last executing test programs:

6m3.899015795s ago: executing program 32 (id=65):
unshare(0x60060200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xe4ff5000)
socketpair(0x22, 0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYRES32], 0x48)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd075}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) (async)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003b00)=[{{&(0x7f0000000040)={0x2, 0x0, @empty}, 0x10, 0x0}}], 0x1, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x200200, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='gid_map\x00')
lseek(r4, 0x289e0cb5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="28000000c0ffffff02000000250f000000000300", @ANYRES32=0x1, @ANYBLOB="ffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000082500000000000000000", @ANYRES32, @ANYBLOB], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0xffffffffffffffff, <r5=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000140)}, 0x20)
socket$inet_udplite(0x2, 0x2, 0x88) (async)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r7=>0x0})
socket(0x18, 0x800, 0x0) (async)
r8 = socket(0x18, 0x800, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r7, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r8, @ANYRES32=r8], 0x44}}, 0x2000800)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00') (async)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r9, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8) (async)
writev(r9, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0xf, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000006000000000000000000006018110000", @ANYRES32=0x1, @ANYBLOB="0000000008000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000340)='GPL\x00', 0x0, 0x91, &(0x7f00000006c0)=""/145, 0x41000, 0x21, '\x00', r7, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x200}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000780)=[0x1, 0xffffffffffffffff, 0x1], &(0x7f00000007c0)=[{0x2, 0x1, 0x5}, {0x2, 0x85, 0x8, 0x3}, {0x0, 0x5, 0x3, 0xa}], 0x10, 0xbf5c}, 0x94) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0xf, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000006000000000000000000006018110000", @ANYRES32=0x1, @ANYBLOB="0000000008000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000340)='GPL\x00', 0x0, 0x91, &(0x7f00000006c0)=""/145, 0x41000, 0x21, '\x00', r7, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0x8, 0x3, 0x200}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000780)=[0x1, 0xffffffffffffffff, 0x1], &(0x7f00000007c0)=[{0x2, 0x1, 0x5}, {0x2, 0x85, 0x8, 0x3}, {0x0, 0x5, 0x3, 0xa}], 0x10, 0xbf5c}, 0x94)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000900)=@generic={&(0x7f00000008c0)='./file0\x00', 0x0, 0x18}, 0x18) (async)
r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000900)=@generic={&(0x7f00000008c0)='./file0\x00', 0x0, 0x18}, 0x18)
r11 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000980)=@generic={&(0x7f0000000940)='./file0\x00', 0x0, 0x8}, 0x18)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1c, 0x1b, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x1, 0x39, &(0x7f0000000240)=""/57, 0x41100, 0x1, '\x00', r7, @fallback=0x33, r9, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x3, 0x6, 0x101, 0x4}, 0x10, 0xffffffffffffffff, r0, 0x2, &(0x7f00000009c0)=[r10, r11], &(0x7f0000000a00)=[{0x4, 0x4, 0xc, 0x8}, {0x5, 0x1, 0xd, 0x9}], 0x10, 0x4}, 0x94)
socket(0x10, 0x803, 0x0) (async)
r13 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r13, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r13, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r13, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b00)=ANY=[@ANYBLOB="5c00000010080000fcdbdf2500000000", @ANYRES64=r12, @ANYBLOB="890c0400000000003c0012800b000100697036746e6c00002c00028014000300fc02000000000000"], 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async)
sendmsg$nl_route(r13, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b00)=ANY=[@ANYBLOB="5c00000010080000fcdbdf2500000000", @ANYRES64=r12, @ANYBLOB="890c0400000000003c0012800b000100697036746e6c00002c00028014000300fc02000000000000"], 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1f, @loopback}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x8}}], 0x18}}], 0x1, 0x4040880)

5m37.513717259s ago: executing program 33 (id=357):
r0 = socket(0x2, 0x80805, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000080)={0x2, 0x4, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x2, 0x0)

