75ae2e8f79894f63e8a79ecae8548ccaf89006607adc82197ed1ceaad2f74f63cef83454e0cae3220d0c2d5ae37f90938cda02ef853e03358ee634707c806262752cb33dfd1e9061d032f8402c075293c33c3fc850ae7cf79cafb1f7629cffbaa6afe2873470ddae816f46877f5d1b463fd0cdc6564b17968058a014ac214bd49240ef7e939ab4220f1e3f641591db5c2a289f42e3f831f6743e03491e7bd97e3eb6edd8b9b7d31985a052bdeaf5682bb8eac75ad212a5fe79fb2ddd3c170336d7d96fc121d0700f71b0e12d1dfed19c372d999dddfe3e350f99803cae669208822fb126a440650c8dc39151f82cb26810edf96a13a198fceafd94b1ad15aef421f01ee62e527295adbb10fda8e3335369cc31297b6bb6597f19a429d73d6f68a6719909c846b825c858f82b4c8f432475812ebe8085e445beea7807c00d3a092e1b00fa02ae41fdf2a1013a7f1f87bf5b3ed8238fe94d07a8851ac2c1d8399af64ac964e2011f888ae935e0c24349127a339cca1b23e1039b89045df50918dc869803526f3f761c66b5a32cb3f370810af2f7a2e6deab47ba0bce10f5f1650776d84896b60f735282196208cc477e68762303830cdb687f9c9f9727bd938b170a4cf32aedbe132fea64c3c649b20ba74caebe8587e634d4d86ca8d7dc637a998b8dd921e9", @ANYRES32], 0xff, 0x2e7, &(0x7f0000000280)="$eJzs3M9LG2kcx/Gvml9GNDksu+wuy37ZveyyMGj2XghFaWmgRU2pLRRGnbQh00QygyWlqD31WvpH9CDe6k1oe+jVS2899dKbhxZKqfTXlEwmGjX+oiZa836B5nGe5+vzTGYcPiNk1q48uFXIOUbOdKW7OyzdIguyLpKstkQq1W9dIhKTmi6JSKMF+bfv3cs/xiauXkhnMsOjqiPp8f9Tqjrw55Pbd5f+eub2XV4eWInKavL62tvU69WfV39d+zp+M+9o3tFiyVVTJ0uv3Mikbel03ikYqpc8z3QszRefT4j4/SXXrPbn7NLMTEXN4nR/fKZsOY6axYoWrIpKSKRcUfOGmS+qYRjaHxfsJ7o4Omqm/Wbs0MVTLVgQvtu5HSd+uZw2e0Skd8fY7GK7VgUAAE6OLfk/ptvzv68reK1u+eJ5XmO9n//fPxY5UP5fieyS/4N8X8//tlXL/45Vdg+W/92SutX8HyL/H0J2M//j1Krm/3jw9+u7d21p0G+Q/wEAAAAAAAAAAAAAAAAAAAAA+BGse17C87xE/bX+FQ0+El7/+bjXidbg+He2MQ0aqjER+/5sdjYrYodrGzeOuyWDkpDP/vkQqLVHzmeGB9WXlKf2fFA/P5vt8QvTOcmLLZYMSUKSzeuHavW6tT4s8cb6lCTkp+b1qab1Efnn74Z6QxLyYkpKYsu0f15v1s8NqZ69mNlW3+uPAwAAAADgNDB0Q9P7d8PYrb9Wn86J+PfX+/9/YNv9dUh+Cx3vvgMAAAAA0Cmcyp2CadtWuY2NmIi0fq7q3rV+d3r3HjP3X/vf3pPTSDRsqT9Euu3LCDVOGg1W0aK5fnn46MPR/cIzy79/atb1sS1v3QEuHuHWXZcAAAAAHL3N0L/7GO9NO1cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnad1TxHqCGfZ6sgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQWb4FAAD//9yVIwU=")
symlink(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000080)='.\x00', 0x0, 0x21, 0x0) (fail_nth: 2)

8m20.095464378s ago: executing program 4 (id=4313):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xa5d4}, 0x4c58, 0x2, 0x0, 0x1, 0x100, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
r2 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
close(r2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
pipe(&(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000001, 0x80010, r6, 0x0)
rt_sigprocmask(0x2, &(0x7f0000000740)={[0x67e]}, &(0x7f0000000780), 0x8)
write$cgroup_devices(r6, &(0x7f0000000080)=ANY=[@ANYBLOB='b *:* m'], 0x8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r8 = openat$cgroup_devices(r7, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0)
splice(r5, 0x0, r8, 0x0, 0x8, 0x0)

8m20.047979529s ago: executing program 2 (id=4314):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7fe, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x2}, 0xffffffffffffffff, 0xb}}, 0x48)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)}], 0x2, &(0x7f0000000040)=[@ip_tos_u8={{0x11, 0x0, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x38}, 0x40010)

8m20.007967729s ago: executing program 2 (id=4315):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000, 0x4})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x503, &(0x7f0000000fc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5IHrjUg5I/IhADRIHoxlPUje1m6hJ7Gz8+UijeW/e1N/vazrvxS+NXwBD62pE7EbEWETcjojp7HouO+KT9pHc93Tv/tL+3v2lXLRan/0zl7Yn16LjzySuZK9ZjIgffS/ip7kX4za2d9YWq9XKZlafbdY2ZhvbOzdWa4srlZXKerm8ML8w99HND8tn1td3amNZ6atP/rj7rZ8naU1lVzr7cZbaXS8cxkmMRsQPziPYAIxk/RkbdCK8knxEvBkR76bP/3SMpF9NAOAya7WmozXdWQcALrt8ugaWy5eytYCpyOdLpfYa3lsxma/WG83rd+pb68vttbKZKOTvrFYrc9la4UwUckl9Pi0/q5eP1G9GxBsR8cvxibReWqpXlwf5jQ8ADLErR+b//4y3538A4JIrDjoBAKDvzP8AMHzM/wAwfMz/ADB82vP/xKDTAAD6yPt/ABg+5n8AGCo//PTT5GjtZ59/vXx3e2utfvfGcqWxVqptLZWW6psbpZV6fSX9zJ7aca9Xrdc35j+IrXsz395oNGcb2zu3avWt9eat9HO9b1UK6V27fegZANDLG+88epxLZuSPJ9IjOvZyKAw0M+C85QedADAwI4NOABgYu33B8DrFe3zLA3BJdNmi9znFbr8g1Gq1WueXEnDOrn3J+j8Mq471f/8LGIaM9X8YXtb/YXi1WrmT7vkfJ70RALjYrPEDPX7+/2Z2/l32w4GfLB+94+F5ZgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX28H+v6VsL/CpyOdLpYjXImImCrk7q9XKXES8HhF/Hi+MJ/X5AecMAJxW/m+5bP+va9PvTz3X9PaVw+JYRPzs15/96t5is7n5p4ix3L/GD643H2bXy/3PHgA43sE8nZ473sg/3bu/dHD0M5+/fzciiu34+3tjsX8YfzRG03MxChEx+e9cVm/LdaxdnMbug4j4Yrf+52IqXQNp73x6NH4S+7W+xs8/Fz+ftrXPyd/FF84gFxg2j5Lx55Nuz18+rqbn7s9/MR2hTi8b/5KXWtpPx8Bn8Q/Gv5Ee49/Vk8b44A/fb5cmXmx7EPHl0YiD2Psd489B/FyP+O+fMP5fvvL2u73aWr+JuBbd43fGmm3WNmYb2zs3VmuLK5WVynq5vDC/MPfRzQ/Ls+ka9Wzv2eAfH19/vVdb0v/JHvGLx/T/6yfs/2//d/vHX3tJ/G++1y1+Pt56SfxkTvzGCeMvTv6+2Kstib/co//Hff2vnzD+k7/uvLBtOAAwOI3tnbXFarWy+TkqPE6+pxl8Ggr9LyT/ZC9AGl0L3+lXrLHo3vSL99rP9JGmVuuVYvUaMc5i1Q24CA4f+oj476CTAQAAAAAAAAAAAAAAuurHbywNuo8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcXv8PAAD//+a4zis=")
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00')
fchdir(r1)
sendmmsg$unix(r0, &(0x7f0000002d80)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@abs={0x1, 0x30, 0x4e30}, 0x4, 0x0}}], 0x2, 0x40008004)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000005c0)='kmem_cache_free\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r3 = syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_pidfd_open(r3, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r5}, 0x18)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040))
setns(r4, 0x24020000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48041, 0x0)
pwrite64(r6, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)

8m19.689021644s ago: executing program 2 (id=4316):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x6, 0x10, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @value}, 0x94)
r3 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = shmget(0x0, 0x3000, 0x1, &(0x7f0000ffc000/0x3000)=nil)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x3, 0x0)
getsockname$packet(r9, &(0x7f0000000300)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0xa)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r10, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x34, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x9}, {0x10, 0xffff}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x4040004)
shmat(r6, &(0x7f0000ffb000/0x4000)=nil, 0x6000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
ioctl$HIDIOCGFEATURE(0xffffffffffffffff, 0xc0404807, &(0x7f0000000380)={0x44, "3aadb5a157334682ec9647c3e6ba3fcbbe596a6cc30ccfacc6b2854d1f81bfc8aaa1343a1180ab126df164b5a95c3c60edbed342cba20a73d55e18b619516579"})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)=@flushsa={0x1c, 0x1c, 0x1, 0x70bd28, 0x25dfdbff, {0x2b}, [@proto={0x5, 0x19, 0xff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040001}, 0x40000001)

8m19.544574836s ago: executing program 4 (id=4317):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
socket$netlink(0x10, 0x3, 0x8000000004)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000200)={0x27e6, 0xf3, 0x8006, 0x100, 0x6, 0xa5, 0x8}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000240), &(0x7f0000000280)=r4}, 0x20)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r8=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x80261, 0x2, 0x0, 0xffffffffffffffff, 0x5, '\x00', r8, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

8m19.513661967s ago: executing program 34 (id=4317):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
socket$netlink(0x10, 0x3, 0x8000000004)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000200)={0x27e6, 0xf3, 0x8006, 0x100, 0x6, 0xa5, 0x8}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000240), &(0x7f0000000280)=r4}, 0x20)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r8=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x80261, 0x2, 0x0, 0xffffffffffffffff, 0x5, '\x00', r8, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

8m19.471242677s ago: executing program 2 (id=4320):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
signalfd(0xffffffffffffffff, &(0x7f0000000240)={[0x84]}, 0x8)

8m19.470943807s ago: executing program 35 (id=4320):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
signalfd(0xffffffffffffffff, &(0x7f0000000240)={[0x84]}, 0x8)

7m20.681897658s ago: executing program 0 (id=5184):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x84, &(0x7f0000000440)={&(0x7f0000000300)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x8, 0xfff1}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

7m20.621796479s ago: executing program 0 (id=5185):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
lgetxattr(0x0, &(0x7f0000000280)=ANY=[], 0x0, 0x0)

7m20.597952969s ago: executing program 0 (id=5186):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
r0 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x6, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r0)

7m20.597271549s ago: executing program 0 (id=5187):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={<r1=>0x0, @rand_addr, @remote}, &(0x7f0000000200)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6}, [@call={0x85, 0x0, 0x0, 0x46}, @exit, @map_fd={0x18, 0xa, 0x1, 0x0, r0}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @call={0x85, 0x0, 0x0, 0x9}]}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x3000046, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@grpjquota}, {@oldalloc}, {@errors_remount}, {@orlov}, {@usrquota}, {@stripe={'stripe', 0x3d, 0x622}}]}, 0x1, 0x56c, &(0x7f0000001a00)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdy+A/4Vwx0MHQUvfCmctKTLmuTJttiUs3nA6e87zknfc+bc543z5uTkACG1kT2pxDxfER8kUQcjogk3zYa+caJjf3WHl6fzZYk1tc//C2p75fVG/+r8biDeeW5iPjps4iThe3tVldWF0rlcrqU1ydri1cmqyurpy4tlubT+fTy9MzMmddnpt96842e9fWV839+/cHdd898fnztqx/uH7mdxNk4lG9r7sczuNFcmYiJ/DkZi7NbdpzqQWO7STLoA+CpjORxPhbZGHA4RvKoB/77Po2IdWBIJeIfhlQjD2jM7XeeB/+/T1lJ/zx4Z2MCtL3/oxvvjcS++tzowFry2Mwom++O96D9rI0ff71zO1uid+9DAHR042ZEnB4d3T7+Jfn4t4MOb/qdbr16X3NlaxvGP+ifu1n+82qr/KdQj83f83Ddmv8cbBG7T6Nz/Bfu96CZtrL87+2W+e/mTavxkbz2v3rON5ZcvFROT+fZ8IkY25vVd7qfc2bt3nq7bc35X7Zk7Tdywfw47o/uffwxc6Va6Vn63OzBzYgXWua/yWb+m7Q4/9nzcb7LNo6ld15qt61z//9Z699FvNzy/D96cUt2vj85Wb8eJhtXxXZ/3Dr2c7v2B93/7Pwf2Ln/40nz/drqk7fx7b6/0nbbHut/dH/970k+qpf35OuulWq1pamIPcn729dPP3pso97YP+v/iePtx7921//+iPi4y/7fOvr9i131f0Dnf+6Jzv+TF+6998k37drvbvx7rV46ka/pZvzr9gCf5bkDAAAAAACA3aYQEYciKRQ3y4VCsbjx+Y6jcaBQrlRrJy9Wli/PRf27suMxVmjc6T7c9HmIqfzzsI369Jb6TEQciYgvR/bX68XZSnlu0J0HAAAAAAAAAAAAAAAAAACAXeJg/Tv/I5v1xvf/M7+MDO64gD7xk98wvDrGfy9+6QnYlbz+w/AS/zC8xD8ML/EPw0v8w/AS/zC8uoj/Qj+OA+g/r/8AAAAAAAAAAAAAAAAAAAAAAAAAAADQU+fPncuW9bWH12ez+tzVleWFytVTc2l1obi4PFucrSxdKc5XKvPltDhbWez0/8qVypWp6Vi+NllLq7XJ6srqhcXK8uXahUuLpfn0QjrWl14BAAAAAAAAAAAAAAAAAADAv0t1ZXWhVC6nSwoKT1UY3R2HodDjwqBHJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB45O8AAAD//8A2OIo=")
rename(&(0x7f0000000200)='./file2\x00', &(0x7f0000000080)='./file1\x00')
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x0, 0x1}, &(0x7f0000000080)=0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4c050)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x101042, 0x100)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
ftruncate(r2, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r4)
sendmsg$DEVLINK_CMD_RATE_SET(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x14, r5, 0x1, 0x0, 0x0, {0x2a}}, 0x14}, 0x1, 0x0, 0x0, 0x4001}, 0x4000080)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r7}, 0x10)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
unshare(0xa020480)
getsockopt$bt_hci(r8, 0x0, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x4, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

7m20.436790171s ago: executing program 0 (id=5189):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
open(0x0, 0x145142, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
mq_open(0x0, 0x42, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000380)={0x2})
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$getregset(0x4205, r1, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x407fff, 0xaea}, 0x14705, 0x32, 0x10, 0x5, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x9, 0x42, 0x40, 0x50, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000080), 0x1003, r2}, 0x38)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500), 0x0, 0x2, r2}, 0x38)

7m19.071659452s ago: executing program 0 (id=5200):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macvtap0\x00'})
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4480c)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$can_raw(0x1d, 0x3, 0x1)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9588, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

7m19.071326542s ago: executing program 36 (id=5200):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macvtap0\x00'})
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4480c)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$can_raw(0x1d, 0x3, 0x1)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9588, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

5m37.798560821s ago: executing program 8 (id=6834):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdcd, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, @void, @value}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374000000006c000280080001400000000508000140000000090c0002"], 0x140}}, 0x0)

5m37.744635932s ago: executing program 8 (id=6835):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', &(0x7f0000000640), 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x2, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010004000000000004000500a9930000100000000000"], 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r1 = open(&(0x7f00000000c0)='.\x00', 0x800, 0x50)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x50601, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x5}}, './file1\x00'})
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x104, 0x2, 0x3c8, 0xe8, 0xe8, 0x2e0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28}}, {{@arp={@empty, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}}, {@mac, {[0xff]}}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 'nicvf0\x00', 'lo\x00'}, 0xc0, 0x110, 0x0, {0xb000000}}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @dev={0xac, 0x14, 0x14, 0xb}, @local, 0x8, 0x1}}}, {{@arp={@rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x9, {@empty, {[0xff]}}, {@mac=@remote}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 'veth0_macvtap\x00', 'ipvlan1\x00', {}, {}, 0x0, 0x2}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x418)
getdents(r1, 0x0, 0x0)

5m37.575129404s ago: executing program 8 (id=6838):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', &(0x7f0000000640), 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x2, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010004000000000004000500a99300001000000000000000"], 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r1 = open(&(0x7f00000000c0)='.\x00', 0x800, 0x50)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x50601, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189373, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x5}}, './file1\x00'})
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x104, 0x2, 0x3c8, 0xe8, 0xe8, 0x2e0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28}}, {{@arp={@empty, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}}, {@mac, {[0xff]}}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 'nicvf0\x00', 'lo\x00'}, 0xc0, 0x110, 0x0, {0xb000000}}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @dev={0xac, 0x14, 0x14, 0xb}, @local, 0x8, 0x1}}}, {{@arp={@rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x9, {@empty, {[0xff]}}, {@mac=@remote}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 'veth0_macvtap\x00', 'ipvlan1\x00', {}, {}, 0x0, 0x2}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x418)
getdents(r1, 0x0, 0x0)

5m37.405903837s ago: executing program 8 (id=6840):
ioprio_set$uid(0x3, 0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000000c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x410, 0x0, 0x4c, 0x200, 0x0, 0x0, 0x340, 0x2e8, 0x2e8, 0x340, 0x2e8, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, [], [], 'veth1_to_bond\x00', 'ip6gre0\x00'}, 0x0, 0x228, 0x270, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@policy={{0x158}, {[{@ipv4=@dev, [], @ipv6=@mcast2}, {@ipv4, [], @ipv4=@broadcast}, {@ipv4=@multicast2, [], @ipv4=@multicast2}, {@ipv6=@loopback, [], @ipv6=@private2}], 0x3}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 'ip6gre0\x00'}}}, {{@ipv6={@mcast2, @private1, [], [], 'team_slave_0\x00', 'xfrm0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x470)
r1 = syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rseq(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x4}, 0x20, 0xfffffffffffffffd, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x20000000000001ef, &(0x7f0000000600)=[{0x200000000006, 0x0, 0x1, 0x7ffc0000}, {0x1, 0xd4, 0x10, 0x5f75}, {0x8, 0x8, 0x9, 0x49e0}]})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==")
mlockall(0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x3000003, 0x200000006c832, 0xffffffffffffffff, 0x0)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
syz_pidfd_open(r1, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x8, &(0x7f0000000100)=0x4, 0x4)
pipe2(&(0x7f0000000800)={0x0, <r6=>0x0}, 0x80000)
splice(0xffffffffffffffff, 0x0, r6, 0x0, 0x6c, 0xd)
syz_emit_ethernet(0x96, &(0x7f0000000580)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff88a8aee8529bbf86993cf6697729620b021abdb34792a8c86fb790841e65c80fd7b3fe402de5c179eb55fcdc7fa044371bfd8b0bca0b91b7e057b60000004c44f53e7b7ddb6f98c9c6802356ff61c39f9874"], 0x0)
stat(0x0, 0x0)
setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, &(0x7f0000000540)=[{{0x1, 0x0, 0x1, 0x1}, {0x3, 0x0, 0x0, 0x1}}], 0x8)
r7 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4207, r7)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x143, 0x80, @buffer={0x0, 0xbd, &(0x7f0000000000)=""/189}, &(0x7f0000000840)="d776b65786011069ff03067fe7cd275a6928f5f4eea1f8b8f7c9c2fe0fa6148224273cc8099f0f3b742b381861402b9e77e0f568c27621e0db670b18063bf56bff375d3310c71e2a56c37b44add58f3809510864118e394ff356d31276d3852194a0b0a3773b3650ae12de51ce7b26d0aa37403d8fb915ad8e08cad1b53ba07a8fdab85dfcdc0469e95e232d332e4958ffacadb6ebf0325e5a015fc42b757a77078b5a6d79390f23dbde334e1de26135579297414c699874c24d28637fbae82116e8f054f4f278e821bdb1d887995bd1275159dd33a6ea78de20519dcfed6d05da4892a29bdb36d82b0ddc26a19c54aace5a11b75163f9b0a0253ff5f0f9b3a3eb45b136375fa8ef5229a9b30a11b00e872ba31f0f9804c4e8d7a7ac41fd6ea145dac433e333abbea3c65c9c1e7d2a625deea2a4e08d9ce8acce34194d4c3c237c99c5", &(0x7f0000000100)=""/66, 0x6, 0x10020, 0x2, &(0x7f0000000640)})