5m35.777301643s ago: executing program 34 (id=377):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r4}, 0x18)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, 0x0, 0x4000010)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1e, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="180000000000000000023ba72f57fc9cc463ce4c09fa6800000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000b08000000b7040000000000008500000001000000957f7dbc68b8177527f6a775badb2e2e7c205e4414ed557c95bb5e7bf6bfb53d5fc6abcbc9515fb4d1c9a2ec0a6e0df7b48e3a76b7c131d78eb16e5c29876e058b099f41d031983a22e22aaa9d33faff45fe2951049af6ff3ab695536aec575787d6b94b600acac45e4ac0668cc4ddadb4165c23641caf68c8a76631474491088bf1687cf5a16b0a3257962b51e1f0a3fe19497dae6a5d71552312b8ab9ad85a8543e8feb4b38e3437cb4fad119f80d88e440f5aa68477728b5980bf7cda5c2ffa5570f03a93cc7e6d472d854aa7d0b05514a31d5726df499fd508f6397026f01b8b75b4255a9b83c43e4eeaa6092072f7c221cc95e60119b7c1e3df4f195fc7d894f576a86e94f8146c25f65816b9467e7c3d0aeaf83e67877263b6296e4bab2244c24f156712ed308089af66f159598e49f73db3948941a155f12cb6d712aef0c494c63fca5e2d977658eff8d373119125d17185b591f5eaeb924b3a7e1814bc1ff11529671c0fbca942486075811e3c83f672f375414486c1befd191e1d5b242cc494ad773bb9949367b7ddbb9725df8c7f637ebde8c1a8e2bcb4713d39a010665462542d10d3d3ff32e12ec437da6a", @ANYRESOCT=r5, @ANYRES8=r6, @ANYRESDEC=r3, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72c9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1], 0x0, 0x8000, 0x0, 0x0, 0x40f00, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r7, 0x0, 0x1}, 0x18)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r8, 0x4c82)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x2}, 0x94)
open$dir(0x0, 0x804000, 0x0)
getrlimit(0x5, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
socket$igmp6(0xa, 0x3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

4m42.598125229s ago: executing program 6 (id=1076):
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001500192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1", 0x20}], 0x1)
r0 = syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
lgetxattr(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trusted.'], 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB='8\x00\x00', @ANYRESDEC=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0)
close(r6)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
socket$unix(0x1, 0x5, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x9, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendfile(r2, r2, 0x0, 0xffff)
sendmsg$nl_route_sched(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x2070b921, 0x80003, {0x0, 0x0, 0x0, r9, {}, {0x2, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x2, 0xfffffff8}}}]}, 0x3c}}, 0x4000800)
ioctl$SIOCSIFHWADDR(r6, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f00000006c0)=ANY=[@ANYRESHEX=0x0, @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095", @ANYBLOB="122913db0b683ba10066e08dc08d8f54a7902f3c519d32ae65e298128fceab311e6f39f16da2fcd594636024a9597d25be11843dbc5b60eb24992e5ea28307023a9219384ba09ea5242840e303a7852afb1c8c89717aaed948914eee2198c747b935bb7906b723aabc8ac432857e94c41184f24e0660ab85ae375fd3e64d821450", @ANYBLOB="621706171e718d00183d4d401117c4ae5b30214476f7eaa0c7ef69cd77", @ANYBLOB="3af33b6ecd27ea58cc5f220bed6c0eb50659e2a8e46310e9ec92306db5570113c42a7cdd2f6411b98e2a4f8ecdec86ce382bc70861c752c3d4ae9f8911dd5b2de2916cb8c8e83e1ed060f92b99e20c28fbe28a8b18046e14a406af9837ad4fd9f9ebf5ba70180bb0f07e7ba9dad4cbd6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4800000010000104fcffffff8000000000000002", @ANYRES32=0x0, @ANYBLOB="0315000000000000280012800b0001006d61637365630000180002800c000400feffffffffffffff0500030008000000"], 0x48}, 0x1, 0x0, 0x0, 0x2004d808}, 0x20030004)
close(r0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000300)='./bus\x00', &(0x7f0000000340), &(0x7f0000000840)=ANY=[@ANYBLOB="00fba0000af624e8e91fcb93376947578767a36b61fef19472db00fabad7ca230ff795169646043b32900734faaf1d08d5e6b3c0c52b6968436f6b41e57c73a2d0b7cc82991a2fea898b787561c9e9fdede7fca189c2b7ab02862b559a82d70258789c1ffcb8604667aa15ec9f4d7d5cb60383a92767c379c59e28dab974720abac53c7de7c55ea4872842e95d5993c6d881e562a0f187e518758016b43475cd4209ca576cc09ff9ef47c7bb71836e39"], 0xa0, 0x3)
mkdir(&(0x7f0000000100)='./bus\x00', 0xe8)

4m42.218710316s ago: executing program 6 (id=1085):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='attr/prev\x00')
readv(r2, &(0x7f0000001440)=[{&(0x7f0000000040)=""/20, 0x5}, {0x0, 0x2}], 0x2)

4m42.202324776s ago: executing program 6 (id=1086):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='attr/prev\x00')
readv(r2, &(0x7f0000001440)=[{&(0x7f0000000040)=""/20, 0x5}, {0x0, 0x2}], 0x2)

4m41.968720631s ago: executing program 6 (id=1088):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x11218a, 0x10000, 0xfffffffe, 0x1, 0x8, 0xfffffffa, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000006c0)={[{@noquota}, {@noquota}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x2, 0x4f3, &(0x7f0000000700)="$eJzs3c9vG0sdAPDvOnGTtHk4Dzg8nsSjgofSCmonDW0jDiVICE6VKOXCKYTEiaI4cRQ7bRNVKBV/ABLil+DEiQsSZ4SE+icgpEpwRwiBKmjLgQNgtM6ahtRJnNc4buPPR5ru7M7ufmfqeOzZWXkD6FsXI2ImIgYi4nJEFLLtuSzFzm5K93v29MF8mpJoDN35WxJJtq11riRbXsgOG46Ir30l4lvJy3FrW9src5VKeSNbL9VX10u1re0ry6tzS+Wl8trM1OT16RvT16YnTqytN7/05x9+9+dfvvmbz9774+xfL307rdZoVra3HZ3Y6XC/3abnm/8XLYMRsXGcYK+xgaw9+V5XBACAjqTf8T8cEZ+MiOc/6XVtAAAAgG5ofGE0/pVENAAAAIAzK9e8BzbJFbN7AUYjlysWd+/h/Wicz1WqtfpnFqubawu798qORT63uFwpT2T3Co9FPknXJ5v5F+tX961PRcTbEfH9wkhzvThfrSz0+uIHAAAA9IkL+8b//yjsjv8BAACAM2as1xUAAAAAus74HwAAAM6+A8f/yeDpVgQAAADohq/eupWmRuv51wt3tzZXqnevLJRrK8XVzfnifHVjvbhUrS41f7Nv9ajzVarV9c/F2ub9Ur1cq5dqW9uzq9XNtfps87nes+VG4VSaBQAAAOzx9ice/SGJiJ3PjzRT6lxWlj/68Jnu1g7optzxdk+6VQ/g9A30ugJAz7jBF/pXB2N84Iw7YmD/g33rx7xsAAAAvA7GP/ZK8//mA+ENZiAP/cv8P/Qv8//Qv8z/Q58bOnqX4YMKfnvCdQEAALpmtJmSXDGbCxyNXK5YjHir+ViAfLK4XClPRMSHIuL3hfxQuj7Z60oDAAAAAAAAAAAAAAAAAAAAAAAAwBum0UiiAQAAAJxpEbm/JNmD/McL74/uvz5wLvlnobmMiHs/vfOj+3P1+sZkuv3v/9te/3G2/WprS+obp3wlAwAAAGhpjdNb43gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEnPnj6Yb6XTjPvkixEx1i7+YAw3l8O/KkTE+edJDO45LomIgROIv/MwIt5pFz9JqxVjWS32x89FxEiP4184gfjQzx6l/c9M+v7L73v/5eJic9n+/TeYpVf15OJB/V+u1f81+7l2/d9bh596uJV59/EvSy+VFrL4DyPeHWzf/7TiJ+3in+u8jd/8+vb2QWWNn0WMH/H5k8Yv1VfXS7Wt7SvLq3NL5aXy2tTU5PXpG9PXpidKi8uVcvZv2xjf+/iv/3NQ/LT959vG3+1/D2x/RLzfYfv//fj+048cEv/Sp9q//u8cEj/9m/h09jmQlo+38ju7+b3e+8Xv3jus/QsHtP/Q1z8iLnXY/su3v/OnDncFAE5BbWt7Za5SKW90JTPStTPLpJnq2lH7pN8TP3CI/Kn8kch0M3M7ew2PfXgPOyUAAKArXnzp319yjAkeAAAAAAAAAAAAAAAAAAAA4JV0/UfIhv7/lwWGe9dUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBD/TcAAP//V7HNuw==")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x617a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000200)='gtp\x00\xe4\xaa\xae\xdf~2\xa6X\x14\x92\xdarV\xf4U\xf7\xa2\xc3l\x1b@\xaf\xf9\xc9\xa9#\xf0S\xd9=q\xd6\x14\xedt\xc8!W\xe9@\xeb\x7f~\tB0EE\x9a:\xb7\xff\xc1\xfc\x9a\x1f\xf2\xfb\x19\xda#x\xc5F\x1c~\x8c\xe1\xdf\xdc\x01k\f\xde0~\x95\r\xa2\x80\b4M\x14\xe7\xd0\t`n!g\x14\xe6\xd1\xc2\xd3\x88\xf8cVtd\xbeY\xa5\xe7\x16sD\x96}7\n\x88e\x00\xf0\xff\xff\xf0\xcb\x94\xb4S\x00\x00')
ioctl$sock_FIOSETOWN(r1, 0x8901, &(0x7f00000014c0)=r0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYRES8], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x58, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000440)={r4, 0x0, 0x2d, 0x0, @val=@netkit={@void, @value=r3}}, 0x1c)
r5 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r5, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1}, 0x3e8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x55daa0cc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x18)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000100)={0x3920e, 0xffffffffffffffff, 0x3, 0x1, 0x3, 0x6})
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000001540)={0x0, {0x2, 0x4e21, @broadcast}, {0x2, 0x4e24, @loopback}, {0x2, 0x4e20, @remote}, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001500)='team_slave_1\x00', 0x0, 0x1, 0x3})
r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r7 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r7, 0x402, 0x8000003d)
close_range(r6, r7, 0x0)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r8)
ptrace$pokeuser(0x6, r8, 0x4, 0x80)
syz_pidfd_open(0x0, 0x0)
fcntl$lock(r1, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r2, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x5, 0x6, r0})
chmod(&(0x7f0000000340)='./file1\x00', 0x0)