5m37.259274309s ago: executing program 8 (id=6841):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bdaa, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xffe2}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r5, {0xc, 0x4}, {}, {0x3, 0xa}}, [@filter_kind_options=@f_flow={{0x9}, {0x4}}]}, 0x34}}, 0x20040054)

5m37.18780158s ago: executing program 8 (id=6842):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
fcntl$notify(r0, 0x402, 0x8000003d)

5m37.18765597s ago: executing program 37 (id=6842):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x5)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
fcntl$notify(r0, 0x402, 0x8000003d)

3.600781166s ago: executing program 7 (id=11778):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r1, 0x4b45, 0x2)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0x20, &(0x7f00000004c0)={&(0x7f0000000380)=""/237, 0xed, <r3=>0x0, &(0x7f0000000480)=""/61, 0x3d}}, 0x10)
pidfd_getfd(0xffffffffffffffff, r0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407030000020000001d440000000000006b0a20fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000009c0)="010000000037a788a11d1f000000000000006923c63a4541062101b60a2156566de77062086575a59ea9cb", 0x2b, r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x1c, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000800000085000000060000000a86f0ff04000000182a0000", @ANYRES32, @ANYBLOB="000000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa2000000000bc389d8f9000007020000f8ffffffb703000008000000b70400000100000085000000820000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r7, &(0x7f0000000200)={0x10, 0x0, 0x25dfdbfb, 0x10000}, 0xc)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r8, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "614af285791a63abd0f993af807701d100000030f731b1c14082bc82ae00", 0x0, 0x1}, 0x3c)
r9 = socket(0x10, 0x2, 0x0)
sendto$inet6(r9, &(0x7f00000007c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006050a0000000d0085a168d0bf46d32345653600648d27000b000a00070849935ade4a460c89b6ec0cff3959547f509058ad86c902007a00004a32000407160012000a0000000000e000e21800003b6ed538f6523250", 0x78, 0x2251197285d76a80, 0x0, 0x0)
setsockopt$MRT_FLUSH(r8, 0x0, 0xd4, &(0x7f0000000040)=0x6, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='tlb_flush\x00', r6, 0x0, 0x6}, 0x18)
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
acct(&(0x7f0000000140)='./file0\x00')
open(&(0x7f0000000080)='./file0\x00', 0x2000, 0x392)

3.455735518s ago: executing program 7 (id=11780):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_usb_connect(0x6, 0x0, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x3, [{0xf8, &(0x7f0000000800)=@string={0xf8, 0x3, "b7ad815340125828b26ba1998a55e1cacfcf338b4e4d3188f31091f8dec1ca108f441efa69ef134def7812c0be6850d762f0c9c2e9277b55b58e747b2c6b43e541419c5ed668076b42999202d304919f92fe8209c82559aef6356acd1d6ed25d91dda37a7282905ec0aeaac7c82e0d93eea39bb1d18281c0b5a0766adb5397c5c5bb6c81191e49729e0d41cc8ea23776365fbd1fa5c88f251ac373aee4177a417131d5f14d6e2c731cd989e1f9c1c70b406a6be32ac6b39f585cbf6b52fc842c8a371472545ee90928c9323c99f1edac739bd95dba0e7d0e1119cad4eb53a8c2e8e051c7567a212130040ecda52d1bc0a5bb68d1d140"}}, {0x83, &(0x7f0000000900)=@string={0x83, 0x3, "b3ae77425a00b5fd736584a277152023d2cc96f7ed2ac1d7896b459b3e790d4d077cde85c365fc5619babf92333dd7e6413a6da58957559c67c81ac72f3824fd93dd4ac01f706dae505917569086f02c1633df4ce09591d2b0eddeb7fa7056807b83a657d4044da09b9f75012d361cb5a98279bdb41134f5875c6a227f54f0baf7"}}, {0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="000303b9295ea041248845707c314b1109f98391a3de9a6532b999f1d16f1f2d36ef1c65fd6350051bf5544ff7a9a7bd184cd3e78d0eafdc4c50f8818206ebd1dd21c5043b6f806520bd3d7e87e53a44db7a5269cef5ddf59dcc4975100b3afa9879d8b52c86aad6599fc701ef2476fbd2b389aae33ea52834ae9300a793938e15e4bdc3c14bf232b60396a7246f0fb2a28fc40284b464cc6657e20b4b4d2f50caf88fe7091ec780f2cdfa985d"]}]})
r1 = socket$inet(0x2, 0x3, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000080)=ANY=[@ANYRES64=r0, @ANYRES32=r1, @ANYRESOCT=r3, @ANYRESHEX], 0x0)
syz_usb_connect(0x5, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x9b, &(0x7f00000002c0)=ANY=[@ANYBLOB="9b03abe98397850d9289638d7120310994176d76ee8005e3bf5de76d569d98cc3ce7d4419c84da5f7e420900d136a14f65099da81db6c35a3e0c7fb9fe03b0fa265df2be125facefe74e0e21bb6a1889f400fb206292c4d96927f019fba2ad2987739c5e0d"]}]})
pipe(&(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000100000000000200fffc0900010073797a30000000000800024000000001cc000000030a01020000000000000000020000000900010073797a3000000000aa000300"], 0x1e4}}, 0x0)
write$binfmt_misc(r5, &(0x7f0000000000), 0xfffffecc)
splice(r4, 0x0, r6, 0x0, 0x7fff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000900c000000000000000000009500000000000000cd72c55a50be457e8b53f93b10a5853c646f32f16ff2d2d062e72fd65badda4f1e42dd84f775e5fd3da5da6b03ee9d7204b83a3e7adbecbf55edf110c8098361d0d0f2c1c84c7204d40d0e7cd24c4e5747a9c26b39ec395fdb0578928d67276b0eb3a91464c39ec6d2105c3623e5add62123d40dcbaa1a2b5554a06bf5bf9b7667b22bc01c7f89cef3ca873a8b092b7b7438d3e8d2f34af493c899ec4c90662afd6c4ffd823e27bb4ba343016a6b17d6ba32af8825aaf146b9ddc28d40105ae034f1a83027cc8d70ed06e6dfcd3d0e975eb2c39a244ac1ca12ec4905e7f46dc786cd836e3936b5"], &(0x7f0000000080)='GPL\x00', 0x82000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x7, &(0x7f0000000300)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000240)='rpc_clnt_new_err\x00', r8}, 0x18)
syslog(0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$netlink(0x10, 0x3, 0x0)
fremovexattr(0xffffffffffffffff, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00')
syz_open_procfs(0x0, 0x0)

1.814282133s ago: executing program 3 (id=11800):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10000, 0x0, 0x2, 0x0, 0x88}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007400000"], 0xac}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000100000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c000280050001000000000008000740000000001800068014000400ff010000000000000000000000000001"], 0xac}}, 0x0)

1.534073737s ago: executing program 3 (id=11806):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000900)='kfree\x00', r1, 0x0, 0x3}, 0x18)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a00)=ANY=[], 0x138}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
syz_emit_ethernet(0x9d, &(0x7f0000000080)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @val={@val={0x88a8, 0x7, 0x0, 0x3}, {0x8100, 0x0, 0x0, 0x3}}, {@generic={0x600, "687c831e5f1dce836392b576366304818a0dda299fa0f5cb6205fc24eb0d58bfdb1cfeae50bc87c36934461e768b6b9b9e301ad4f4ef7bfb042ae1648e565f481eecc1d04ba8cc79d1f1441ff98f58a0bc69a32673a3283339fe30e3901ce20f548a9e22415e66ec07079947ee8dd72b11fbb24eccc280cb4380ba88ffbbf68f45c3afb902d695"}}}, &(0x7f0000000140)={0x0, 0x1, [0xb3e, 0x48, 0xee3, 0x788]})
recvmsg(r0, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$inet(0x2, 0x4000000805, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r5}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r6}, 0x10)
sendmmsg(r4, &(0x7f0000000180)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, 0x80, &(0x7f0000000200)=[{&(0x7f00000000c0)="ae", 0x1}], 0x1}}], 0x1, 0x844)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r3}, 0x18)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c08000140000000020800014000000030080002400000000308000140000000120800034000000000080003400000000a"], 0x122}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r9, 0x0, 0x2}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
sendmmsg$unix(r10, &(0x7f0000005080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[@rights={{0x18, 0x1, 0x1, [r10, r10]}}], 0x18, 0x40008c41}}], 0x1, 0x0)
shutdown(r0, 0x2)

1.493754258s ago: executing program 3 (id=11809):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x100000, &(0x7f0000000040)={[{@data_ordered}, {@min_batch_time={'min_batch_time', 0x3d, 0xb032}}]}, 0x1, 0x5b2, &(0x7f0000001140)="$eJzs3U1oXNUeAPD/nck0/chr+uA9eO/RRXkKFUonST+0umq3YqHQheCmhsk0hEwyITPRJmSR7ovYhah0U3e6cKm4cCFuBDdu3SiuhWKDQtNFHZmvtE1m0kntZNLM7wc3ueecm/n/z70594t7mQD61rHqj1TEfyPiUhIx/EjbQDQaj9WXW1tdzt1fXc4lUalc/i2JJCLurS7nmssnjd+HImIlIv4TEd9mIk6kNsctLS5NjxcK+flGeaQ8MzdSWlw6OTUzPpmfzM+efuXVs+fOnB07NdY++cz2+nrj55vv3fjh9ds3P/v86Erug/EkzsdQo+3RfjxL9XWSifMb6s90I1gPJb1OgKeSbozz6lD6dwxHujHqW6kM72hqQJdVBiMq25GsbGtxYDdLtjf+gT2jeR5Qvf5tTo+dIKS7e/5x50L9AqQad60x1VsG6vcmYn/t2uTg78ljVybV680j3U2NPrByPSJGBwY2//8njf+/pzf6LBKkq765UN9Qm7d/an3/Ey32P0PNe6d/U3P/t7Zp//cwfrrN/u9ShzEevPXLx23jX4/4X8v4yXr8pEX8VES83WH8W29+da5dW+WTiOPROn5TsvX94ZGrU4X8aP1nyxhfHz/62lb9P9gmfv2e7f7aYabV+p/rsP9ffvfF/1e2iP/SC1tv/1br/0BEvN9h/H/e+/SNdm13rid3q2cB293+1brbHcZ/+fyxn9o0HejwIwAAAAAAAAAAgBZStWfZklR2fT6Vymbr7/D+Kw6mCsVS+cTV4sLsRP2ZtyORSTWftBqul5NqeazxPG6zfGpD+XTzOeL0gVo5mysWJnrcdwAAAAAAAAAAAAAAAAAAANgtDm14//+PdO39/41fVw3sVe2/8hvY64x/6F+Pj/8kYrBnqQA7zPEf+lbF+If+ZfxD/9p6/D+oVCo7lgqwwxz/oX91Nv73dT0PYOdt5/hfGO5iIsCOc/4PAAAAAAAAAAAAAAAAAAAAAAAAAABdcenixepUub+6nKuWJwYWF6aL75ycyJemszMLuWyuOD+XnSwWJwv5bK4486TPKxSLc6Mxu3BtpJwvlUdKi0tXZooLs+UrUzPjk/kr+cyO9AoAAAAAAAAAAAAAAAAAAACeL0O1KUllIyJVm0+lstmIf0TEkcgkV6cK+dGIOBwRP6Yzg9XyWK+TBgAAAAAAAAAAAAAAAAAAgD2mtLg0PV4o5Of7ZGZgU8337ReOiJVnm0b1E5+48GBj2zRrMo3yblmHz9vM4a2XSUfPM9yNMz3cKQEAAAAAAAAAAAAAAAAAQJ96+NJvp3/xZ3cTAgAAAAAAAAAAAAAAAAAAgL6U+jWJiOp0fPjFoY2t+5K1dO13RLx76/KH18bL5fmxav3d9fryR436U73IH+hUkkRUx2lzHAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPlRaXpscLhfx8F2d63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAp/FXAAAA///uotYk")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
fcntl$notify(0xffffffffffffffff, 0x402, 0x80000016)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095", @ANYRES64=r0, @ANYRESHEX, @ANYRESDEC=r1, @ANYRES64], &(0x7f0000000600)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76, @void, @value}, 0x94)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/timers\x00', 0x0, 0x0)
close(r3)

1.424812249s ago: executing program 3 (id=11810):
open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)

1.423651649s ago: executing program 3 (id=11812):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000040), 0x1, 0x79b, &(0x7f0000000a40)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)

1.215276191s ago: executing program 3 (id=11815):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_usb_connect(0x6, 0x0, 0x0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x2, [{0xf8, &(0x7f0000000800)=@string={0xf8, 0x3, "b7ad815340125828b26ba1998a55e1cacfcf338b4e4d3188f31091f8dec1ca108f441efa69ef134def7812c0be6850d762f0c9c2e9277b55b58e747b2c6b43e541419c5ed668076b42999202d304919f92fe8209c82559aef6356acd1d6ed25d91dda37a7282905ec0aeaac7c82e0d93eea39bb1d18281c0b5a0766adb5397c5c5bb6c81191e49729e0d41cc8ea23776365fbd1fa5c88f251ac373aee4177a417131d5f14d6e2c731cd989e1f9c1c70b406a6be32ac6b39f585cbf6b52fc842c8a371472545ee90928c9323c99f1edac739bd95dba0e7d0e1119cad4eb53a8c2e8e051c7567a212130040ecda52d1bc0a5bb68d1d140"}}, {0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="000303b9295ea041248845707c314b1109f98391a3de9a6532b999f1d16f1f2d36ef1c65fd6350051bf5544ff7a9a7bd184cd3e78d0eafdc4c50f8818206ebd1dd21c5043b6f806520bd3d7e87e53a44db7a5269cef5ddf59dcc4975100b3afa9879d8b52c86aad6599fc701ef2476fbd2b389aae33ea52834ae9300a793938e15e4bdc3c14bf232b60396a7246f0fb2a28fc40284b464cc6657e20b4b4d2f50caf88fe7091ec780f2cdfa985da0570014fd24b0be6966a4"]}]})
r1 = socket$inet(0x2, 0x3, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000080)=ANY=[@ANYRES64=r0, @ANYRES32=r1, @ANYRESOCT=r3, @ANYRESHEX], 0x0)
syz_usb_connect(0x5, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x9b, &(0x7f00000002c0)=ANY=[@ANYBLOB="9b03abe98397850d9289638d7120310994176d76ee8005e3bf5de76d569d98cc3ce7d4419c84da5f7e420900d136a14f65099da81db6c35a3e0c7fb9fe03b0fa265df2be125facefe74e0e21bb6a1889f400fb206292c4d96927f019fba2ad2987739c5e0d"]}]})
pipe(&(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000100000000000200fffc0900010073797a30000000000800024000000001cc000000030a01020000000000000000020000000900010073797a3000000000aa000300"], 0x1e4}}, 0x0)
write$binfmt_misc(r5, &(0x7f0000000000), 0xfffffecc)
splice(r4, 0x0, 0xffffffffffffffff, 0x0, 0x7fff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000900c000000000000000000009500000000000000cd72c55a50be457e8b53f93b10a5853c646f32f16ff2d2d062e72fd65badda4f1e42dd84f775e5fd3da5da6b03ee9d7204b83a3e7adbecbf55edf110c8098361d0d0f2c1c84c7204d40d0e7cd24c4e5747a9c26b39ec395fdb0578928d67276b0eb3a91464c39ec6d2105c3623e5add62123d40dcbaa1a2b5554a06bf5bf9b7667b22bc01c7f89cef3ca873a8b092b7b7438d3e8d2f34af493c899ec4c90662afd6c4ffd823e27bb4ba343016a6b17d6ba32af8825aaf146b9ddc28d40105ae034f1a83027cc8d70ed06e6dfcd3d0e975eb2c39a244ac1ca12ec4905e7f46dc786cd836e3936b5"], &(0x7f0000000080)='GPL\x00', 0x82000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x7, &(0x7f0000000300)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000240)='rpc_clnt_new_err\x00', r7}, 0x18)
syslog(0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$netlink(0x10, 0x3, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r8, 0x400, 0x0)
fsetxattr$trusted_overlay_redirect(r8, &(0x7f0000000040), 0x0, 0x0, 0x0)
fremovexattr(r8, &(0x7f00000000c0)=@known='trusted.overlay.redirect\x00')
syz_open_procfs(0x0, 0x0)

1.051432284s ago: executing program 9 (id=11819):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_open_dev$vcsn(&(0x7f0000000080), 0x1, 0x200400)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x18, r3, {0x2f}}, './file0\x00'})

1.001015655s ago: executing program 9 (id=11821):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x100000, &(0x7f0000000040)={[{@data_ordered}, {@min_batch_time={'min_batch_time', 0x3d, 0xb032}}]}, 0x1, 0x5b2, &(0x7f0000001140)="$eJzs3U1oXNUeAPD/nck0/chr+uA9eO/RRXkKFUonST+0umq3YqHQheCmhsk0hEwyITPRJmSR7ovYhah0U3e6cKm4cCFuBDdu3SiuhWKDQtNFHZmvtE1m0kntZNLM7wc3ueecm/n/z70594t7mQD61rHqj1TEfyPiUhIx/EjbQDQaj9WXW1tdzt1fXc4lUalc/i2JJCLurS7nmssnjd+HImIlIv4TEd9mIk6kNsctLS5NjxcK+flGeaQ8MzdSWlw6OTUzPpmfzM+efuXVs+fOnB07NdY++cz2+nrj55vv3fjh9ds3P/v86Erug/EkzsdQo+3RfjxL9XWSifMb6s90I1gPJb1OgKeSbozz6lD6dwxHujHqW6kM72hqQJdVBiMq25GsbGtxYDdLtjf+gT2jeR5Qvf5tTo+dIKS7e/5x50L9AqQad60x1VsG6vcmYn/t2uTg78ljVybV680j3U2NPrByPSJGBwY2//8njf+/pzf6LBKkq765UN9Qm7d/an3/Ey32P0PNe6d/U3P/t7Zp//cwfrrN/u9ShzEevPXLx23jX4/4X8v4yXr8pEX8VES83WH8W29+da5dW+WTiOPROn5TsvX94ZGrU4X8aP1nyxhfHz/62lb9P9gmfv2e7f7aYabV+p/rsP9ffvfF/1e2iP/SC1tv/1br/0BEvN9h/H/e+/SNdm13rid3q2cB293+1brbHcZ/+fyxn9o0HejwIwAAAAAAAAAAgBZStWfZklR2fT6Vymbr7/D+Kw6mCsVS+cTV4sLsRP2ZtyORSTWftBqul5NqeazxPG6zfGpD+XTzOeL0gVo5mysWJnrcdwAAAAAAAAAAAAAAAAAAANgtDm14//+PdO39/41fVw3sVe2/8hvY64x/6F+Pj/8kYrBnqQA7zPEf+lbF+If+ZfxD/9p6/D+oVCo7lgqwwxz/oX91Nv73dT0PYOdt5/hfGO5iIsCOc/4PAAAAAAAAAAAAAAAAAAAAAAAAAABdcenixepUub+6nKuWJwYWF6aL75ycyJemszMLuWyuOD+XnSwWJwv5bK4486TPKxSLc6Mxu3BtpJwvlUdKi0tXZooLs+UrUzPjk/kr+cyO9AoAAAAAAAAAAAAAAAAAAACeL0O1KUllIyJVm0+lstmIf0TEkcgkV6cK+dGIOBwRP6Yzg9XyWK+TBgAAAAAAAAAAAAAAAAAAgD2mtLg0PV4o5Of7ZGZgU8337ReOiJVnm0b1E5+48GBj2zRrMo3yblmHz9vM4a2XSUfPM9yNMz3cKQEAAAAAAAAAAAAAAAAAQJ96+NJvp3/xZ3cTAgAAAAAAAAAAAAAAAAAAgL6U+jWJiOp0fPjFoY2t+5K1dO13RLx76/KH18bL5fmxav3d9fryR436U73IH+hUkkRUx2lzHAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPlRaXpscLhfx8F2d63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAp/FXAAAA///uotYk")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
fcntl$notify(0xffffffffffffffff, 0x402, 0x80000016)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b705000008000000850000006900000095", @ANYRES64=r1, @ANYRESHEX, @ANYRESDEC=r2, @ANYRES64], &(0x7f0000000600)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76, @void, @value}, 0x94)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/timers\x00', 0x0, 0x0)
close(r4)