4m41.094424288s ago: executing program 6 (id=1112):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c00"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='attr/prev\x00')
readv(r2, &(0x7f0000001440)=[{&(0x7f0000000040)=""/20, 0x5}, {0x0, 0x2}], 0x2)

4m40.706533186s ago: executing program 6 (id=1120):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x4e20, 0x7, @mcast2}, r1}}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0x99, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80040, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xa, 0x7}, 0x8781, 0x2000000, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6493790710000000000080000b2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249f21c6eee84309e7a23c19a394830f2539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bfb1c0e6b1244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbb888b0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f94479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b844139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323478a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526894aa7fe5e68949a3b304723177d356c4604bca492ecec37e83efceefd78a2533659edc8bef9cb85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e5a61561a9845e4ff29e2bd43b5b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebcef5af469abe753314fae31a09c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a0600adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa7000008000000000000117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cd50feeb7bfad9b7be3283b6450d34264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5a71e0d7696caba172745c7dd919ffb631820420b75b6522c0e21c882c66f4f25ffb6d95e07e068000000000000eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6f0100000000000000f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae0533496b6d58da50ee80a6b9a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f812f257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33320253af570f4ef9c0254afdd89ac3943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b74c516647652bfb6e93002494a5cd74e2a9a4734487062437da23e1efa6ef7674108aaa3ffac859c3577c2637bb3bdc69bc365b1f20dba96b8acca62f3f80045318de0facf2ed44b814e842c2a520159bb6c320cec0910c0b8bd3d547bdfba2e09d24d117ed0388afd37affbad2f9c77c9c1314a16ffe64f5e3744a2fffd7039670f5706e589a4c3868db06fd892d68a547477f8ef686ff0dba7b8c18c94d5a89b0567a851750a35d9cc2217db890d89385fcaa00f0f2e524672e6f4c8bedfd5da5b157709b8265cf511dc5846ab1d85916c4a6b2d1b408575982e11230cbac0a9c6eaa03c945645581f678403c2a936c53ae72940aa92bcf22b82c6bc028e0acdddf9fef595f0f7a9f80c0e4c659ced769ec463d26a81e468846761a8e1efd6a031ab7adc8665e267be0065cc315aa23012423ec8b8492d9b50fa4d8c5891959b761eec6dc988532782fda13239c948e27853606e26225c796b79cc04f3d1a5a13000000001e301d82a27010d3ac6119d2b12caf282413672d20c852c50084d7b2d50754775ed63bc18023c31351af76e24788d96103455693b34e09a163a9f613a7e5530222cebd7fa0fbff32dc98088f9fab33648cc38e87dd2dd6ee157f5f018702696915661715c979b7796d4f101a257688af7c148e8615c938c4ca8a69f6fc585ec1dd1857a501f90b161eff23181a11a2b0da4c58d459cbf9db"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x6)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x7c, 0x0, 0x4, 0x70bd2b, 0x25dfdbff, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x22}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @remote}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x24000001}, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000840)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0xff405fc2f5dad82a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@quota}, {@debug}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000700)=ANY=[@ANYBLOB="000000004c900200030000000300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff1e0000000000000000000000000000000000000000000000000000000000000000004000"/192])
syz_io_uring_setup(0x4172, &(0x7f00000002c0)={0x0, 0x2, 0x10100, 0x0, 0x4}, &(0x7f0000000100)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4004, @fd, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/19, 0x13}], 0x1, 0x0, 0x1})
io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000400)=ANY=[@ANYBLOB="ffffffadc9adffffff56460a5cef9088a820008100000086dd60000000002c2f00fe880000000000000000000000130001010000000000000000000000000001005334c003940e0d20de118da512c575000dfab61b7f38e27d00d28317990b6a6dd5ebb51f4a59a23f3a994e516495d82f74257548b85fbdbb2cfb9a87aa9c80af6c0f36e9a5de", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="b00000009078000003030813128fea9208968aa2c0377ccf22e7139990000000"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000000000000081, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000c00)="d800000018009903e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901223fc6ab007f6f94007100a007a290457f0189b316277ce06bf75c10dde13fb206b33b174e54980ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1000000730d7a5025ccca262f3d40fad956d2b6d5a3a6692ac217e11382e767e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6cc452a92307f00000e970300000000", 0xd8}], 0x1}, 0x20048812)
umount2(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8)