872.271717ms ago: executing program 9 (id=11825):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000040), 0x1, 0x79b, &(0x7f0000000a40)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)

795.845098ms ago: executing program 9 (id=11829):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x28, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='mm_page_alloc\x00', r2}, 0x18)
r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r3, r3, 0x0, 0x800000009)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r3)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
stat(&(0x7f0000000380)='./file1\x00', &(0x7f0000000500))

763.422058ms ago: executing program 6 (id=11830):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={<r1=>0xffffffffffffffff}, 0x111, 0x6}}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000b00000000000119078000000000000000000004e20009c00007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424dbcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b9649a3bfbc1f39cb307b3472eb9cdb042d2643fcbb2c5a57df67d544af6e8dafe090000000000000000"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r3, 0x0, 0x0, 0x40000030, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
readv(r5, &(0x7f0000002a40)=[{&(0x7f00000007c0)=""/4096, 0x1000}], 0x1)
write$binfmt_register(0xffffffffffffffff, &(0x7f0000000640)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x100d, 0x3a, '\x18', 0x3a, '\xf2', 0x3a, './file0/file0', 0x3a, [0x50]}, 0x30)
write$binfmt_script(r6, &(0x7f0000020240), 0x10010)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r1, 0x1}}, 0x18)

702.827279ms ago: executing program 9 (id=11833):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800001f1a0068099b3c0000000000001860000000000000824d086bb227733218120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
tgkill(r2, r2, 0x21)
wait4(0x0, 0x0, 0x40000000, 0x0)

689.80912ms ago: executing program 6 (id=11835):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = epoll_create1(0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r3, &(0x7f0000001980)=""/179, 0xb3)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

642.90749ms ago: executing program 9 (id=11837):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
r2 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
close(r2)

498.881512ms ago: executing program 1 (id=11841):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025", 0x1d}], 0x1)
writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a0101"], 0x57)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)

471.868783ms ago: executing program 6 (id=11842):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kfree\x00', r1}, 0x18)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xb, 0x6}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x655c, 0x2, 0x0, 0x9, 0x800}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

470.808383ms ago: executing program 1 (id=11843):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r1, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000480)={0x335, @tick, 0x0, {0x6}, 0x40})
tkill(r0, 0x7)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f00000000c0)={{0x7, 0x7f}, {0x10, 0x9}, 0x8, 0x1, 0x80})
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="cf8ad9a0620ffdb6b168360000000000000000b7080000000000000008f8ff00000000bfa200000000000007000000f8ffffffb703000008000000b7040000000000008500000003faf384600000009500000000000000198a23484b7f56f26572a1f5022643ee081246d351196deacb63bb95651fcf2c9c54a769016b7b2806eb10e960802af798e0a0b50915e5bc9cfb0dfc76822dc215a21edab497890a28acaaf01654ab46a4696f627ad1ea5eac3d9f36fd662b0c04"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x2e020480)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
cachestat(r4, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)={0x70, r7, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x5c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8483}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}]}]}, 0x70}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8, 0x0, 0x7fff}, 0x18)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r10=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r9, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7fe, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x2}, r10, 0xb}}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={0xfffffffffffffffc}, 0x1, 0x0, 0x0, 0x4000088}, 0x20000050)

424.038593ms ago: executing program 7 (id=11844):
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r0, r0, 0x0, 0x800000009)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r0)
stat(&(0x7f0000000380)='./file1\x00', &(0x7f0000000500))

419.226284ms ago: executing program 7 (id=11845):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[], 0x48)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r2=>r1, {0x5cce0883}}, './file1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x16, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, @fallback=0x24, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f, @void, @value}, 0x94)
socket$inet_sctp(0x2, 0x1, 0x84)
bind$802154_raw(r2, &(0x7f0000000500)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x45)
connect$phonet_pipe(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x785, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJImTfO+yQsvaD0FBA2UbkyNrYKHigcRLBT0bLtstqFmky3ZTWlCwBYRvAgqHgS99OyPevPqj6v+Fx7EUjUtVjxIZDYz7bbZ/GySrebzgck+z8xsnue788zMMzsPswHsW8Ppn0LE4Yh4L4kYzOYnEdHTTHVHnFxZ7/bSYjmdkhiIV39NmuvcWlosR8t7UoeyzKMR8e3bEUcKq8utzy9MlarVymyWH21MXxitzy8cPT9dmqxMVmaOj42PHzvxzInjOxfr7z8sDFx//6Unvzj551uPXHv3uyROxkC2rDWOnTIcw9ln0pN+hPd4cacL67Ck0xVgW9Jds2tlL4/DMRhdzRQA8G/2ZkQsAwD7TOL8DwD7TP49wK2lxXI+dfYbib1144WI6FuJP7+/ubKkO7tn19e8D9p/K7nnzkgSEUM7UP5wRHzy1eufpVPs0n1IgHYuX4mIs0PDq4//yaoxC1v11DrLDmSvw/fNd/yDvfN12v95tl3/r3Cn/xNt+j+9bfbd7dhw/z+4A4Ws40ZfxPMtY9tut8SfGerKcv9p9vl6knPnq5X02PbfiBiJnt40P7ZOGSM3/7q51rLW/t9vH7zxaVp++np3jcLP3b33vmei1Cg9SMytblyJeKx7Vfwtlwd9zb5uu/7v6U2W8fJz73y81rI0/jTefFodf2Sjk3bH8tWIJ9pu/7sj2pJ1xyeONpvDaN4o2vjyx4/61yq/dfunU1p+fi2wF9Lt379+/ENJ63jN+tbL+P7q4DdrLds4/vbt/0DyWjOd9yMulRqN2bGIA8krq+cfu/vePJ+vn8Y/8nj7/T8//rVr/+k14dlNxt99/ZfPtx//7krjn9jC9k9nZA3hTovYKHHt9lTXWuVvbvuPN1Mj2ZzNHP82W8EH+OgAAAAAAAAAAAAAAAAAAAAAAAAAYNMKETEQSaF4J10oFIsrv+H9/+gvVGv1xpFztbmZiWj+VvZQ9BTyR10OtjwPdSx7Hn6eP3Zf/umI+F9EfNh7MMmfozjR4dgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHdojd//T/3U2+naAQC7pq/TFQAA9pzzPwDsP87/ALD/9EUklztdCQBgT7n+B4D9x/kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXXb61Kl0Wv5jabGc5icuzs9N1S4enajUp4rTc+ViuTZ7oThZq01WK8VybXqj/1et1S6Mx8zcpdFGpd4Yrc8vnJmuzc00zpyfLk1WzlR69iQqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANia+vzCVKlarcxKbCOx/HBUo/OJrqw5dbYa/Z0pPXkoNsFOJzp8YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4h/g7AAD//7AaJtI=")
keyctl$chown(0x4, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
sync_file_range(0xffffffffffffffff, 0x6, 0xb25a, 0x6)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
fspick(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@delqdisc={0x94, 0x25, 0x200, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xe, 0x7}, {0xffe0, 0x3}, {0xfff3, 0x5}}, [@TCA_STAB={0x70, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xa, 0x53, 0x1, 0x200, 0x2, 0x5, 0x1, 0x1}}, {0x6, 0x2, [0x7]}}, {{0x1c, 0x1, {0x7, 0xa, 0x6, 0x4, 0x0, 0x10001, 0x5450}}, {0x4}}, {{0x1c, 0x1, {0xc4, 0xf, 0x6, 0x100, 0x2, 0x5, 0x6aa4, 0x3}}, {0xa, 0x2, [0x7, 0x8a5e, 0x2eed]}}]}]}, 0x94}}, 0x20008000)
write(r5, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030011000500e1000c0400070080000300", 0x33a)
connect$phonet_pipe(r4, &(0x7f0000000340)={0x23, 0x0, 0x0, 0x2}, 0x10) (fail_nth: 1)

402.544664ms ago: executing program 6 (id=11846):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

385.829134ms ago: executing program 6 (id=11847):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={<r1=>0xffffffffffffffff}, 0x111, 0x6}}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000b00000000000119078000000000000000000004e20009c00007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424dbcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b9649a3bfbc1f39cb307b3472eb9cdb042d2643fcbb2c5a57df67d544af6e8dafe090000000000000000"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r3, 0x0, 0x0, 0x40000030, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
readv(r5, &(0x7f0000002a40)=[{&(0x7f00000007c0)=""/4096, 0x1000}], 0x1)
write$binfmt_register(0xffffffffffffffff, &(0x7f0000000640)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x100d, 0x3a, '\x18', 0x3a, '\xf2', 0x3a, './file0/file0', 0x3a, [0x50]}, 0x30)
write$binfmt_script(r6, &(0x7f0000020240), 0x10010)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r1, 0x1}}, 0x18)

306.131135ms ago: executing program 1 (id=11848):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x100000, &(0x7f0000000040)={[{@data_ordered}, {@min_batch_time={'min_batch_time', 0x3d, 0xb032}}]}, 0x1, 0x5b2, &(0x7f0000001140)="$eJzs3U1oXNUeAPD/nck0/chr+uA9eO/RRXkKFUonST+0umq3YqHQheCmhsk0hEwyITPRJmSR7ovYhah0U3e6cKm4cCFuBDdu3SiuhWKDQtNFHZmvtE1m0kntZNLM7wc3ueecm/n/z70594t7mQD61rHqj1TEfyPiUhIx/EjbQDQaj9WXW1tdzt1fXc4lUalc/i2JJCLurS7nmssnjd+HImIlIv4TEd9mIk6kNsctLS5NjxcK+flGeaQ8MzdSWlw6OTUzPpmfzM+efuXVs+fOnB07NdY++cz2+nrj55vv3fjh9ds3P/v86Erug/EkzsdQo+3RfjxL9XWSifMb6s90I1gPJb1OgKeSbozz6lD6dwxHujHqW6kM72hqQJdVBiMq25GsbGtxYDdLtjf+gT2jeR5Qvf5tTo+dIKS7e/5x50L9AqQad60x1VsG6vcmYn/t2uTg78ljVybV680j3U2NPrByPSJGBwY2//8njf+/pzf6LBKkq765UN9Qm7d/an3/Ey32P0PNe6d/U3P/t7Zp//cwfrrN/u9ShzEevPXLx23jX4/4X8v4yXr8pEX8VES83WH8W29+da5dW+WTiOPROn5TsvX94ZGrU4X8aP1nyxhfHz/62lb9P9gmfv2e7f7aYabV+p/rsP9ffvfF/1e2iP/SC1tv/1br/0BEvN9h/H/e+/SNdm13rid3q2cB293+1brbHcZ/+fyxn9o0HejwIwAAAAAAAAAAgBZStWfZklR2fT6Vymbr7/D+Kw6mCsVS+cTV4sLsRP2ZtyORSTWftBqul5NqeazxPG6zfGpD+XTzOeL0gVo5mysWJnrcdwAAAAAAAAAAAAAAAAAAANgtDm14//+PdO39/41fVw3sVe2/8hvY64x/6F+Pj/8kYrBnqQA7zPEf+lbF+If+ZfxD/9p6/D+oVCo7lgqwwxz/oX91Nv73dT0PYOdt5/hfGO5iIsCOc/4PAAAAAAAAAAAAAAAAAAAAAAAAAABdcenixepUub+6nKuWJwYWF6aL75ycyJemszMLuWyuOD+XnSwWJwv5bK4486TPKxSLc6Mxu3BtpJwvlUdKi0tXZooLs+UrUzPjk/kr+cyO9AoAAAAAAAAAAAAAAAAAAACeL0O1KUllIyJVm0+lstmIf0TEkcgkV6cK+dGIOBwRP6Yzg9XyWK+TBgAAAAAAAAAAAAAAAAAAgD2mtLg0PV4o5Of7ZGZgU8337ReOiJVnm0b1E5+48GBj2zRrMo3yblmHz9vM4a2XSUfPM9yNMz3cKQEAAAAAAAAAAAAAAAAAQJ96+NJvp3/xZ3cTAgAAAAAAAAAAAAAAAAAAgL6U+jWJiOp0fPjFoY2t+5K1dO13RLx76/KH18bL5fmxav3d9fryR436U73IH+hUkkRUx2lzHAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPlRaXpscLhfx8F2d63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAp/FXAAAA///uotYk")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
fcntl$notify(0xffffffffffffffff, 0x402, 0x80000016)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b705000008000000850000006900000095", @ANYRES64=r1, @ANYRESHEX, @ANYRESDEC=r2, @ANYRES64], &(0x7f0000000600)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76, @void, @value}, 0x94)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/timers\x00', 0x0, 0x0)
close(r4)

305.375435ms ago: executing program 6 (id=11849):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[], 0x48)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r2=>r1, {0x5cce0883}}, './file1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x16, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, @fallback=0x24, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f, @void, @value}, 0x94)
socket$inet_sctp(0x2, 0x1, 0x84)
bind$802154_raw(r2, &(0x7f0000000500)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x45)
connect$phonet_pipe(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x785, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJImTfO+yQsvaD0FBA2UbkyNrYKHigcRLBT0bLtstqFmky3ZTWlCwBYRvAgqHgS99OyPevPqj6v+Fx7EUjUtVjxIZDYz7bbZ/GySrebzgck+z8xsnue788zMMzsPswHsW8Ppn0LE4Yh4L4kYzOYnEdHTTHVHnFxZ7/bSYjmdkhiIV39NmuvcWlosR8t7UoeyzKMR8e3bEUcKq8utzy9MlarVymyWH21MXxitzy8cPT9dmqxMVmaOj42PHzvxzInjOxfr7z8sDFx//6Unvzj551uPXHv3uyROxkC2rDWOnTIcw9ln0pN+hPd4cacL67Ck0xVgW9Jds2tlL4/DMRhdzRQA8G/2ZkQsAwD7TOL8DwD7TP49wK2lxXI+dfYbib1144WI6FuJP7+/ubKkO7tn19e8D9p/K7nnzkgSEUM7UP5wRHzy1eufpVPs0n1IgHYuX4mIs0PDq4//yaoxC1v11DrLDmSvw/fNd/yDvfN12v95tl3/r3Cn/xNt+j+9bfbd7dhw/z+4A4Ws40ZfxPMtY9tut8SfGerKcv9p9vl6knPnq5X02PbfiBiJnt40P7ZOGSM3/7q51rLW/t9vH7zxaVp++np3jcLP3b33vmei1Cg9SMytblyJeKx7Vfwtlwd9zb5uu/7v6U2W8fJz73y81rI0/jTefFodf2Sjk3bH8tWIJ9pu/7sj2pJ1xyeONpvDaN4o2vjyx4/61yq/dfunU1p+fi2wF9Lt379+/ENJ63jN+tbL+P7q4DdrLds4/vbt/0DyWjOd9yMulRqN2bGIA8krq+cfu/vePJ+vn8Y/8nj7/T8//rVr/+k14dlNxt99/ZfPtx//7krjn9jC9k9nZA3hTovYKHHt9lTXWuVvbvuPN1Mj2ZzNHP82W8EH+OgAAAAAAAAAAAAAAAAAAAAAAAAAYNMKETEQSaF4J10oFIsrv+H9/+gvVGv1xpFztbmZiWj+VvZQ9BTyR10OtjwPdSx7Hn6eP3Zf/umI+F9EfNh7MMmfozjR4dgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHdojd//T/3U2+naAQC7pq/TFQAA9pzzPwDsP87/ALD/9EUklztdCQBgT7n+B4D9x/kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXXb61Kl0Wv5jabGc5icuzs9N1S4enajUp4rTc+ViuTZ7oThZq01WK8VybXqj/1et1S6Mx8zcpdFGpd4Yrc8vnJmuzc00zpyfLk1WzlR69iQqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANia+vzCVKlarcxKbCOx/HBUo/OJrqw5dbYa/Z0pPXkoNsFOJzp8YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4h/g7AAD//7AaJtI=")
keyctl$chown(0x4, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
sync_file_range(0xffffffffffffffff, 0x6, 0xb25a, 0x6)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
fspick(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@delqdisc={0x94, 0x25, 0x200, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xe, 0x7}, {0xffe0, 0x3}, {0xfff3, 0x5}}, [@TCA_STAB={0x70, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xa, 0x53, 0x1, 0x200, 0x2, 0x5, 0x1, 0x1}}, {0x6, 0x2, [0x7]}}, {{0x1c, 0x1, {0x7, 0xa, 0x6, 0x4, 0x0, 0x10001, 0x5450}}, {0x4}}, {{0x1c, 0x1, {0xc4, 0xf, 0x6, 0x100, 0x2, 0x5, 0x6aa4, 0x3}}, {0xa, 0x2, [0x7, 0x8a5e, 0x2eed]}}]}]}, 0x94}}, 0x20008000)
write(r5, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030011000500e1000c0400070080000300", 0x33a)
connect$phonet_pipe(r4, &(0x7f0000000340)={0x23, 0x0, 0x0, 0x2}, 0x10)

63.993929ms ago: executing program 1 (id=11850):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x6, 0x0)
fcntl$lock(r1, 0x26, &(0x7f00000031c0)={0x1})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2}, 0x10)

34.342249ms ago: executing program 7 (id=11851):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
request_key(&(0x7f00000000c0)='logon\x00', 0x0, &(0x7f0000000180)='-\x00', 0x0)

24.08329ms ago: executing program 1 (id=11852):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008800000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

1.20859ms ago: executing program 7 (id=11853):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17", 0x2b}], 0x1)
writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a0101"], 0x57)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)

0s ago: executing program 1 (id=11854):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000040), 0x1, 0x79b, &(0x7f0000000a40)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)

kernel console output (not intermixed with test programs):

0 RDI: 0000000000000005
[  692.187437][ T3272] RBP: 00007f1781e77090 R08: 0000000000000000 R09: 0000000000000000
[  692.187451][ T3272] R10: 0000000044008004 R11: 0000000000000246 R12: 0000000000000001
[  692.187465][ T3272] R13: 0000000000000000 R14: 00007f1783a35fa0 R15: 00007ffda605de38
[  692.187486][ T3272]  </TASK>
[  692.541797][ T3278] loop6: detected capacity change from 0 to 128
[  692.553906][ T3280] loop7: detected capacity change from 0 to 128
[  692.557436][ T3278] syz.6.11127: attempt to access beyond end of device
[  692.557436][ T3278] loop6: rw=2049, sector=145, nr_sectors = 16 limit=128
[  692.565329][ T3280] syz.7.11129: attempt to access beyond end of device
[  692.565329][ T3280] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  692.578594][ T3278] syz.6.11127: attempt to access beyond end of device
[  692.578594][ T3278] loop6: rw=34817, sector=145, nr_sectors = 16 limit=128
[  692.589846][ T3280] syz.7.11129: attempt to access beyond end of device
[  692.589846][ T3280] loop7: rw=34817, sector=145, nr_sectors = 16 limit=128
[  692.616822][ T3285] loop3: detected capacity change from 0 to 512
[  692.620091][ T3285] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  692.642121][ T3285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  692.654911][ T3285] ext4 filesystem being mounted at /344/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  692.697432][T30610] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  692.717292][   T29] kauditd_printk_skb: 482 callbacks suppressed
[  692.717345][   T29] audit: type=1326 audit(2000000306.830:82433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3288 comm="syz.3.11130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  692.750127][   T29] audit: type=1326 audit(2000000306.830:82434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3288 comm="syz.3.11130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  692.774258][   T29] audit: type=1326 audit(2000000306.830:82435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3288 comm="syz.3.11130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  692.798312][   T29] audit: type=1326 audit(2000000306.840:82436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3288 comm="syz.3.11130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  692.822219][   T29] audit: type=1326 audit(2000000306.840:82437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3288 comm="syz.3.11130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  692.846013][   T29] audit: type=1326 audit(2000000306.840:82438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3288 comm="syz.3.11130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  692.869738][   T29] audit: type=1326 audit(2000000306.860:82439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3288 comm="syz.3.11130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  692.895847][   T29] audit: type=1326 audit(2000000306.910:82440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3288 comm="syz.3.11130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  692.897997][ T3291] loop6: detected capacity change from 0 to 128
[  692.919374][   T29] audit: type=1326 audit(2000000306.910:82441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3288 comm="syz.3.11130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  692.919424][   T29] audit: type=1326 audit(2000000306.960:82442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3288 comm="syz.3.11130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  692.983928][ T3296] __nla_validate_parse: 6 callbacks suppressed
[  692.983947][ T3296] netlink: 72 bytes leftover after parsing attributes in process `syz.7.11132'.
[  693.139118][ T3312] netlink: 'syz.1.11141': attribute type 4 has an invalid length.
[  694.668264][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x1
[  694.675943][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.683445][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.691254][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.698680][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.706155][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.713664][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.721566][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.729017][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.736656][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.744164][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.752015][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.759414][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.766886][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.774483][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.782283][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.789680][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.797074][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.804462][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.812250][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.819783][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.827288][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.834714][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.842470][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.849912][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.857323][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.864783][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.872484][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.879906][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.887305][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.894715][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.902508][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.909940][   T10] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[  694.917882][   T10] hid-generic 0000:0004:0000.001B: hidraw0: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  694.954590][ T3341] netlink: 340 bytes leftover after parsing attributes in process `syz.3.11152'.
[  694.964049][ T3341] netlink: 48 bytes leftover after parsing attributes in process `syz.3.11152'.
[  694.986251][ T3343] netlink: 388 bytes leftover after parsing attributes in process `syz.3.11153'.
[  695.000078][ T3343] bond0: (slave batadv0): Releasing backup interface
[  695.693681][ T3251] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  695.705054][ T3251] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  695.716080][ T3251] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  695.727450][ T3251] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  695.755436][ T3346] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11154'.
[  696.294928][ T3368] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11164'.
[  696.349033][ T3373] netlink: 24 bytes leftover after parsing attributes in process `syz.6.11166'.
[  696.846741][ T3401] netlink: 340 bytes leftover after parsing attributes in process `syz.6.11176'.
[  696.862607][ T3401] netlink: 48 bytes leftover after parsing attributes in process `syz.6.11176'.
[  696.882629][ T3403] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11177'.
[  696.913961][ T3407] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  696.941917][ T3411] loop7: detected capacity change from 0 to 1024
[  696.961246][ T3407] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.021423][ T3407] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.067187][ T3420] loop3: detected capacity change from 0 to 2048
[  697.075921][ T3407] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.168758][ T3407] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  697.184134][ T3407] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  697.205171][ T3407] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  697.222006][ T3436] loop1: detected capacity change from 0 to 512
[  697.222423][ T3407] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  697.236714][ T3436] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  697.270258][ T3436] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  697.314137][ T3436] ext4 filesystem being mounted at /233/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  697.398507][T32715] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  697.642656][ T3474] loop1: detected capacity change from 0 to 1024
[  697.731112][   T29] kauditd_printk_skb: 504 callbacks suppressed
[  697.731131][   T29] audit: type=1326 audit(2000000311.850:82947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.1.11208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  697.761552][   T29] audit: type=1326 audit(2000000311.850:82948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.1.11208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  697.785178][   T29] audit: type=1326 audit(2000000311.850:82949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.1.11208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  697.808867][   T29] audit: type=1326 audit(2000000311.850:82950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.1.11208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  697.832476][   T29] audit: type=1326 audit(2000000311.850:82951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.1.11208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  697.856252][   T29] audit: type=1326 audit(2000000311.850:82952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.1.11208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  697.879862][   T29] audit: type=1326 audit(2000000311.850:82953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.1.11208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  697.903511][   T29] audit: type=1326 audit(2000000311.850:82954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.1.11208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  697.927223][   T29] audit: type=1326 audit(2000000311.850:82955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.1.11208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  697.951013][   T29] audit: type=1326 audit(2000000311.850:82956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3477 comm="syz.1.11208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  698.223651][ T3483] __nla_validate_parse: 5 callbacks suppressed
[  698.223665][ T3483] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11209'.
[  698.257067][ T3483] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11209'.
[  698.294870][ T3487] loop3: detected capacity change from 0 to 128
[  698.304577][ T3487] bio_check_eod: 2 callbacks suppressed
[  698.304587][ T3487] syz.3.11211: attempt to access beyond end of device
[  698.304587][ T3487] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[  698.325073][ T3487] syz.3.11211: attempt to access beyond end of device
[  698.325073][ T3487] loop3: rw=34817, sector=145, nr_sectors = 16 limit=128
[  698.434160][ T3492] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11213'.
[  698.456458][ T3492] loop3: detected capacity change from 0 to 2048
[  698.471592][ T3492] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  698.565218][ T3492] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  698.616428][ T3507] netlink: 72 bytes leftover after parsing attributes in process `syz.3.11217'.
[  698.645991][ T3509] netlink: 340 bytes leftover after parsing attributes in process `syz.6.11218'.
[  698.656973][ T3509] netlink: 48 bytes leftover after parsing attributes in process `syz.6.11218'.
[  698.755253][ T3517] infiniband syz2: set down
[  698.760329][ T3517] infiniband syz2: added veth0_to_bond
[  698.770427][ T3517] RDS/IB: syz2: added
[  698.774675][ T3517] smc: adding ib device syz2 with port count 1
[  698.780915][ T3517] smc:    ib device syz2 port 1 has pnetid 
[  699.121256][ T3530] loop3: detected capacity change from 0 to 512
[  699.138461][ T3530] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.11226: Failed to acquire dquot type 1
[  699.150724][ T3530] EXT4-fs (loop3): 1 truncate cleaned up
[  699.156649][ T3530] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  699.169993][ T3530] ext4 filesystem being mounted at /376/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  699.182173][ T3531] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm +}[@: Failed to acquire dquot type 1
[  699.193849][ T3530] xt_hashlimit: max too large, truncated to 1048576
[  699.214122][T30610] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  699.624679][ T3538] loop3: detected capacity change from 0 to 512
[  699.636274][ T3538] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  699.647352][ T3538] EXT4-fs (loop3): orphan cleanup on readonly fs
[  699.657004][ T3538] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.11227: bg 0: block 64: padding at end of block bitmap is not set
[  699.673034][ T3538] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.11227: Failed to acquire dquot type 0
[  699.685905][ T3538] EXT4-fs (loop3): 1 truncate cleaned up
[  699.701879][ T3538] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  699.872210][ T3545] loop6: detected capacity change from 0 to 1024
[  699.886293][ T3547] loop9: detected capacity change from 0 to 512
[  699.893595][ T3547] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  699.911370][ T3547] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  699.924238][ T3547] ext4 filesystem being mounted at /55/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  699.948768][ T2310] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  700.104022][T30610] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  700.124928][ T3566] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11239'.
[  700.142942][ T3568] loop3: detected capacity change from 0 to 128
[  700.165081][ T3568] EXT4-fs: Ignoring removed bh option
[  700.190171][ T3568] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  700.235946][ T3575] SELinux: syz.9.11242 (3575) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  700.240198][ T3568] ext4 filesystem being mounted at /378/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  700.363513][T30610] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  700.552340][ T3600] netlink: 340 bytes leftover after parsing attributes in process `syz.6.11252'.
[  700.562078][ T3600] netlink: 48 bytes leftover after parsing attributes in process `syz.6.11252'.
[  700.602234][ T3606] SELinux: syz.9.11255 (3606) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  700.634761][ T3609] netlink: 340 bytes leftover after parsing attributes in process `syz.9.11256'.
[  700.846124][ T3622] usb usb8: usbfs: process 3622 (syz.1.11261) did not claim interface 0 before use
[  700.934036][ T3634] FAULT_INJECTION: forcing a failure.
[  700.934036][ T3634] name failslab, interval 1, probability 0, space 0, times 0
[  700.946933][ T3634] CPU: 1 UID: 0 PID: 3634 Comm: syz.9.11267 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  700.946951][ T3634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  700.947024][ T3634] Call Trace:
[  700.947028][ T3634]  <TASK>
[  700.947033][ T3634]  __dump_stack+0x1d/0x30
[  700.947046][ T3634]  dump_stack_lvl+0xe8/0x140
[  700.947128][ T3634]  dump_stack+0x15/0x1b
[  700.947137][ T3634]  should_fail_ex+0x265/0x280
[  700.947215][ T3634]  should_failslab+0x8c/0xb0
[  700.947247][ T3634]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  700.947271][ T3634]  ? rds_rm_size+0x2bd/0x490
[  700.947320][ T3634]  krealloc_noprof+0xb9/0x2d0
[  700.947339][ T3634]  rds_rm_size+0x2bd/0x490
[  700.947367][ T3634]  rds_sendmsg+0x842/0x14a0
[  700.947449][ T3634]  ? __pfx_rds_sendmsg+0x10/0x10
[  700.947466][ T3634]  __sock_sendmsg+0x142/0x180
[  700.947494][ T3634]  ____sys_sendmsg+0x31e/0x4e0
[  700.947509][ T3634]  ___sys_sendmsg+0x17b/0x1d0
[  700.947529][ T3634]  __x64_sys_sendmsg+0xd4/0x160
[  700.947562][ T3634]  x64_sys_call+0x2999/0x2fb0
[  700.947573][ T3634]  do_syscall_64+0xd2/0x200
[  700.947594][ T3634]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  700.947669][ T3634]  ? clear_bhb_loop+0x40/0x90
[  700.947680][ T3634]  ? clear_bhb_loop+0x40/0x90
[  700.947692][ T3634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.947703][ T3634] RIP: 0033:0x7fd9e124e969
[  700.947770][ T3634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.947869][ T3634] RSP: 002b:00007fd9df8b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  700.947880][ T3634] RAX: ffffffffffffffda RBX: 00007fd9e1475fa0 RCX: 00007fd9e124e969
[  700.947887][ T3634] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 0000000000000004
[  700.947894][ T3634] RBP: 00007fd9df8b7090 R08: 0000000000000000 R09: 0000000000000000
[  700.947901][ T3634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  700.947907][ T3634] R13: 0000000000000000 R14: 00007fd9e1475fa0 R15: 00007ffc00f73c28
[  700.947918][ T3634]  </TASK>
[  701.464845][ T3648] loop6: detected capacity change from 0 to 128
[  701.491799][ T3648] syz.6.11272: attempt to access beyond end of device
[  701.491799][ T3648] loop6: rw=2049, sector=145, nr_sectors = 16 limit=128
[  701.508323][ T3648] syz.6.11272: attempt to access beyond end of device
[  701.508323][ T3648] loop6: rw=34817, sector=145, nr_sectors = 16 limit=128
[  701.605365][ T3659] loop9: detected capacity change from 0 to 512
[  701.612375][ T3659] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  701.625648][ T3659] EXT4-fs (loop9): 1 truncate cleaned up
[  701.632127][ T3659] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  701.669116][ T2310] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  702.575490][ T3682] netlink: 'syz.9.11284': attribute type 4 has an invalid length.
[  702.608961][ T3682] netlink: 'syz.9.11284': attribute type 4 has an invalid length.
[  702.682229][ T3693] loop6: detected capacity change from 0 to 512
[  702.685555][ T3695] loop9: detected capacity change from 0 to 128
[  702.695069][ T3693] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  702.698612][ T3695] syz.9.11288: attempt to access beyond end of device
[  702.698612][ T3695] loop9: rw=2049, sector=145, nr_sectors = 16 limit=128
[  702.711210][ T3693] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  702.718530][ T3695] syz.9.11288: attempt to access beyond end of device
[  702.718530][ T3695] loop9: rw=34817, sector=145, nr_sectors = 16 limit=128
[  702.731594][ T3693] ext4 filesystem being mounted at /228/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  702.769266][  T580] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  702.786043][   T29] kauditd_printk_skb: 320 callbacks suppressed
[  702.786058][   T29] audit: type=1326 audit(2000000316.900:83269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="syz.6.11289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf77dae969 code=0x7ffc0000
[  702.819038][   T29] audit: type=1326 audit(2000000316.900:83270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="syz.6.11289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf77dae969 code=0x7ffc0000
[  702.831457][ T3703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3703 comm=syz.6.11290
[  702.843988][   T29] audit: type=1326 audit(2000000316.900:83271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="syz.6.11289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf77dae969 code=0x7ffc0000
[  702.858280][ T3703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3703 comm=syz.6.11290
[  702.880349][   T29] audit: type=1326 audit(2000000316.900:83272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="syz.6.11289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf77dae969 code=0x7ffc0000
[  702.894179][ T3703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3703 comm=syz.6.11290
[  702.916424][   T29] audit: type=1326 audit(2000000316.900:83273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="syz.6.11289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf77dae969 code=0x7ffc0000
[  702.929652][ T3703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3703 comm=syz.6.11290
[  702.952719][   T29] audit: type=1326 audit(2000000316.900:83274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="syz.6.11289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf77dae969 code=0x7ffc0000
[  702.974545][ T3703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3703 comm=syz.6.11290
[  702.988944][   T29] audit: type=1326 audit(2000000316.900:83275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="syz.6.11289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf77dae969 code=0x7ffc0000
[  703.000646][ T2372] page_pool_release_retry() stalled pool shutdown: id 829, 1 inflight 60 sec
[  703.025274][   T29] audit: type=1326 audit(2000000316.900:83276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="syz.6.11289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf77dae969 code=0x7ffc0000
[  703.035213][ T3703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3703 comm=syz.6.11290
[  703.057986][   T29] audit: type=1326 audit(2000000316.900:83277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="syz.6.11289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7fbf77dae969 code=0x7ffc0000
[  703.070090][ T3703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3703 comm=syz.6.11290
[  703.094377][   T29] audit: type=1326 audit(2000000316.900:83278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3700 comm="syz.6.11289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf77dae969 code=0x7ffc0000
[  703.106233][ T3703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3703 comm=syz.6.11290
[  703.142750][ T3703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3703 comm=syz.6.11290
[  703.156390][ T3703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=3703 comm=syz.6.11290
[  703.196471][ T3707] loop9: detected capacity change from 0 to 1764
[  703.204975][ T3707] iso9660: Unknown parameter ''
[  703.280600][ T3716] __nla_validate_parse: 4 callbacks suppressed
[  703.280683][ T3716] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11295'.
[  703.314508][ T3718] netlink: 16 bytes leftover after parsing attributes in process `syz.9.11296'.
[  703.588319][ T3724] FAULT_INJECTION: forcing a failure.
[  703.588319][ T3724] name failslab, interval 1, probability 0, space 0, times 0
[  703.601003][ T3724] CPU: 1 UID: 0 PID: 3724 Comm: syz.3.11298 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  703.601025][ T3724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  703.601033][ T3724] Call Trace:
[  703.601038][ T3724]  <TASK>
[  703.601043][ T3724]  __dump_stack+0x1d/0x30
[  703.601081][ T3724]  dump_stack_lvl+0xe8/0x140
[  703.601091][ T3724]  dump_stack+0x15/0x1b
[  703.601101][ T3724]  should_fail_ex+0x265/0x280
[  703.601140][ T3724]  should_failslab+0x8c/0xb0
[  703.601153][ T3724]  kmem_cache_alloc_noprof+0x50/0x310
[  703.601203][ T3724]  ? alloc_vfsmnt+0x2d/0x360