4m40.706026605s ago: executing program 35 (id=1120):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x4e20, 0x7, @mcast2}, r1}}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = perf_event_open(&(0x7f00000010c0)={0x2, 0x80, 0x99, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80040, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xa, 0x7}, 0x8781, 0x2000000, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6493790710000000000080000b2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249f21c6eee84309e7a23c19a394830f2539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bfb1c0e6b1244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbb888b0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f94479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b844139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323478a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526894aa7fe5e68949a3b304723177d356c4604bca492ecec37e83efceefd78a2533659edc8bef9cb85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e5a61561a9845e4ff29e2bd43b5b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebcef5af469abe753314fae31a09c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a0600adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa7000008000000000000117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cd50feeb7bfad9b7be3283b6450d34264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5a71e0d7696caba172745c7dd919ffb631820420b75b6522c0e21c882c66f4f25ffb6d95e07e068000000000000eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6f0100000000000000f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae0533496b6d58da50ee80a6b9a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f812f257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33320253af570f4ef9c0254afdd89ac3943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b74c516647652bfb6e93002494a5cd74e2a9a4734487062437da23e1efa6ef7674108aaa3ffac859c3577c2637bb3bdc69bc365b1f20dba96b8acca62f3f80045318de0facf2ed44b814e842c2a520159bb6c320cec0910c0b8bd3d547bdfba2e09d24d117ed0388afd37affbad2f9c77c9c1314a16ffe64f5e3744a2fffd7039670f5706e589a4c3868db06fd892d68a547477f8ef686ff0dba7b8c18c94d5a89b0567a851750a35d9cc2217db890d89385fcaa00f0f2e524672e6f4c8bedfd5da5b157709b8265cf511dc5846ab1d85916c4a6b2d1b408575982e11230cbac0a9c6eaa03c945645581f678403c2a936c53ae72940aa92bcf22b82c6bc028e0acdddf9fef595f0f7a9f80c0e4c659ced769ec463d26a81e468846761a8e1efd6a031ab7adc8665e267be0065cc315aa23012423ec8b8492d9b50fa4d8c5891959b761eec6dc988532782fda13239c948e27853606e26225c796b79cc04f3d1a5a13000000001e301d82a27010d3ac6119d2b12caf282413672d20c852c50084d7b2d50754775ed63bc18023c31351af76e24788d96103455693b34e09a163a9f613a7e5530222cebd7fa0fbff32dc98088f9fab33648cc38e87dd2dd6ee157f5f018702696915661715c979b7796d4f101a257688af7c148e8615c938c4ca8a69f6fc585ec1dd1857a501f90b161eff23181a11a2b0da4c58d459cbf9db"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x6)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x7c, 0x0, 0x4, 0x70bd2b, 0x25dfdbff, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x22}, @NLBL_MGMT_A_CLPDOI={0x8}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @remote}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x24000001}, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000840)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0xff405fc2f5dad82a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@quota}, {@debug}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000700)=ANY=[@ANYBLOB="000000004c900200030000000300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff1e0000000000000000000000000000000000000000000000000000000000000000004000"/192])