[  703.601236][ T3724]  alloc_vfsmnt+0x2d/0x360
[  703.601267][ T3724]  clone_mnt+0x41/0x750
[  703.601282][ T3724]  copy_tree+0xb7/0x820
[  703.601359][ T3724]  ? proc_alloc_inum+0x4f/0x70
[  703.601373][ T3724]  copy_mnt_ns+0x120/0x5e0
[  703.601383][ T3724]  ? kmem_cache_alloc_noprof+0x220/0x310
[  703.601396][ T3724]  ? create_new_namespaces+0x3c/0x3d0
[  703.601515][ T3724]  create_new_namespaces+0x83/0x3d0
[  703.601538][ T3724]  unshare_nsproxy_namespaces+0xe8/0x120
[  703.601637][ T3724]  ksys_unshare+0x3d0/0x6d0
[  703.601697][ T3724]  __x64_sys_unshare+0x1f/0x30
[  703.601721][ T3724]  x64_sys_call+0x2d4b/0x2fb0
[  703.601733][ T3724]  do_syscall_64+0xd2/0x200
[  703.601815][ T3724]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  703.601830][ T3724]  ? clear_bhb_loop+0x40/0x90
[  703.601841][ T3724]  ? clear_bhb_loop+0x40/0x90
[  703.601871][ T3724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  703.601882][ T3724] RIP: 0033:0x7efeb7a8e969
[  703.601892][ T3724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  703.601902][ T3724] RSP: 002b:00007efeb60f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  703.601914][ T3724] RAX: ffffffffffffffda RBX: 00007efeb7cb5fa0 RCX: 00007efeb7a8e969
[  703.601921][ T3724] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c020400
[  703.601976][ T3724] RBP: 00007efeb60f7090 R08: 0000000000000000 R09: 0000000000000000
[  703.601983][ T3724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  703.601990][ T3724] R13: 0000000000000000 R14: 00007efeb7cb5fa0 R15: 00007fff61138868
[  703.602000][ T3724]  </TASK>
[  703.603545][ T3724] syz2: rxe_newlink: already configured on veth0_to_bond
[  703.853762][ T3727] netlink: 'syz.3.11299': attribute type 1 has an invalid length.
[  703.876571][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x1
[  703.884128][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.891600][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.899020][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.906477][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.914052][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.921634][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.929219][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.936637][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.944189][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x2
[  703.951616][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.959129][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.966523][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.973982][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.981464][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.988835][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  703.996267][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.003755][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.011178][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.018700][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.026132][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.033735][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.041324][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.048870][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.056294][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.063780][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.071468][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.078898][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.086366][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.092786][ T3733] loop6: detected capacity change from 0 to 512
[  704.093954][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.107641][ T2372] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[  704.114151][ T3733] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.11301: bg 0: block 5: invalid block bitmap
[  704.115959][ T2372] hid-generic 0000:0004:0000.001C: hidraw0: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  704.130673][ T3733] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  704.148499][ T3733] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.11301: invalid indirect mapped block 3 (level 2)
[  704.165197][ T3733] EXT4-fs (loop6): 1 orphan inode deleted
[  704.171064][ T3733] EXT4-fs (loop6): 1 truncate cleaned up
[  704.181323][ T3733] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  704.232855][ T3736] FAULT_INJECTION: forcing a failure.
[  704.232855][ T3736] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  704.246188][ T3736] CPU: 1 UID: 0 PID: 3736 Comm: syz.3.11303 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  704.246222][ T3736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  704.246294][ T3736] Call Trace:
[  704.246302][ T3736]  <TASK>
[  704.246312][ T3736]  __dump_stack+0x1d/0x30
[  704.246337][ T3736]  dump_stack_lvl+0xe8/0x140
[  704.246360][ T3736]  dump_stack+0x15/0x1b
[  704.246379][ T3736]  should_fail_ex+0x265/0x280
[  704.246427][ T3736]  should_fail+0xb/0x20
[  704.246459][ T3736]  should_fail_usercopy+0x1a/0x20
[  704.246478][ T3736]  _copy_to_user+0x20/0xa0
[  704.246541][ T3736]  snd_seq_ioctl+0x223/0x2e0
[  704.246582][ T3736]  ? __pfx_snd_seq_ioctl+0x10/0x10
[  704.246661][ T3736]  __se_sys_ioctl+0xce/0x140
[  704.246698][ T3736]  __x64_sys_ioctl+0x43/0x50
[  704.246730][ T3736]  x64_sys_call+0x19a8/0x2fb0
[  704.246763][ T3736]  do_syscall_64+0xd2/0x200
[  704.246842][ T3736]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  704.246891][ T3736]  ? clear_bhb_loop+0x40/0x90
[  704.246941][ T3736]  ? clear_bhb_loop+0x40/0x90
[  704.246963][ T3736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  704.247056][ T3736] RIP: 0033:0x7efeb7a8e969
[  704.247072][ T3736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  704.247090][ T3736] RSP: 002b:00007efeb60f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  704.247110][ T3736] RAX: ffffffffffffffda RBX: 00007efeb7cb5fa0 RCX: 00007efeb7a8e969
[  704.247150][ T3736] RDX: 0000200000000180 RSI: 000000004058534c RDI: 0000000000000005
[  704.247180][ T3736] RBP: 00007efeb60f7090 R08: 0000000000000000 R09: 0000000000000000
[  704.247195][ T3736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  704.247210][ T3736] R13: 0000000000000000 R14: 00007efeb7cb5fa0 R15: 00007fff61138868
[  704.247302][ T3736]  </TASK>
[  704.439132][  T580] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  704.508690][ T3751] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11305'.
[  704.698726][ T3757] loop1: detected capacity change from 0 to 8192
[  704.779795][ T3757]  loop1: p1 p2 p3 p4
[  704.780848][ T3762] netlink: 24 bytes leftover after parsing attributes in process `syz.7.11310'.
[  704.784448][ T3757] loop1: p1 start 51379968 is beyond EOD, truncated
[  704.784479][ T3757] loop1: p2 start 4293394690 is beyond EOD, truncated
[  704.784500][ T3757] loop1: p3 size 100663552 extends beyond EOD, truncated
[  704.785089][ T3757] loop1: p4 size 50331648 extends beyond EOD, truncated
[  704.928836][ T3768] loop9: detected capacity change from 0 to 128
[  704.929103][ T3768] EXT4-fs: Ignoring removed nobh option
[  704.932702][ T3768] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  704.932912][ T3768] ext4 filesystem being mounted at /93/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  705.018708][ T2310] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  705.062027][ T3774] netlink: 20 bytes leftover after parsing attributes in process `syz.7.11314'.
[  705.084394][ T3774] loop7: detected capacity change from 0 to 2048
[  705.100791][ T3774] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  705.188689][ T3774] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  705.225582][ T3780] SELinux: security_context_str_to_sid (�	������lN��}ĽwL&b��Y��K�BB��2��k�?j�1���p�-��X!�A��:���?q���D�V��'���) failed with errno=-22
[  705.242396][ T3780] netlink: 340 bytes leftover after parsing attributes in process `syz.7.11315'.
[  705.252606][ T3780] netlink: 48 bytes leftover after parsing attributes in process `syz.7.11315'.
[  705.360381][ T3790] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11320'.
[  705.497633][ T3800] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11324'.
[  705.533889][ T3804] netlink: 'syz.9.11326': attribute type 4 has an invalid length.
[  705.548852][ T3804] netlink: 'syz.9.11326': attribute type 4 has an invalid length.
[  705.603657][ T3810] loop6: detected capacity change from 0 to 1024
[  705.831869][ T3829] netlink: 'syz.1.11336': attribute type 4 has an invalid length.
[  705.846382][ T3829] netlink: 'syz.1.11336': attribute type 4 has an invalid length.
[  705.880639][ T3831] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11337'.
[  706.059111][ T3835] loop7: detected capacity change from 0 to 2048
[  706.071105][ T3835] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  706.090708][ T3835] EXT4-fs error (device loop7): ext4_find_extent:939: inode #2: comm syz.7.11339: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  706.109721][ T3835] EXT4-fs error (device loop7): ext4_find_extent:939: inode #2: comm syz.7.11339: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  706.135100][ T1112] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  706.437661][ T3848] loop9: detected capacity change from 0 to 128
[  706.447067][ T3848] syz.9.11343: attempt to access beyond end of device
[  706.447067][ T3848] loop9: rw=2049, sector=145, nr_sectors = 16 limit=128
[  706.461306][ T3848] syz.9.11343: attempt to access beyond end of device
[  706.461306][ T3848] loop9: rw=34817, sector=145, nr_sectors = 16 limit=128
[  706.508039][ T3853] loop6: detected capacity change from 0 to 1024
[  706.647713][ T3860] loop6: detected capacity change from 0 to 256
[  706.656068][ T3860] msdos: Unknown parameter ''
[  706.750253][ T3864] FAULT_INJECTION: forcing a failure.
[  706.750253][ T3864] name failslab, interval 1, probability 0, space 0, times 0
[  706.762950][ T3864] CPU: 1 UID: 0 PID: 3864 Comm: syz.9.11347 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  706.763119][ T3864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  706.763132][ T3864] Call Trace:
[  706.763139][ T3864]  <TASK>
[  706.763147][ T3864]  __dump_stack+0x1d/0x30
[  706.763173][ T3864]  dump_stack_lvl+0xe8/0x140
[  706.763197][ T3864]  dump_stack+0x15/0x1b
[  706.763272][ T3864]  should_fail_ex+0x265/0x280
[  706.763309][ T3864]  should_failslab+0x8c/0xb0
[  706.763336][ T3864]  __kvmalloc_node_noprof+0x126/0x4f0
[  706.763404][ T3864]  ? alloc_fdtable+0xa5/0x1b0
[  706.763444][ T3864]  ? __kmalloc_cache_noprof+0x22e/0x320
[  706.763472][ T3864]  alloc_fdtable+0xa5/0x1b0
[  706.763492][ T3864]  dup_fd+0x4c7/0x540
[  706.763530][ T3864]  copy_files+0x98/0xf0
[  706.763607][ T3864]  copy_process+0xc44/0x1fe0
[  706.763642][ T3864]  kernel_clone+0x16c/0x5b0
[  706.763667][ T3864]  ? vfs_write+0x75e/0x8e0
[  706.763686][ T3864]  __x64_sys_clone+0xe6/0x120
[  706.763797][ T3864]  x64_sys_call+0x2c59/0x2fb0
[  706.763822][ T3864]  do_syscall_64+0xd2/0x200
[  706.763849][ T3864]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  706.763886][ T3864]  ? clear_bhb_loop+0x40/0x90
[  706.763907][ T3864]  ? clear_bhb_loop+0x40/0x90
[  706.763991][ T3864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  706.764025][ T3864] RIP: 0033:0x7fd9e124e969
[  706.764044][ T3864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  706.764066][ T3864] RSP: 002b:00007fd9df874fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  706.764091][ T3864] RAX: ffffffffffffffda RBX: 00007fd9e1476160 RCX: 00007fd9e124e969
[  706.764147][ T3864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
[  706.764160][ T3864] RBP: 00007fd9df875090 R08: 0000000000000000 R09: 0000000000000000
[  706.764196][ T3864] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  706.764211][ T3864] R13: 0000000000000001 R14: 00007fd9e1476160 R15: 00007ffc00f73c28
[  706.764233][ T3864]  </TASK>
[  707.261200][ T3876] netlink: 'syz.7.11354': attribute type 4 has an invalid length.
[  707.288423][ T3876] netlink: 'syz.7.11354': attribute type 4 has an invalid length.
[  707.378067][ T3883] SELinux: security_context_str_to_sid (�	������lN��}ĽwL&b��Y��K�BB��2��k�?j�1���p�-��X!�A��:���?q���D�V��'���) failed with errno=-22
[  707.457733][ T3889] loop9: detected capacity change from 0 to 1024
[  707.486167][ T3891] loop7: detected capacity change from 0 to 2048
[  707.512857][ T3891] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  707.538646][ T3891] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.565094][ T3900] loop7: detected capacity change from 0 to 128
[  707.574621][ T3900] EXT4-fs: Ignoring removed nobh option
[  707.584464][ T3900] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  707.597915][ T3900] ext4 filesystem being mounted at /202/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  707.824900][   T29] kauditd_printk_skb: 809 callbacks suppressed
[  707.824919][   T29] audit: type=1326 audit(2000000321.940:84086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.3.11374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  707.856944][   T29] audit: type=1326 audit(2000000321.940:84087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.3.11374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  707.880758][   T29] audit: type=1326 audit(2000000321.940:84088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.3.11374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  707.904571][   T29] audit: type=1326 audit(2000000321.940:84089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.3.11374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  707.928247][   T29] audit: type=1326 audit(2000000321.940:84090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.3.11374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  707.951874][   T29] audit: type=1326 audit(2000000321.940:84091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.3.11374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  707.975438][   T29] audit: type=1326 audit(2000000321.940:84092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.3.11374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  707.999252][   T29] audit: type=1326 audit(2000000321.940:84093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.3.11374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  708.023041][   T29] audit: type=1326 audit(2000000321.940:84094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.3.11374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  708.046624][   T29] audit: type=1326 audit(2000000321.940:84095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3922 comm="syz.3.11374" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  708.389032][ T3932] ucma_write: process 251 (syz.9.11377) changed security contexts after opening file descriptor, this is not allowed.
[  708.414813][ T1112] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  708.434781][ T3935] __nla_validate_parse: 9 callbacks suppressed
[  708.434800][ T3935] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11379'.
[  708.504116][ T3942] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  708.550994][ T3942] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  708.600639][ T3942] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  708.650764][ T3942] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  708.716556][ T3942] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  708.727598][ T3942] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  708.738712][ T3942] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  708.750903][ T3942] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  708.852794][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x1
[  708.860251][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.867677][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.875085][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.882491][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.889962][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.897442][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.904884][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.912305][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.919714][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x2
[  708.927181][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.934786][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.942203][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.949793][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.957248][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.964779][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.972190][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.979669][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.987130][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  708.994556][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.002023][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.009423][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.016854][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.024259][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.031734][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.039133][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.046539][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.053978][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.061468][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.068835][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.076221][ T2385] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[  709.083975][ T2385] hid-generic 0000:0004:0000.001D: hidraw0: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  709.120932][ T3960] netlink: 16 bytes leftover after parsing attributes in process `syz.9.11388'.
[  709.301598][ T3967] netlink: 'syz.9.11391': attribute type 4 has an invalid length.
[  709.322705][ T3967] netlink: 'syz.9.11391': attribute type 4 has an invalid length.
[  709.359625][ T3975] loop7: detected capacity change from 0 to 128
[  709.365828][ T3974] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11394'.
[  709.370341][ T3975] syz.7.11395: attempt to access beyond end of device
[  709.370341][ T3975] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  709.391766][ T3975] syz.7.11395: attempt to access beyond end of device
[  709.391766][ T3975] loop7: rw=34817, sector=145, nr_sectors = 16 limit=128
[  709.529616][ T3991] SELinux: security_context_str_to_sid (�	������lN��}ĽwL&b��Y��K�BB��2��k�?j�1���p�-��X!�A��:���?q���D�V��'���) failed with errno=-22
[  709.547558][ T3991] netlink: 340 bytes leftover after parsing attributes in process `syz.6.11401'.
[  709.556949][ T3991] netlink: 48 bytes leftover after parsing attributes in process `syz.6.11401'.
[  709.583789][ T3995] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  709.631807][ T3995] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  709.682009][ T3995] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  709.731349][ T3995] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  709.785784][ T3995] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  709.797001][ T3995] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  709.807379][ T3995] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  709.818358][ T3995] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  710.418403][ T4015] netlink: 24 bytes leftover after parsing attributes in process `syz.7.11410'.
[  710.706557][ T4023] loop9: detected capacity change from 0 to 128
[  710.717787][ T4023] syz.9.11414: attempt to access beyond end of device
[  710.717787][ T4023] loop9: rw=2049, sector=145, nr_sectors = 16 limit=128
[  710.735585][ T4023] syz.9.11414: attempt to access beyond end of device
[  710.735585][ T4023] loop9: rw=34817, sector=145, nr_sectors = 16 limit=128
[  710.813909][ T4030] netlink: 72 bytes leftover after parsing attributes in process `syz.6.11417'.
[  710.823151][ T4032] loop3: detected capacity change from 0 to 2048
[  710.852823][ T4034] netlink: 'syz.9.11419': attribute type 4 has an invalid length.
[  710.874504][ T4034] netlink: 'syz.9.11419': attribute type 4 has an invalid length.
[  710.883310][ T4036] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  710.934382][ T4042] loop9: detected capacity change from 0 to 2048
[  710.943472][ T4036] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  710.954656][ T4032] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.11418'.
[  710.964785][ T4037] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.11418'.
[  711.000622][ T4042]  loop9: p1 < > p4
[  711.005203][ T4042] loop9: p4 size 8388608 extends beyond EOD, truncated
[  711.005431][ T4036] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  711.082248][ T4036] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  711.916914][ T4061] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11429'.
[  711.975571][ T4064] loop3: detected capacity change from 0 to 128
[  711.986993][ T4064] syz.3.11430: attempt to access beyond end of device
[  711.986993][ T4064] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[  712.003441][ T4064] syz.3.11430: attempt to access beyond end of device
[  712.003441][ T4064] loop3: rw=34817, sector=145, nr_sectors = 16 limit=128
[  712.135688][ T4075] loop3: detected capacity change from 0 to 2048
[  712.190963][ T4075]  loop3: p1 < > p4
[  712.195396][ T4075] loop3: p4 size 8388608 extends beyond EOD, truncated
[  712.409393][ T2375] page_pool_release_retry() stalled pool shutdown: id 836, 1 inflight 60 sec
[  713.315766][   T29] kauditd_printk_skb: 312 callbacks suppressed
[  713.315787][   T29] audit: type=1326 audit(2000000327.430:84408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4097 comm="syz.9.11444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e124e969 code=0x7ffc0000
[  713.348620][   T29] audit: type=1326 audit(2000000327.430:84409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4097 comm="syz.9.11444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e124e969 code=0x7ffc0000
[  713.374311][   T29] audit: type=1326 audit(2000000327.470:84410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4097 comm="syz.9.11444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e124e969 code=0x7ffc0000
[  713.398288][   T29] audit: type=1326 audit(2000000327.470:84411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4097 comm="syz.9.11444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e124e969 code=0x7ffc0000
[  713.422058][   T29] audit: type=1326 audit(2000000327.470:84412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4097 comm="syz.9.11444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd9e124e969 code=0x7ffc0000
[  713.445631][   T29] audit: type=1326 audit(2000000327.470:84413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4097 comm="syz.9.11444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e124e969 code=0x7ffc0000
[  713.469298][   T29] audit: type=1326 audit(2000000327.470:84414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4097 comm="syz.9.11444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9e124e969 code=0x7ffc0000
[  713.492992][   T29] audit: type=1326 audit(2000000327.470:84415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4097 comm="syz.9.11444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e124e969 code=0x7ffc0000
[  713.516679][   T29] audit: type=1326 audit(2000000327.470:84416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4097 comm="syz.9.11444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9e124e969 code=0x7ffc0000
[  713.540368][   T29] audit: type=1326 audit(2000000327.470:84417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4097 comm="syz.9.11444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9e124e969 code=0x7ffc0000
[  713.685700][ T4036] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  713.700060][ T4036] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  713.712009][ T4036] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  713.724299][ T4036] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  713.804854][ T4117] __nla_validate_parse: 3 callbacks suppressed
[  713.804890][ T4117] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11451'.
[  713.837716][ T4119] loop3: detected capacity change from 0 to 512
[  713.848155][ T4119] EXT4-fs: Ignoring removed mblk_io_submit option
[  713.855824][ T4119] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  713.872199][ T4119] EXT4-fs (loop3): 1 truncate cleaned up
[  713.879029][ T4119] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  713.924073][ T4119] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  713.930606][ T4119] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  713.942670][ T4119] vhci_hcd vhci_hcd.0: Device attached
[  713.965014][ T4119] 9pnet_fd: Insufficient options for proto=fd
[  713.992260][ T4124] vhci_hcd: connection closed
[  713.992408][T29453] vhci_hcd: stop threads
[  713.995930][ T4128] netlink: 72 bytes leftover after parsing attributes in process `syz.6.11454'.
[  713.997217][T29453] vhci_hcd: release socket
[  714.016938][T29453] vhci_hcd: disconnect device
[  714.147549][ T4135] netlink: 16 bytes leftover after parsing attributes in process `syz.6.11456'.
[  714.272531][ T4138] FAULT_INJECTION: forcing a failure.
[  714.272531][ T4138] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  714.287335][ T4138] CPU: 0 UID: 0 PID: 4138 Comm: syz.6.11457 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  714.287379][ T4138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  714.287391][ T4138] Call Trace:
[  714.287398][ T4138]  <TASK>
[  714.287406][ T4138]  __dump_stack+0x1d/0x30
[  714.287432][ T4138]  dump_stack_lvl+0xe8/0x140
[  714.287455][ T4138]  dump_stack+0x15/0x1b
[  714.287475][ T4138]  should_fail_ex+0x265/0x280
[  714.287543][ T4138]  should_fail+0xb/0x20
[  714.287562][ T4138]  should_fail_usercopy+0x1a/0x20
[  714.287575][ T4138]  _copy_to_user+0x20/0xa0
[  714.287591][ T4138]  simple_read_from_buffer+0xb5/0x130
[  714.287672][ T4138]  proc_fail_nth_read+0x100/0x140
[  714.287687][ T4138]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  714.287701][ T4138]  vfs_read+0x19d/0x6f0
[  714.287763][ T4138]  ? __rcu_read_unlock+0x4f/0x70
[  714.287778][ T4138]  ? __fget_files+0x184/0x1c0
[  714.287794][ T4138]  ksys_read+0xda/0x1a0
[  714.287807][ T4138]  __x64_sys_read+0x40/0x50
[  714.287820][ T4138]  x64_sys_call+0x2d77/0x2fb0
[  714.287903][ T4138]  do_syscall_64+0xd2/0x200
[  714.287917][ T4138]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  714.287930][ T4138]  ? clear_bhb_loop+0x40/0x90
[  714.287946][ T4138]  ? clear_bhb_loop+0x40/0x90
[  714.287960][ T4138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.287971][ T4138] RIP: 0033:0x7fbf77dad37c
[  714.287981][ T4138] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  714.288057][ T4138] RSP: 002b:00007fbf76417030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  714.288069][ T4138] RAX: ffffffffffffffda RBX: 00007fbf77fd5fa0 RCX: 00007fbf77dad37c
[  714.288077][ T4138] RDX: 000000000000000f RSI: 00007fbf764170a0 RDI: 0000000000000005
[  714.288114][ T4138] RBP: 00007fbf76417090 R08: 0000000000000000 R09: 0000000000000000
[  714.288149][ T4138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  714.288156][ T4138] R13: 0000000000000000 R14: 00007fbf77fd5fa0 R15: 00007ffea90438d8
[  714.288166][ T4138]  </TASK>
[  714.544483][ T4142] netlink: 20 bytes leftover after parsing attributes in process `syz.6.11459'.
[  714.568458][ T4142] loop6: detected capacity change from 0 to 2048
[  714.582164][ T4142] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  714.612236][ T4142] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  714.657568][ T4161] bridge_slave_0: left allmulticast mode
[  714.663828][ T4161] bridge_slave_0: left promiscuous mode
[  714.669639][ T4161] bridge0: port 1(bridge_slave_0) entered disabled state
[  714.677487][ T4161] bridge_slave_1: left allmulticast mode
[  714.683311][ T4161] bridge_slave_1: left promiscuous mode
[  714.689232][ T4161] bridge0: port 2(bridge_slave_1) entered disabled state
[  714.707094][ T4161] bond0: (slave bond_slave_0): Releasing backup interface
[  714.716506][T30610] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  714.727182][ T4161] bond0: (slave bond_slave_1): Releasing backup interface
[  714.736777][ T4161] team0: Port device team_slave_0 removed
[  714.743558][ T4161] team0: Port device team_slave_1 removed
[  714.749607][ T4161] batman_adv: batadv0: Removing interface: batadv_slave_1
[  714.916719][ T4173] loop3: detected capacity change from 0 to 2048
[  715.548037][ T4184] FAULT_INJECTION: forcing a failure.
[  715.548037][ T4184] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  715.561234][ T4184] CPU: 0 UID: 0 PID: 4184 Comm: syz.7.11475 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  715.561316][ T4184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  715.561329][ T4184] Call Trace:
[  715.561337][ T4184]  <TASK>
[  715.561345][ T4184]  __dump_stack+0x1d/0x30
[  715.561367][ T4184]  dump_stack_lvl+0xe8/0x140
[  715.561415][ T4184]  dump_stack+0x15/0x1b
[  715.561437][ T4184]  should_fail_ex+0x265/0x280
[  715.561473][ T4184]  should_fail+0xb/0x20
[  715.561582][ T4184]  should_fail_usercopy+0x1a/0x20
[  715.561684][ T4184]  _copy_to_user+0x20/0xa0
[  715.561711][ T4184]  __se_sys_move_pages+0xf8a/0x1340
[  715.561795][ T4184]  ? get_pid_task+0x96/0xd0
[  715.561828][ T4184]  ? ksys_write+0x192/0x1a0
[  715.561866][ T4184]  __x64_sys_move_pages+0x78/0x90
[  715.561891][ T4184]  x64_sys_call+0x2eab/0x2fb0
[  715.561915][ T4184]  do_syscall_64+0xd2/0x200
[  715.561962][ T4184]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  715.561993][ T4184]  ? clear_bhb_loop+0x40/0x90
[  715.562018][ T4184]  ? clear_bhb_loop+0x40/0x90
[  715.562040][ T4184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.562143][ T4184] RIP: 0033:0x7f178380e969
[  715.562174][ T4184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  715.562195][ T4184] RSP: 002b:00007f1781e77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  715.562218][ T4184] RAX: ffffffffffffffda RBX: 00007f1783a35fa0 RCX: 00007f178380e969
[  715.562232][ T4184] RDX: 0000200000000080 RSI: 0000000000001efe RDI: 0000000000000000
[  715.562290][ T4184] RBP: 00007f1781e77090 R08: 0000200000000040 R09: 0000000000000000
[  715.562313][ T4184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  715.562327][ T4184] R13: 0000000000000000 R14: 00007f1783a35fa0 R15: 00007ffda605de38
[  715.562418][ T4184]  </TASK>
[  715.796292][ T4190] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11478'.
[  715.832845][ T4190] loop3: detected capacity change from 0 to 2048
[  715.851414][ T4200] loop6: detected capacity change from 0 to 128
[  715.852061][ T4190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  715.876988][ T4200] syz.6.11481: attempt to access beyond end of device
[  715.876988][ T4200] loop6: rw=2049, sector=145, nr_sectors = 16 limit=128
[  715.893541][ T4200] syz.6.11481: attempt to access beyond end of device
[  715.893541][ T4200] loop6: rw=34817, sector=145, nr_sectors = 16 limit=128
[  715.911684][ T4190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  715.951643][ T4211] netlink: 'syz.3.11485': attribute type 4 has an invalid length.
[  715.962536][ T4211] netlink: 'syz.3.11485': attribute type 4 has an invalid length.
[  716.012411][ T4219] netlink: 72 bytes leftover after parsing attributes in process `syz.3.11489'.
[  716.016038][ T4221] FAULT_INJECTION: forcing a failure.
[  716.016038][ T4221] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  716.035413][ T4221] CPU: 1 UID: 0 PID: 4221 Comm: syz.6.11490 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  716.035446][ T4221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  716.035460][ T4221] Call Trace:
[  716.035469][ T4221]  <TASK>
[  716.035535][ T4221]  __dump_stack+0x1d/0x30
[  716.035606][ T4221]  dump_stack_lvl+0xe8/0x140
[  716.035628][ T4221]  dump_stack+0x15/0x1b
[  716.035646][ T4221]  should_fail_ex+0x265/0x280
[  716.035682][ T4221]  should_fail+0xb/0x20
[  716.035713][ T4221]  should_fail_usercopy+0x1a/0x20
[  716.035804][ T4221]  _copy_from_iter+0xcf/0xe40
[  716.035824][ T4221]  ? __build_skb_around+0x1a0/0x200
[  716.035850][ T4221]  ? __alloc_skb+0x223/0x320
[  716.035876][ T4221]  netlink_sendmsg+0x471/0x6b0
[  716.035942][ T4221]  ? __pfx_netlink_sendmsg+0x10/0x10
[  716.035972][ T4221]  __sock_sendmsg+0x142/0x180
[  716.036008][ T4221]  ____sys_sendmsg+0x31e/0x4e0
[  716.036039][ T4221]  ___sys_sendmsg+0x17b/0x1d0
[  716.036098][ T4221]  __x64_sys_sendmsg+0xd4/0x160
[  716.036137][ T4221]  x64_sys_call+0x2999/0x2fb0
[  716.036161][ T4221]  do_syscall_64+0xd2/0x200
[  716.036189][ T4221]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  716.036218][ T4221]  ? clear_bhb_loop+0x40/0x90
[  716.036254][ T4221]  ? clear_bhb_loop+0x40/0x90
[  716.036279][ T4221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.036302][ T4221] RIP: 0033:0x7fbf77dae969
[  716.036320][ T4221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  716.036340][ T4221] RSP: 002b:00007fbf76417038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  716.036362][ T4221] RAX: ffffffffffffffda RBX: 00007fbf77fd5fa0 RCX: 00007fbf77dae969
[  716.036395][ T4221] RDX: 0000000000000010 RSI: 0000200000000600 RDI: 0000000000000003
[  716.036410][ T4221] RBP: 00007fbf76417090 R08: 0000000000000000 R09: 0000000000000000
[  716.036423][ T4221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  716.036437][ T4221] R13: 0000000000000000 R14: 00007fbf77fd5fa0 R15: 00007ffea90438d8
[  716.036457][ T4221]  </TASK>
[  716.291918][ T4229] loop6: detected capacity change from 0 to 512
[  716.299124][ T4229] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  716.312728][ T4229] EXT4-fs (loop6): 1 truncate cleaned up
[  716.318949][ T4229] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  716.346596][ T4229] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  716.480085][ T4246] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11500'.
[  716.489209][ T4246] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11500'.
[  716.511704][  T580] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  716.535882][ T4249] netlink: 'syz.3.11503': attribute type 4 has an invalid length.
[  716.555562][ T4249] netlink: 'syz.3.11503': attribute type 4 has an invalid length.
[  716.603325][ T4254] pimreg: entered allmulticast mode
[  716.612678][ T4254] pimreg: left allmulticast mode
[  716.663151][ T4259] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11504'.
[  716.664205][ T4258] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11506'.
[  716.728184][ T4263] selinux_netlink_send: 23 callbacks suppressed
[  716.728206][ T4263] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4263 comm=syz.6.11508
[  716.754596][ T4265] �: renamed from bond_slave_0
[  716.795112][ T4272] �: renamed from bond_slave_0 (while UP)
[  716.814433][ T4272] FAULT_INJECTION: forcing a failure.
[  716.814433][ T4272] name failslab, interval 1, probability 0, space 0, times 0
[  716.827360][ T4272] CPU: 1 UID: 0 PID: 4272 Comm: syz.6.11512 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  716.827398][ T4272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  716.827412][ T4272] Call Trace:
[  716.827419][ T4272]  <TASK>
[  716.827427][ T4272]  __dump_stack+0x1d/0x30
[  716.827451][ T4272]  dump_stack_lvl+0xe8/0x140
[  716.827514][ T4272]  dump_stack+0x15/0x1b
[  716.827530][ T4272]  should_fail_ex+0x265/0x280
[  716.827567][ T4272]  should_failslab+0x8c/0xb0
[  716.827606][ T4272]  kmem_cache_alloc_node_noprof+0x57/0x320
[  716.827704][ T4272]  ? __alloc_skb+0x101/0x320
[  716.827732][ T4272]  __alloc_skb+0x101/0x320
[  716.827833][ T4272]  netlink_alloc_large_skb+0xba/0xf0
[  716.827911][ T4272]  netlink_sendmsg+0x3cf/0x6b0
[  716.827945][ T4272]  ? __pfx_netlink_sendmsg+0x10/0x10
[  716.827974][ T4272]  __sock_sendmsg+0x142/0x180
[  716.828065][ T4272]  ____sys_sendmsg+0x31e/0x4e0
[  716.828099][ T4272]  ___sys_sendmsg+0x17b/0x1d0
[  716.828215][ T4272]  __x64_sys_sendmsg+0xd4/0x160
[  716.828244][ T4272]  x64_sys_call+0x2999/0x2fb0
[  716.828270][ T4272]  do_syscall_64+0xd2/0x200
[  716.828301][ T4272]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  716.828372][ T4272]  ? clear_bhb_loop+0x40/0x90
[  716.828394][ T4272]  ? clear_bhb_loop+0x40/0x90
[  716.828453][ T4272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  716.828478][ T4272] RIP: 0033:0x7fbf77dae969
[  716.828498][ T4272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  716.828521][ T4272] RSP: 002b:00007fbf76417038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  716.828546][ T4272] RAX: ffffffffffffffda RBX: 00007fbf77fd5fa0 RCX: 00007fbf77dae969
[  716.828633][ T4272] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[  716.828655][ T4272] RBP: 00007fbf76417090 R08: 0000000000000000 R09: 0000000000000000
[  716.828667][ T4272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  716.828680][ T4272] R13: 0000000000000000 R14: 00007fbf77fd5fa0 R15: 00007ffea90438d8
[  716.828698][ T4272]  </TASK>
[  717.103410][ T4281] netlink: 'syz.9.11516': attribute type 4 has an invalid length.
[  717.136614][ T4281] netlink: 'syz.9.11516': attribute type 4 has an invalid length.
[  717.201143][ T4289] SELinux: security_context_str_to_sid (�	������lN��}ĽwL&b��Y��K�BB��2��k�?j�1���p�-��X!�A��:���?q���D�V��'���) failed with errno=-22
[  717.271346][ T4292] lo speed is unknown, defaulting to 1000
[  717.277159][ T4292] lo speed is unknown, defaulting to 1000
[  717.284123][ T4292] lo speed is unknown, defaulting to 1000
[  717.290891][ T4292] infiniband s�z0: RDMA CMA: cma_listen_on_dev, error -98
[  717.334075][ T4292] lo speed is unknown, defaulting to 1000
[  717.340965][ T4292] lo speed is unknown, defaulting to 1000
[  717.347553][ T4292] lo speed is unknown, defaulting to 1000
[  717.353743][ T4292] lo speed is unknown, defaulting to 1000
[  717.360216][ T4292] lo speed is unknown, defaulting to 1000
[  717.366625][ T4292] lo speed is unknown, defaulting to 1000
[  717.373487][ T4292] lo speed is unknown, defaulting to 1000
[  717.379628][ T4292] lo speed is unknown, defaulting to 1000
[  717.385873][ T4292] lo speed is unknown, defaulting to 1000
[  717.495552][ T4297] loop6: detected capacity change from 0 to 128
[  717.543859][ T4297] syz.6.11522: attempt to access beyond end of device
[  717.543859][ T4297] loop6: rw=2049, sector=145, nr_sectors = 16 limit=128
[  717.651239][ T4297] syz.6.11522: attempt to access beyond end of device
[  717.651239][ T4297] loop6: rw=34817, sector=145, nr_sectors = 16 limit=128
[  717.709122][ T4291] loop9: detected capacity change from 0 to 512
[  717.718553][ T4291] EXT4-fs: Ignoring removed oldalloc option
[  717.727061][ T4291] EXT4-fs error (device loop9): ext4_xattr_inode_iget:433: comm +}[@: Parent and EA inode have the same ino 15
[  717.739288][ T4291] EXT4-fs error (device loop9): ext4_xattr_inode_iget:433: comm +}[@: Parent and EA inode have the same ino 15
[  717.751745][ T4291] EXT4-fs (loop9): 1 orphan inode deleted
[  717.757874][ T4291] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  717.771811][ T4291] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  718.016774][ T4325] SELinux: security_context_str_to_sid (�	������lN��}ĽwL&b��Y��K�BB��2��k�?j�1���p�-��X!�A��:���?q���D�V��'���) failed with errno=-22
[  718.078810][ T4327] loop3: detected capacity change from 0 to 2048
[  718.366062][   T29] kauditd_printk_skb: 378 callbacks suppressed
[  718.366082][   T29] audit: type=1326 audit(2000000332.480:84796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.11542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  718.396671][   T29] audit: type=1326 audit(2000000332.480:84797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.11542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  718.423319][   T29] audit: type=1326 audit(2000000332.480:84798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.11542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  718.447030][   T29] audit: type=1326 audit(2000000332.480:84799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.11542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  718.471332][   T29] audit: type=1326 audit(2000000332.480:84800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.11542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  718.495198][   T29] audit: type=1326 audit(2000000332.480:84801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.11542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  718.519523][   T29] audit: type=1326 audit(2000000332.480:84802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.11542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  718.543404][   T29] audit: type=1326 audit(2000000332.480:84803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.11542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  718.567795][   T29] audit: type=1326 audit(2000000332.510:84804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.11542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  718.591970][   T29] audit: type=1326 audit(2000000332.510:84805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4348 comm="syz.1.11542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fef10bde969 code=0x7ffc0000
[  718.641609][ T4362] 8021q: adding VLAN 0 to HW filter on device bond0
[  718.650996][ T4362] 8021q: adding VLAN 0 to HW filter on device team0
[  718.668362][ T4362] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  718.691934][ T2385] lo speed is unknown, defaulting to 1000
[  718.739933][ T4370] loop6: detected capacity change from 0 to 512
[  718.747719][ T4370] EXT4-fs error (device loop6): ext4_orphan_get:1393: inode #15: comm syz.6.11548: iget: bad i_size value: 38620345925642
[  718.761681][ T4370] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.11548: couldn't read orphan inode 15 (err -117)
[  718.775489][ T4370] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  718.810217][  T580] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  719.226628][ T4392] loop3: detected capacity change from 0 to 2048
[  719.252562][ T4392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  719.276019][ T4392] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  719.308603][ T4397] __nla_validate_parse: 16 callbacks suppressed
[  719.308622][ T4397] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11557'.
[  719.346574][ T4400] loop3: detected capacity change from 0 to 2048
[  719.361680][ T4400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  719.384869][ T4400] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.11558: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  719.403874][ T4400] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.11558: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  719.429338][T30610] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  719.622820][ T4423] loop9: detected capacity change from 0 to 2048
[  719.643766][ T4423] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  719.683703][ T2310] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  720.481816][ T4451] netlink: 256 bytes leftover after parsing attributes in process `syz.3.11579'.
[  720.657487][ T4456] loop9: detected capacity change from 0 to 128
[  720.667171][ T4456] syz.9.11581: attempt to access beyond end of device
[  720.667171][ T4456] loop9: rw=2049, sector=145, nr_sectors = 16 limit=128
[  720.681262][ T4456] syz.9.11581: attempt to access beyond end of device
[  720.681262][ T4456] loop9: rw=34817, sector=145, nr_sectors = 16 limit=128
[  720.796355][ T4459] loop9: detected capacity change from 0 to 4096
[  720.805020][ T4459] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  720.888695][ T4459] lo speed is unknown, defaulting to 1000
[  721.105941][ T2310] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.191974][ T4469] netlink: 'syz.9.11584': attribute type 4 has an invalid length.
[  721.207975][ T4469] netlink: 'syz.9.11584': attribute type 4 has an invalid length.
[  721.244474][ T4473] netlink: 'syz.9.11586': attribute type 4 has an invalid length.
[  721.260391][ T4473] netlink: 'syz.9.11586': attribute type 4 has an invalid length.
[  721.285977][ T4475] FAULT_INJECTION: forcing a failure.
[  721.285977][ T4475] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  721.301376][ T4475] CPU: 0 UID: 0 PID: 4475 Comm: syz.9.11587 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  721.301456][ T4475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  721.301471][ T4475] Call Trace:
[  721.301478][ T4475]  <TASK>
[  721.301488][ T4475]  __dump_stack+0x1d/0x30
[  721.301563][ T4475]  dump_stack_lvl+0xe8/0x140
[  721.301586][ T4475]  dump_stack+0x15/0x1b
[  721.301604][ T4475]  should_fail_ex+0x265/0x280
[  721.301634][ T4475]  should_fail+0xb/0x20
[  721.301736][ T4475]  should_fail_usercopy+0x1a/0x20
[  721.301755][ T4475]  _copy_from_user+0x1c/0xb0
[  721.301778][ T4475]  input_event_from_user+0x5f/0x160
[  721.301873][ T4475]  ? input_inject_event+0xd9/0xf0
[  721.301898][ T4475]  evdev_write+0x1b1/0x290
[  721.302005][ T4475]  ? __pfx_evdev_write+0x10/0x10
[  721.302034][ T4475]  vfs_write+0x269/0x8e0
[  721.302051][ T4475]  ? __rcu_read_unlock+0x4f/0x70
[  721.302124][ T4475]  ? __fget_files+0x184/0x1c0
[  721.302146][ T4475]  ksys_write+0xda/0x1a0
[  721.302165][ T4475]  __x64_sys_write+0x40/0x50
[  721.302184][ T4475]  x64_sys_call+0x2cdd/0x2fb0
[  721.302210][ T4475]  do_syscall_64+0xd2/0x200
[  721.302291][ T4475]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  721.302321][ T4475]  ? clear_bhb_loop+0x40/0x90
[  721.302345][ T4475]  ? clear_bhb_loop+0x40/0x90
[  721.302366][ T4475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  721.302386][ T4475] RIP: 0033:0x7fd9e124e969
[  721.302407][ T4475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  721.302430][ T4475] RSP: 002b:00007fd9df8b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  721.302451][ T4475] RAX: ffffffffffffffda RBX: 00007fd9e1475fa0 RCX: 00007fd9e124e969
[  721.302538][ T4475] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003
[  721.302553][ T4475] RBP: 00007fd9df8b7090 R08: 0000000000000000 R09: 0000000000000000
[  721.302568][ T4475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  721.302583][ T4475] R13: 0000000000000000 R14: 00007fd9e1475fa0 R15: 00007ffc00f73c28
[  721.302604][ T4475]  </TASK>
[  721.567309][ T4483] loop1: detected capacity change from 0 to 2048
[  721.682181][ T4485] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.11591'.
[  721.691803][ T4484] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.11591'.
[  721.941958][ T4489] loop6: detected capacity change from 0 to 2048
[  721.961111][ T4489] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  721.975719][ T4489] EXT4-fs error (device loop6): ext4_find_extent:939: inode #2: comm syz.6.11593: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  722.002015][  T580] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  722.044858][ T4498] loop6: detected capacity change from 0 to 1024
[  722.107719][ T4506] No such timeout policy "syz0"
[  722.418972][ T4519] SELinux: security_context_str_to_sid (�	������lN��}ĽwL&b��Y��K�BB��2��k�?j�1���p�-��X!�A��:���?q���D�V��'���) failed with errno=-22
[  722.440030][ T4519] netlink: 340 bytes leftover after parsing attributes in process `syz.1.11604'.
[  722.450991][ T4519] netlink: 48 bytes leftover after parsing attributes in process `syz.1.11604'.
[  722.488503][ T4524] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11606'.
[  722.641364][ T4528] loop1: detected capacity change from 0 to 1024
[  722.769094][ T4534] netlink: 72 bytes leftover after parsing attributes in process `syz.1.11611'.
[  722.834338][ T4540] loop1: detected capacity change from 0 to 2048
[  722.896657][ T4541] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.11614'.
[  722.907027][ T4540] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.11614'.
[  722.973437][ T4549] loop1: detected capacity change from 0 to 2048
[  722.979854][ T4551] loop7: detected capacity change from 0 to 1024
[  723.010255][ T4549]  loop1: p1 < > p4
[  723.014975][ T4549] loop1: p4 size 8388608 extends beyond EOD, truncated
[  723.510955][ T4564] loop7: detected capacity change from 0 to 2048
[  723.746144][ T4577] loop7: detected capacity change from 0 to 2048
[  723.764185][ T4577] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  723.778544][ T4577] EXT4-fs error (device loop7): ext4_find_extent:939: inode #2: comm syz.7.11630: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  723.807846][ T1112] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  723.831949][ T4582] loop7: detected capacity change from 0 to 1024
[  723.858949][   T29] kauditd_printk_skb: 423 callbacks suppressed
[  723.858965][   T29] audit: type=1326 audit(2000000337.970:85229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4583 comm="syz.7.11632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  723.891599][   T29] audit: type=1326 audit(2000000337.970:85230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4583 comm="syz.7.11632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  723.915404][   T29] audit: type=1326 audit(2000000337.970:85231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4583 comm="syz.7.11632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  723.941736][   T29] audit: type=1326 audit(2000000337.970:85232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4583 comm="syz.7.11632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  723.965358][   T29] audit: type=1326 audit(2000000337.970:85233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4583 comm="syz.7.11632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  723.991225][   T29] audit: type=1326 audit(2000000337.970:85234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4583 comm="syz.7.11632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  724.014910][   T29] audit: type=1326 audit(2000000337.970:85235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4583 comm="syz.7.11632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  724.040964][   T29] audit: type=1326 audit(2000000337.970:85236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4583 comm="syz.7.11632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  724.064967][   T29] audit: type=1326 audit(2000000337.970:85237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4583 comm="syz.7.11632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  724.090872][   T29] audit: type=1326 audit(2000000337.970:85238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4583 comm="syz.7.11632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  724.540445][ T4609] loop3: detected capacity change from 0 to 2048
[  724.551158][ T4609] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  724.566952][ T4609] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.11642: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  724.592870][T30610] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  725.226371][ T4619] __nla_validate_parse: 4 callbacks suppressed
[  725.226383][ T4619] netlink: 16 bytes leftover after parsing attributes in process `syz.6.11646'.
[  725.356287][ T4622] loop9: detected capacity change from 0 to 2048
[  725.389671][ T4622]  loop9: p1 < > p4
[  725.394071][ T4622] loop9: p4 size 8388608 extends beyond EOD, truncated
[  725.438453][ T4624] netlink: 388 bytes leftover after parsing attributes in process `syz.9.11648'.
[  725.470009][ T4624] bridge_slave_0: left allmulticast mode
[  725.475716][ T4624] bridge_slave_0: left promiscuous mode
[  725.481612][ T4624] bridge0: port 1(bridge_slave_0) entered disabled state
[  725.491795][ T4624] bridge_slave_1: left allmulticast mode
[  725.497501][ T4624] bridge_slave_1: left promiscuous mode
[  725.504229][ T4624] bridge0: port 2(bridge_slave_1) entered disabled state
[  725.514503][ T4624] bond0: (slave bond_slave_0): Releasing backup interface
[  725.526667][ T4624] bond0: (slave bond_slave_1): Releasing backup interface
[  725.543915][ T4624] team0: Port device team_slave_0 removed
[  725.565084][ T4624] team0: Port device team_slave_1 removed
[  725.572453][ T4624] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  725.580273][ T4624] batman_adv: batadv0: Removing interface: batadv_slave_0
[  725.588732][ T4624] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  725.597270][ T4624] batman_adv: batadv0: Removing interface: batadv_slave_1
[  726.103064][ T4646] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.141520][ T4646] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.191350][ T4646] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.241195][ T4646] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.306435][ T4646] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  726.317265][ T4646] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  726.328027][ T4646] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  726.340964][ T4646] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  726.899063][ T4657] netlink: 'syz.7.11659': attribute type 4 has an invalid length.
[  726.908760][   T10] lo speed is unknown, defaulting to 1000
[  726.914599][ T4657] netlink: 'syz.7.11659': attribute type 4 has an invalid length.
[  726.916060][ T2375] lo speed is unknown, defaulting to 1000
[  726.998743][ T4667] loop7: detected capacity change from 0 to 128
[  727.008165][ T4667] syz.7.11664: attempt to access beyond end of device
[  727.008165][ T4667] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  727.022619][ T4667] syz.7.11664: attempt to access beyond end of device
[  727.022619][ T4667] loop7: rw=34817, sector=145, nr_sectors = 16 limit=128
[  727.365427][ T4678] hub 8-0:1.0: USB hub found
[  727.370885][ T4678] hub 8-0:1.0: 8 ports detected
[  728.123812][ T4686] netlink: 'syz.7.11671': attribute type 4 has an invalid length.
[  728.675390][ T4696] loop3: detected capacity change from 0 to 2048
[  728.710351][ T4696]  loop3: p1 < > p4
[  728.714748][ T4696] loop3: p4 size 8388608 extends beyond EOD, truncated
[  728.796017][ T4704] FAULT_INJECTION: forcing a failure.
[  728.796017][ T4704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  728.810892][ T4704] CPU: 0 UID: 0 PID: 4704 Comm: syz.9.11680 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  728.810926][ T4704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  728.810939][ T4704] Call Trace:
[  728.810947][ T4704]  <TASK>
[  728.810956][ T4704]  __dump_stack+0x1d/0x30
[  728.810988][ T4704]  dump_stack_lvl+0xe8/0x140
[  728.811008][ T4704]  dump_stack+0x15/0x1b
[  728.811027][ T4704]  should_fail_ex+0x265/0x280
[  728.811161][ T4704]  should_fail+0xb/0x20
[  728.811192][ T4704]  should_fail_usercopy+0x1a/0x20
[  728.811214][ T4704]  _copy_from_user+0x1c/0xb0
[  728.811238][ T4704]  ___sys_sendmsg+0xc1/0x1d0
[  728.811355][ T4704]  __x64_sys_sendmsg+0xd4/0x160
[  728.811387][ T4704]  x64_sys_call+0x2999/0x2fb0
[  728.811412][ T4704]  do_syscall_64+0xd2/0x200
[  728.811480][ T4704]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  728.811518][ T4704]  ? clear_bhb_loop+0x40/0x90
[  728.811595][ T4704]  ? clear_bhb_loop+0x40/0x90
[  728.811632][ T4704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  728.811653][ T4704] RIP: 0033:0x7fd9e124e969
[  728.811670][ T4704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  728.811688][ T4704] RSP: 002b:00007fd9df8b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  728.811738][ T4704] RAX: ffffffffffffffda RBX: 00007fd9e1475fa0 RCX: 00007fd9e124e969
[  728.811753][ T4704] RDX: 000000000000c000 RSI: 0000200000000080 RDI: 0000000000000003
[  728.811767][ T4704] RBP: 00007fd9df8b7090 R08: 0000000000000000 R09: 0000000000000000
[  728.811782][ T4704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  728.811796][ T4704] R13: 0000000000000000 R14: 00007fd9e1475fa0 R15: 00007ffc00f73c28
[  728.811817][ T4704]  </TASK>
[  729.140551][ T4712] loop9: detected capacity change from 0 to 1024
[  729.185637][   T29] kauditd_printk_skb: 411 callbacks suppressed
[  729.185656][   T29] audit: type=1326 audit(2000000343.300:85650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4717 comm="syz.7.11686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  729.191919][ T4720] netlink: 72 bytes leftover after parsing attributes in process `syz.9.11687'.
[  729.228192][   T29] audit: type=1326 audit(2000000343.340:85651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4717 comm="syz.7.11686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  729.253305][   T29] audit: type=1326 audit(2000000343.340:85652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4717 comm="syz.7.11686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  729.277203][   T29] audit: type=1326 audit(2000000343.340:85653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4717 comm="syz.7.11686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  729.302528][   T29] audit: type=1326 audit(2000000343.340:85654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4717 comm="syz.7.11686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  729.326134][   T29] audit: type=1326 audit(2000000343.340:85655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4717 comm="syz.7.11686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  729.352002][   T29] audit: type=1326 audit(2000000343.340:85656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4717 comm="syz.7.11686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  729.375791][   T29] audit: type=1326 audit(2000000343.340:85657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4717 comm="syz.7.11686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  729.402001][   T29] audit: type=1326 audit(2000000343.340:85658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4717 comm="syz.7.11686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  729.425740][   T29] audit: type=1326 audit(2000000343.340:85659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4717 comm="syz.7.11686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  729.463699][ T4726] loop6: detected capacity change from 0 to 2048
[  729.511779][ T4726]  loop6: p1 < > p4
[  729.516354][ T4726] loop6: p4 size 8388608 extends beyond EOD, truncated
[  729.746043][ T4745] loop6: detected capacity change from 0 to 1024
[  729.773710][ T4747] loop6: detected capacity change from 0 to 128
[  729.785767][ T4747] syz.6.11697: attempt to access beyond end of device
[  729.785767][ T4747] loop6: rw=2049, sector=145, nr_sectors = 16 limit=128
[  729.800559][ T4747] syz.6.11697: attempt to access beyond end of device
[  729.800559][ T4747] loop6: rw=34817, sector=145, nr_sectors = 16 limit=128
[  729.981065][ T4756] loop6: detected capacity change from 0 to 2048
[  729.991574][ T4756] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  730.120419][ T4764] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  730.137918][ T4764] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1658 with error 28
[  730.151257][ T4764] EXT4-fs (loop6): This should not happen!! Data will be lost
[  730.151257][ T4764] 
[  730.160973][ T4764] EXT4-fs (loop6): Total free blocks count 0
[  730.167075][ T4764] EXT4-fs (loop6): Free/Dirty block details
[  730.173088][ T4764] EXT4-fs (loop6): free_blocks=2415919104
[  730.179875][ T4764] EXT4-fs (loop6): dirty_blocks=1664
[  730.185196][ T4764] EXT4-fs (loop6): Block reservation details
[  730.191373][ T4764] EXT4-fs (loop6): i_reserved_data_blocks=104
[  730.237657][ T4770] netlink: 'syz.3.11704': attribute type 4 has an invalid length.
[  730.280030][ T4756] EXT4-fs error (device loop6): ext4_find_inline_data_nolock:169: inode #12: comm syz.6.11701: inline data xattr refers to an external xattr inode
[  730.296893][ T4756] EXT4-fs error (device loop6): ext4_lookup:1787: inode #16: comm syz.6.11701: iget: bad i_size value: 8796093031208
[  730.324159][T29709] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  730.343278][ T4777] loop3: detected capacity change from 0 to 1024
[  730.354064][ T4779] SELinux: security_context_str_to_sid (�	������lN��}ĽwL&b��Y��K�BB��2��k�?j�1���p�-��X!�A��:���?q���D�V��'���) failed with errno=-22
[  730.372036][ T4779] netlink: 340 bytes leftover after parsing attributes in process `syz.6.11706'.
[  730.382511][ T4779] netlink: 48 bytes leftover after parsing attributes in process `syz.6.11706'.
[  730.487215][ T4785] loop3: detected capacity change from 0 to 2048
[  730.511223][ T4785] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  730.537014][T30610] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  730.678790][ T4798] loop3: detected capacity change from 0 to 128
[  730.689538][ T4798] syz.3.11714: attempt to access beyond end of device
[  730.689538][ T4798] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[  730.704976][ T4798] syz.3.11714: attempt to access beyond end of device
[  730.704976][ T4798] loop3: rw=34817, sector=145, nr_sectors = 16 limit=128
[  730.778909][ T4801] netlink: 'syz.1.11715': attribute type 4 has an invalid length.
[  730.801458][ T4803] siw: device registration error -23
[  730.833030][ T4805] loop1: detected capacity change from 0 to 512
[  730.838750][ T4809] loop3: detected capacity change from 0 to 1024
[  730.879004][ T4813] loop3: detected capacity change from 0 to 512
[  730.880597][ T4814] loop1: detected capacity change from 0 to 2048
[  730.886951][ T4813] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  730.904372][ T4813] EXT4-fs (loop3): 1 truncate cleaned up
[  730.910312][ T4814]  loop1: p1 < > p4
[  730.910916][ T4814] loop1: p4 size 8388608 extends beyond EOD, truncated
[  730.923065][ T4813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  730.937381][ T4813] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  730.977475][ T4819] FAULT_INJECTION: forcing a failure.
[  730.977475][ T4819] name failslab, interval 1, probability 0, space 0, times 0
[  730.991435][ T4819] CPU: 0 UID: 0 PID: 4819 Comm: syz.3.11722 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  730.991531][ T4819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  730.991545][ T4819] Call Trace:
[  730.991552][ T4819]  <TASK>
[  730.991562][ T4819]  __dump_stack+0x1d/0x30
[  730.991589][ T4819]  dump_stack_lvl+0xe8/0x140
[  730.991608][ T4819]  dump_stack+0x15/0x1b
[  730.991625][ T4819]  should_fail_ex+0x265/0x280
[  730.991682][ T4819]  ? sctp_association_new+0x71/0x1200
[  730.991704][ T4819]  should_failslab+0x8c/0xb0
[  730.991727][ T4819]  __kmalloc_cache_noprof+0x4c/0x320
[  730.991763][ T4819]  sctp_association_new+0x71/0x1200
[  730.991850][ T4819]  ? sctp_do_bind+0x497/0x4b0
[  730.991875][ T4819]  ? sctp_v4_scope+0x140/0x150
[  730.991906][ T4819]  sctp_connect_new_asoc+0x1a8/0x3a0
[  730.991933][ T4819]  __sctp_connect+0x424/0x7a0
[  730.992026][ T4819]  ? release_sock+0x116/0x150
[  730.992078][ T4819]  sctp_inet_connect+0xe8/0x110
[  730.992113][ T4819]  ? __pfx_sctp_inet_connect+0x10/0x10
[  730.992186][ T4819]  __sys_connect+0x1ef/0x2b0
[  730.992211][ T4819]  __x64_sys_connect+0x3f/0x50
[  730.992231][ T4819]  x64_sys_call+0x1daa/0x2fb0
[  730.992253][ T4819]  do_syscall_64+0xd2/0x200
[  730.992302][ T4819]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  730.992334][ T4819]  ? clear_bhb_loop+0x40/0x90
[  730.992360][ T4819]  ? clear_bhb_loop+0x40/0x90
[  730.992386][ T4819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.992440][ T4819] RIP: 0033:0x7efeb7a8e969
[  730.992457][ T4819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.992476][ T4819] RSP: 002b:00007efeb60f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  730.992497][ T4819] RAX: ffffffffffffffda RBX: 00007efeb7cb5fa0 RCX: 00007efeb7a8e969
[  730.992510][ T4819] RDX: 0000000000000010 RSI: 0000200000004cc0 RDI: 0000000000000003
[  730.992603][ T4819] RBP: 00007efeb60f7090 R08: 0000000000000000 R09: 0000000000000000
[  730.992619][ T4819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  730.992714][ T4819] R13: 0000000000000000 R14: 00007efeb7cb5fa0 R15: 00007fff61138868
[  730.992737][ T4819]  </TASK>
[  731.356476][ T4825] hub 8-0:1.0: USB hub found
[  731.361252][ T4825] hub 8-0:1.0: 8 ports detected
[  731.852810][ T4836] FAULT_INJECTION: forcing a failure.
[  731.852810][ T4836] name failslab, interval 1, probability 0, space 0, times 0
[  731.865547][ T4836] CPU: 0 UID: 0 PID: 4836 Comm: syz.1.11728 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  731.865573][ T4836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  731.865582][ T4836] Call Trace:
[  731.865588][ T4836]  <TASK>
[  731.865608][ T4836]  __dump_stack+0x1d/0x30
[  731.865707][ T4836]  dump_stack_lvl+0xe8/0x140
[  731.865718][ T4836]  dump_stack+0x15/0x1b
[  731.865727][ T4836]  should_fail_ex+0x265/0x280
[  731.865744][ T4836]  should_failslab+0x8c/0xb0
[  731.865756][ T4836]  kmem_cache_alloc_noprof+0x50/0x310
[  731.865868][ T4836]  ? dst_alloc+0xbd/0x100
[  731.865882][ T4836]  dst_alloc+0xbd/0x100
[  731.865917][ T4836]  ip_route_output_key_hash_rcu+0xf16/0x1440
[  731.865932][ T4836]  ip_route_output_flow+0x7b/0x130
[  731.865950][ T4836]  udp_sendmsg+0x1197/0x13b0
[  731.865966][ T4836]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  731.866039][ T4836]  ? avc_has_perm+0xd3/0x150
[  731.866056][ T4836]  ? __pfx_udp_sendmsg+0x10/0x10
[  731.866100][ T4836]  inet_sendmsg+0xac/0xd0
[  731.866114][ T4836]  __sock_sendmsg+0x102/0x180
[  731.866182][ T4836]  ____sys_sendmsg+0x345/0x4e0
[  731.866197][ T4836]  ___sys_sendmsg+0x17b/0x1d0
[  731.866289][ T4836]  __sys_sendmmsg+0x178/0x300
[  731.866323][ T4836]  __x64_sys_sendmmsg+0x57/0x70
[  731.866337][ T4836]  x64_sys_call+0x2f2f/0x2fb0
[  731.866401][ T4836]  do_syscall_64+0xd2/0x200
[  731.866415][ T4836]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  731.866428][ T4836]  ? clear_bhb_loop+0x40/0x90
[  731.866440][ T4836]  ? clear_bhb_loop+0x40/0x90
[  731.866518][ T4836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.866535][ T4836] RIP: 0033:0x7fef10bde969
[  731.866545][ T4836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  731.866556][ T4836] RSP: 002b:00007fef0f247038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  731.866568][ T4836] RAX: ffffffffffffffda RBX: 00007fef10e05fa0 RCX: 00007fef10bde969
[  731.866576][ T4836] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000005
[  731.866603][ T4836] RBP: 00007fef0f247090 R08: 0000000000000000 R09: 0000000000000000
[  731.866612][ T4836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  731.866620][ T4836] R13: 0000000000000000 R14: 00007fef10e05fa0 R15: 00007fff11935e78
[  731.866634][ T4836]  </TASK>
[  731.867296][ T3392] IPVS: starting estimator thread 0...
[  731.912708][ T4839] loop1: detected capacity change from 0 to 512
[  732.001494][ T4837] IPVS: using max 2496 ests per chain, 124800 per kthread
[  732.008518][ T4839] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  732.136048][ T4839] EXT4-fs warning (device loop1): dx_probe:837: inode #2: comm syz.1.11729: Unimplemented hash flags: 0x0001
[  732.147740][ T4839] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.11729: Corrupt directory, running e2fsck is recommended
[  732.163943][ T4839] EXT4-fs warning (device loop1): dx_probe:837: inode #2: comm syz.1.11729: Unimplemented hash flags: 0x0001
[  732.176067][ T4839] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.11729: Corrupt directory, running e2fsck is recommended
[  732.205388][T32715] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  732.226539][ T4843] siw: device registration error -23
[  732.253002][ T4847] loop1: detected capacity change from 0 to 2048
[  732.311749][ T4847]  loop1: p1 < > p4
[  732.316600][ T4847] loop1: p4 size 8388608 extends beyond EOD, truncated
[  732.366032][ T4852] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11734'.
[  732.473554][ T4862] netlink: 28 bytes leftover after parsing attributes in process `syz.7.11739'.
[  732.531844][ T4867] FAULT_INJECTION: forcing a failure.
[  732.531844][ T4867] name failslab, interval 1, probability 0, space 0, times 0
[  732.544600][ T4867] CPU: 0 UID: 0 PID: 4867 Comm: syz.1.11741 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  732.544622][ T4867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  732.544630][ T4867] Call Trace:
[  732.544636][ T4867]  <TASK>
[  732.544641][ T4867]  __dump_stack+0x1d/0x30
[  732.544658][ T4867]  dump_stack_lvl+0xe8/0x140
[  732.544686][ T4867]  dump_stack+0x15/0x1b
[  732.544696][ T4867]  should_fail_ex+0x265/0x280
[  732.544717][ T4867]  should_failslab+0x8c/0xb0
[  732.544786][ T4867]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  732.544802][ T4867]  ? sidtab_sid2str_get+0xa0/0x130
[  732.544863][ T4867]  kmemdup_noprof+0x2b/0x70
[  732.544877][ T4867]  sidtab_sid2str_get+0xa0/0x130
[  732.544895][ T4867]  security_sid_to_context_core+0x1eb/0x2e0
[  732.544909][ T4867]  security_sid_to_context+0x27/0x40
[  732.544920][ T4867]  selinux_lsmprop_to_secctx+0x67/0xf0
[  732.544994][ T4867]  security_lsmprop_to_secctx+0x43/0x80
[  732.545011][ T4867]  audit_log_task_context+0x77/0x190
[  732.545029][ T4867]  audit_log_task+0xf4/0x250
[  732.545045][ T4867]  audit_seccomp+0x61/0x100
[  732.545081][ T4867]  ? __seccomp_filter+0x68c/0x10d0
[  732.545094][ T4867]  __seccomp_filter+0x69d/0x10d0
[  732.545113][ T4867]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  732.545129][ T4867]  ? vfs_write+0x75e/0x8e0
[  732.545146][ T4867]  ? __rcu_read_unlock+0x4f/0x70
[  732.545176][ T4867]  ? __fget_files+0x184/0x1c0
[  732.545195][ T4867]  __secure_computing+0x82/0x150
[  732.545215][ T4867]  syscall_trace_enter+0xcf/0x1e0
[  732.545234][ T4867]  do_syscall_64+0xac/0x200
[  732.545340][ T4867]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  732.545409][ T4867]  ? clear_bhb_loop+0x40/0x90
[  732.545451][ T4867]  ? clear_bhb_loop+0x40/0x90
[  732.545499][ T4867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.545514][ T4867] RIP: 0033:0x7fef10bde969
[  732.545526][ T4867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  732.545615][ T4867] RSP: 002b:00007fef0f247038 EFLAGS: 00000246 ORIG_RAX: 000000000000006a
[  732.545630][ T4867] RAX: ffffffffffffffda RBX: 00007fef10e05fa0 RCX: 00007fef10bde969
[  732.545639][ T4867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  732.545661][ T4867] RBP: 00007fef0f247090 R08: 0000000000000000 R09: 0000000000000000
[  732.545670][ T4867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  732.545679][ T4867] R13: 0000000000000000 R14: 00007fef10e05fa0 R15: 00007fff11935e78
[  732.545759][ T4867]  </TASK>
[  732.556857][ T4869] loop7: detected capacity change from 0 to 2048
[  732.826234][ T4872] loop1: detected capacity change from 0 to 2048
[  732.930797][ T4872]  loop1: p1 < > p4
[  732.935229][ T4872] loop1: p4 size 8388608 extends beyond EOD, truncated
[  732.936101][ T4884] loop9: detected capacity change from 0 to 128
[  732.952539][ T4869] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  733.018017][ T1112] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  733.056264][ T4902] FAULT_INJECTION: forcing a failure.
[  733.056264][ T4902] name failslab, interval 1, probability 0, space 0, times 0
[  733.070364][ T4902] CPU: 0 UID: 0 PID: 4902 Comm: syz.7.11752 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  733.070467][ T4902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  733.070533][ T4902] Call Trace:
[  733.070542][ T4902]  <TASK>
[  733.070551][ T4902]  __dump_stack+0x1d/0x30
[  733.070575][ T4902]  dump_stack_lvl+0xe8/0x140
[  733.070596][ T4902]  dump_stack+0x15/0x1b
[  733.070653][ T4902]  should_fail_ex+0x265/0x280
[  733.070688][ T4902]  should_failslab+0x8c/0xb0
[  733.070760][ T4902]  kmem_cache_alloc_noprof+0x50/0x310
[  733.070789][ T4902]  ? security_inode_alloc+0x37/0x100
[  733.070824][ T4902]  security_inode_alloc+0x37/0x100
[  733.070918][ T4902]  inode_init_always_gfp+0x4b7/0x500
[  733.070941][ T4902]  ? __pfx_pidfs_alloc_inode+0x10/0x10
[  733.070971][ T4902]  alloc_inode+0x58/0x170
[  733.070991][ T4902]  path_from_stashed+0x119/0x4f0
[  733.071091][ T4902]  pidfs_register_pid+0x95/0x120
[  733.071119][ T4902]  unix_stream_connect+0x20c/0xa50
[  733.071156][ T4902]  ? selinux_socket_connect+0x57/0x70
[  733.071191][ T4902]  ? __pfx_unix_stream_connect+0x10/0x10
[  733.071236][ T4902]  __sys_connect+0x1ef/0x2b0
[  733.071306][ T4902]  __x64_sys_connect+0x3f/0x50
[  733.071352][ T4902]  x64_sys_call+0x1daa/0x2fb0
[  733.071376][ T4902]  do_syscall_64+0xd2/0x200
[  733.071440][ T4902]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  733.071519][ T4902]  ? clear_bhb_loop+0x40/0x90
[  733.071543][ T4902]  ? clear_bhb_loop+0x40/0x90
[  733.071567][ T4902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.071640][ T4902] RIP: 0033:0x7f178380e969
[  733.071658][ T4902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  733.071679][ T4902] RSP: 002b:00007f1781e77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  733.071701][ T4902] RAX: ffffffffffffffda RBX: 00007f1783a35fa0 RCX: 00007f178380e969
[  733.071716][ T4902] RDX: 000000000000006e RSI: 0000200000000640 RDI: 0000000000000006
[  733.071730][ T4902] RBP: 00007f1781e77090 R08: 0000000000000000 R09: 0000000000000000
[  733.071744][ T4902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  733.071757][ T4902] R13: 0000000000000000 R14: 00007f1783a35fa0 R15: 00007ffda605de38
[  733.071840][ T4902]  </TASK>
[  733.306619][ T4904] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  733.398104][ T4914] loop9: detected capacity change from 0 to 2048
[  733.426107][ T4904] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  733.452641][ T4914] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  733.466633][ T4904] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  733.478327][ T4914] EXT4-fs error (device loop9): ext4_find_extent:939: inode #2: comm syz.9.11759: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  733.517398][ T2310] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  733.552042][ T4921] loop9: detected capacity change from 0 to 2048
[  733.559874][ T4904] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  733.589510][ T4921]  loop9: p1 < > p4
[  733.594087][ T4921] loop9: p4 size 8388608 extends beyond EOD, truncated
[  733.657418][ T4904] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  733.670505][ T4904] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  733.683843][ T4904] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  733.696146][ T4904] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  734.043237][ T4940] FAULT_INJECTION: forcing a failure.
[  734.043237][ T4940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  734.056430][ T4940] CPU: 1 UID: 0 PID: 4940 Comm: syz.3.11767 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  734.056465][ T4940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  734.056548][ T4940] Call Trace:
[  734.056558][ T4940]  <TASK>
[  734.056569][ T4940]  __dump_stack+0x1d/0x30
[  734.056596][ T4940]  dump_stack_lvl+0xe8/0x140
[  734.056630][ T4940]  dump_stack+0x15/0x1b
[  734.056651][ T4940]  should_fail_ex+0x265/0x280
[  734.056719][ T4940]  should_fail+0xb/0x20
[  734.056752][ T4940]  should_fail_usercopy+0x1a/0x20
[  734.056853][ T4940]  _copy_from_user+0x1c/0xb0
[  734.056877][ T4940]  __sys_bpf+0x178/0x790
[  734.056912][ T4940]  __x64_sys_bpf+0x41/0x50
[  734.057018][ T4940]  x64_sys_call+0x2478/0x2fb0
[  734.057067][ T4940]  do_syscall_64+0xd2/0x200
[  734.057168][ T4940]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  734.057194][ T4940]  ? clear_bhb_loop+0x40/0x90
[  734.057215][ T4940]  ? clear_bhb_loop+0x40/0x90
[  734.057294][ T4940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.057351][ T4940] RIP: 0033:0x7efeb7a8e969
[  734.057367][ T4940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.057385][ T4940] RSP: 002b:00007efeb60f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  734.057408][ T4940] RAX: ffffffffffffffda RBX: 00007efeb7cb5fa0 RCX: 00007efeb7a8e969
[  734.057424][ T4940] RDX: 0000000000000038 RSI: 0000200000000400 RDI: 000000000000001a
[  734.057521][ T4940] RBP: 00007efeb60f7090 R08: 0000000000000000 R09: 0000000000000000
[  734.057536][ T4940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.057551][ T4940] R13: 0000000000000000 R14: 00007efeb7cb5fa0 R15: 00007fff61138868
[  734.057571][ T4940]  </TASK>
[  734.358842][   T29] kauditd_printk_skb: 434 callbacks suppressed
[  734.358862][   T29] audit: type=1400 audit(2000000348.470:86093): avc:  denied  { bind } for  pid=4944 comm="syz.3.11769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  734.433516][ T4947] loop3: detected capacity change from 0 to 512
[  734.463813][ T4947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  734.497394][ T4947] ext4 filesystem being mounted at /490/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  734.580922][T30610] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  734.622248][   T29] audit: type=1326 audit(2000000348.740:86094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4957 comm="syz.3.11774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  734.647079][   T29] audit: type=1326 audit(2000000348.740:86095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4957 comm="syz.3.11774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  734.671897][   T29] audit: type=1326 audit(2000000348.740:86096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4957 comm="syz.3.11774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  734.695627][   T29] audit: type=1326 audit(2000000348.740:86097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4957 comm="syz.3.11774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  734.719618][   T29] audit: type=1326 audit(2000000348.740:86098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4957 comm="syz.3.11774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  734.744200][   T29] audit: type=1326 audit(2000000348.740:86099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4957 comm="syz.3.11774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  734.767857][   T29] audit: type=1326 audit(2000000348.740:86100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4957 comm="syz.3.11774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  734.792369][   T29] audit: type=1326 audit(2000000348.740:86101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4957 comm="syz.3.11774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efeb7a8e969 code=0x7ffc0000
[  734.995494][   T29] audit: type=1326 audit(2000000349.110:86102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4976 comm="syz.7.11780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f178380e969 code=0x7ffc0000
[  735.070010][ T4980] loop3: detected capacity change from 0 to 512
[  735.078645][ T4980] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.11781: Parent and EA inode have the same ino 15
[  735.091915][ T4980] EXT4-fs (loop3): Remounting filesystem read-only
[  735.098551][ T4980] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  735.108970][ T4980] EXT4-fs (loop3): 1 orphan inode deleted
[  735.115241][ T4980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  735.128750][ T4980] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  735.385441][ T5000] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11789'.
[  735.511013][ T5002] netlink: 80 bytes leftover after parsing attributes in process `syz.3.11790'.
[  735.961607][ T5008] hub 8-0:1.0: USB hub found
[  735.966403][ T5008] hub 8-0:1.0: 8 ports detected
[  736.319096][ T5010] loop6: detected capacity change from 0 to 128
[  736.331881][ T5010] syz.6.11793: attempt to access beyond end of device
[  736.331881][ T5010] loop6: rw=2049, sector=145, nr_sectors = 16 limit=128
[  736.346906][ T5010] syz.6.11793: attempt to access beyond end of device
[  736.346906][ T5010] loop6: rw=34817, sector=145, nr_sectors = 16 limit=128
[  736.594700][ T5022] loop6: detected capacity change from 0 to 1024
[  736.641359][ T5024] loop6: detected capacity change from 0 to 2048
[  736.649017][ T5026] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11800'.
[  736.651721][ T5024] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  736.653695][ T5024] EXT4-fs error (device loop6): ext4_find_extent:939: inode #2: comm syz.6.11799: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  736.749086][ T5032] netlink: 80 bytes leftover after parsing attributes in process `syz.9.11801'.
[  736.781430][  T580] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  736.828941][ T5034] loop9: detected capacity change from 0 to 512
[  736.876606][ T5034] EXT4-fs (loop9): 1 orphan inode deleted
[  736.885931][ T5034] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  736.900790][   T31] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[  736.913813][ T5034] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  736.964714][ T2310] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  736.966252][ T5050] loop3: detected capacity change from 0 to 1024
[  737.017464][ T5055] netlink: 388 bytes leftover after parsing attributes in process `syz.6.11811'.
[  737.047749][ T5059] blkio.reset_stats is deprecated
[  737.056304][ T5055] bridge_slave_0: left allmulticast mode
[  737.056314][ T5057] loop3: detected capacity change from 0 to 2048
[  737.069276][ T5055] bridge0: port 1(bridge_slave_0) entered disabled state
[  737.078985][ T5057] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  737.114690][ T5055] bridge_slave_1: left allmulticast mode
[  737.122611][ T5055] bridge_slave_1: left promiscuous mode
[  737.128384][ T5055] bridge0: port 2(bridge_slave_1) entered disabled state
[  737.139975][ T5057] EXT4-fs error (device loop3): ext4_find_extent:939: inode #2: comm syz.3.11812: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  737.203780][ T5055] bond0: (slave 
7
7�): Releasing backup interface
[  737.213402][ T5055] �: left promiscuous mode
[  737.224530][ T5055] bond0: (slave bond_slave_1): Releasing backup interface
[  737.232843][T30610] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  737.244677][ T5055] bond_slave_1: left promiscuous mode
[  737.261031][ T5055] team0: Port device team_slave_0 removed
[  737.278768][ T5055] team0: Port device team_slave_1 removed
[  737.287037][ T5055] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  737.294921][ T5055] batman_adv: batadv0: Removing interface: batadv_slave_0
[  737.304862][ T5055] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  737.312402][ T5055] batman_adv: batadv0: Removing interface: batadv_slave_1
[  737.372159][ T5075] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11817'.
[  737.469728][ T5084] loop9: detected capacity change from 0 to 1024
[  737.488429][ T5088] loop1: detected capacity change from 0 to 128
[  737.503745][ T5088] syz.1.11823: attempt to access beyond end of device
[  737.503745][ T5088] loop1: rw=2049, sector=145, nr_sectors = 16 limit=128
[  737.531385][ T5088] syz.1.11823: attempt to access beyond end of device
[  737.531385][ T5088] loop1: rw=34817, sector=145, nr_sectors = 16 limit=128
[  737.568488][ T5093] loop9: detected capacity change from 0 to 2048
[  737.570815][ T5095] SELinux: security_context_str_to_sid (�	������lN��}ĽwL&b��Y��K�BB��2��k�?j�1���p�-��X!�A��:���?q���D�V��'���) failed with errno=-22
[  737.601731][ T5093] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  737.623346][ T5093] EXT4-fs error (device loop9): ext4_find_extent:939: inode #2: comm syz.9.11825: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  737.651850][ T2310] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  737.793478][ T5120] loop1: detected capacity change from 0 to 1024
[  737.847764][ T5127] loop1: detected capacity change from 0 to 2048
[  737.863419][ T5127] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  737.878505][ T5127] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.11839: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  737.908339][T32715] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  737.955626][ T5135] netlink: 'syz.1.11841': attribute type 4 has an invalid length.
[  738.047805][ T5144] loop7: detected capacity change from 0 to 2048
[  738.071947][ T5144] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  738.087094][ T5144] EXT4-fs error (device loop7): ext4_lookup:1787: inode #12: comm syz.7.11845: iget: bogus i_mode (4355)
[  738.112674][ T5144] netlink: 'syz.7.11845': attribute type 3 has an invalid length.
[  738.121227][ T5144] netlink: 666 bytes leftover after parsing attributes in process `syz.7.11845'.
[  738.146338][ T5144] FAULT_INJECTION: forcing a failure.
[  738.146338][ T5144] name failslab, interval 1, probability 0, space 0, times 0
[  738.160956][ T5156] loop1: detected capacity change from 0 to 1024
[  738.167339][ T5144] CPU: 0 UID: 0 PID: 5144 Comm: syz.7.11845 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  738.167374][ T5144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  738.167448][ T5144] Call Trace:
[  738.167457][ T5144]  <TASK>
[  738.167467][ T5144]  __dump_stack+0x1d/0x30
[  738.167492][ T5144]  dump_stack_lvl+0xe8/0x140
[  738.167512][ T5144]  dump_stack+0x15/0x1b
[  738.167529][ T5144]  should_fail_ex+0x265/0x280
[  738.167561][ T5144]  should_failslab+0x8c/0xb0
[  738.167673][ T5144]  kmem_cache_alloc_noprof+0x50/0x310
[  738.167700][ T5144]  ? audit_log_start+0x365/0x6c0
[  738.167730][ T5144]  audit_log_start+0x365/0x6c0
[  738.167810][ T5144]  audit_seccomp+0x48/0x100
[  738.167840][ T5144]  ? __seccomp_filter+0x68c/0x10d0
[  738.167868][ T5144]  __seccomp_filter+0x69d/0x10d0
[  738.167914][ T5144]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  738.167939][ T5144]  ? vfs_write+0x75e/0x8e0
[  738.168001][ T5144]  ? __rcu_read_unlock+0x4f/0x70
[  738.168026][ T5144]  ? __fget_files+0x184/0x1c0
[  738.168100][ T5144]  __secure_computing+0x82/0x150
[  738.168127][ T5144]  syscall_trace_enter+0xcf/0x1e0
[  738.168154][ T5144]  do_syscall_64+0xac/0x200
[  738.168204][ T5144]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  738.168234][ T5144]  ? clear_bhb_loop+0x40/0x90
[  738.168259][ T5144]  ? clear_bhb_loop+0x40/0x90
[  738.168282][ T5144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.168334][ T5144] RIP: 0033:0x7f178380e969
[  738.168355][ T5144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  738.168376][ T5144] RSP: 002b:00007f1781e77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  738.168401][ T5144] RAX: ffffffffffffffda RBX: 00007f1783a35fa0 RCX: 00007f178380e969
[  738.168434][ T5144] RDX: 0000000000000010 RSI: 0000200000000340 RDI: 0000000000000008
[  738.168447][ T5144] RBP: 00007f1781e77090 R08: 0000000000000000 R09: 0000000000000000
[  738.168461][ T5144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  738.168475][ T5144] R13: 0000000000000000 R14: 00007f1783a35fa0 R15: 00007ffda605de38
[  738.168496][ T5144]  </TASK>
[  738.399966][ T1112] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  738.413393][ T5155] loop6: detected capacity change from 0 to 2048
[  738.447974][ T5155] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  738.463842][ T5166] loop1: detected capacity change from 0 to 2048
[  738.463875][ T5168] netlink: 'syz.7.11853': attribute type 4 has an invalid length.
[  738.463983][ T5166] ==================================================================
[  738.464026][ T5166] BUG: KCSAN: data-race in data_push_tail / vsnprintf
[  738.464081][ T5166] 
[  738.464091][ T5166] write to 0xffffffff88e2bd67 of 18 bytes by task 5168 on cpu 0:
[  738.464113][ T5166]  vsnprintf+0x2ce/0x890
[  738.464149][ T5166]  vscnprintf+0x41/0x90
[  738.464184][ T5166]  printk_sprint+0x30/0x2d0
[  738.464205][ T5166]  vprintk_store+0x599/0x860
[  738.464227][ T5166]  vprintk_emit+0x178/0x650
[  738.464255][ T5166]  vprintk_default+0x26/0x30
[  738.464278][ T5166]  vprintk+0x1d/0x30
[  738.464307][ T5166]  _printk+0x79/0xa0
[  738.464340][ T5166]  __nla_validate_parse+0x1227/0x1d00
[  738.464367][ T5166]  __nla_parse+0x40/0x60
[  738.464390][ T5166]  rtnl_setlink+0xd2/0x420
[  738.464425][ T5166]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  738.464457][ T5166]  netlink_rcv_skb+0x123/0x220
[  738.464482][ T5166]  rtnetlink_rcv+0x1c/0x30
[  738.464508][ T5166]  netlink_unicast+0x59e/0x670
[  738.464533][ T5166]  netlink_sendmsg+0x58b/0x6b0
[  738.464565][ T5166]  __sock_sendmsg+0x142/0x180
[  738.464603][ T5166]  sock_write_iter+0x165/0x1b0
[  738.464631][ T5166]  do_iter_readv_writev+0x3ee/0x4b0
[  738.464652][ T5166]  vfs_writev+0x2df/0x8b0
[  738.464689][ T5166]  do_writev+0xe7/0x210
[  738.464717][ T5166]  __x64_sys_writev+0x45/0x50
[  738.464740][ T5166]  x64_sys_call+0x2006/0x2fb0
[  738.464769][ T5166]  do_syscall_64+0xd2/0x200
[  738.464799][ T5166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.464823][ T5166] 
[  738.464832][ T5166] read to 0xffffffff88e2bd78 of 8 bytes by task 5166 on cpu 1:
[  738.464855][ T5166]  data_push_tail+0xfd/0x420
[  738.464890][ T5166]  data_alloc+0xbf/0x2b0
[  738.464918][ T5166]  prb_reserve+0x808/0xaf0
[  738.464948][ T5166]  vprintk_store+0x56d/0x860
[  738.464970][ T5166]  vprintk_emit+0x178/0x650
[  738.464993][ T5166]  vprintk_default+0x26/0x30
[  738.465017][ T5166]  vprintk+0x1d/0x30
[  738.465045][ T5166]  _printk+0x79/0xa0
[  738.465079][ T5166]  set_capacity_and_notify+0x14c/0x1f0
[  738.465105][ T5166]  loop_set_size+0x2e/0x70
[  738.465128][ T5166]  loop_configure+0x8d3/0xa50
[  738.465156][ T5166]  lo_ioctl+0x559/0x15d0
[  738.465188][ T5166]  blkdev_ioctl+0x352/0x440
[  738.465226][ T5166]  __se_sys_ioctl+0xce/0x140
[  738.465262][ T5166]  __x64_sys_ioctl+0x43/0x50
[  738.465294][ T5166]  x64_sys_call+0x19a8/0x2fb0
[  738.465318][ T5166]  do_syscall_64+0xd2/0x200
[  738.465348][ T5166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.465370][ T5166] 
[  738.465377][ T5166] value changed: 0x0000000100004537 -> 0x206e612073616820
[  738.465391][ T5166] 
[  738.465397][ T5166] Reported by Kernel Concurrency Sanitizer on:
[  738.465410][ T5166] CPU: 1 UID: 0 PID: 5166 Comm: syz.1.11854 Not tainted 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(voluntary) 
[  738.465443][ T5166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  738.465459][ T5166] ==================================================================
[  738.493772][ T5155] EXT4-fs error (device loop6): ext4_lookup:1787: inode #12: comm syz.6.11849: iget: bogus i_mode (4355)
[  738.511246][ T5166] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  738.515450][ T5155] netlink: 'syz.6.11849': attribute type 3 has an invalid length.
[  738.518575][ T5166] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.11854: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  738.520922][ T5155] netlink: 666 bytes leftover after parsing attributes in process `syz.6.11849'.
[  738.841661][  T580] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  738.861991][T32715] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.