syz_io_uring_setup(0x4172, &(0x7f00000002c0)={0x0, 0x2, 0x10100, 0x0, 0x4}, &(0x7f0000000100)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4004, @fd, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/19, 0x13}], 0x1, 0x0, 0x1})
io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000400)=ANY=[@ANYBLOB="ffffffadc9adffffff56460a5cef9088a820008100000086dd60000000002c2f00fe880000000000000000000000130001010000000000000000000000000001005334c003940e0d20de118da512c575000dfab61b7f38e27d00d28317990b6a6dd5ebb51f4a59a23f3a994e516495d82f74257548b85fbdbb2cfb9a87aa9c80af6c0f36e9a5de", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="b00000009078000003030813128fea9208968aa2c0377ccf22e7139990000000"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000000000000081, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000c00)="d800000018009903e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901223fc6ab007f6f94007100a007a290457f0189b316277ce06bf75c10dde13fb206b33b174e54980ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1000000730d7a5025ccca262f3d40fad956d2b6d5a3a6692ac217e11382e767e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6cc452a92307f00000e970300000000", 0xd8}], 0x1}, 0x20048812)
umount2(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8)

1m42.145827611s ago: executing program 7 (id=4121):
r0 = socket(0x2a, 0x2, 0x0)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r0, 0x80089419, &(0x7f0000000000))
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001000)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newtfilter={0x34, 0x2c, 0x605, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xffe0}, {}, {0x5, 0x2}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}}, 0x20004084)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000340)=0x2)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x189a42, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000000)=0x3)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r5=>r0, {0x1400000000000000}}, './file0\x00'})
fsmount(r5, 0x0, 0x0)
close(r3)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1m42.014596984s ago: executing program 7 (id=4125):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
r2 = socket(0x5, 0x2, 0xe6)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000480)={@mcast2={0xff, 0x5}, @private0, @loopback, 0x800000, 0xa, 0x0, 0x500, 0x7ffffffe, 0x140192})
sendto$rxrpc(r2, &(0x7f0000000080)="b7dc2449292dc74d368914ad89b0fb402029afb56b6929243219a7f6aec7c54a6e0213dffec9c806aeecaa8a4a048523e0d9f0b239a8905b034f68f9aac8", 0xffffffffffffffaa, 0x4001, &(0x7f0000000200)=@in4={0x21, 0x4, 0x2, 0x0, {0x2, 0x4e21, @multicast1}}, 0x24)
pipe2(&(0x7f0000000040), 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2, 0x4}, 0x10)
getsockopt$CAN_RAW_FD_FRAMES(r4, 0x65, 0x5, &(0x7f0000000240), &(0x7f0000000380)=0x4)
setrlimit(0x40000000000008, 0x0)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000180)={0x7a2a, 0x9, 0x5a}, 0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
sendmsg$inet_sctp(r5, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1, 0x0, 0x0, 0x2804c044}, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x6, 0x9}, 0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000200)={0x0, 0x9, 0x9}, 0x8)
shutdown(r5, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0xc, &(0x7f00000005c0)=ANY=[@ANYRESDEC=0x0, @ANYRESOCT=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r7 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r7, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f00000003c0)={0x0, 0x9e9}, &(0x7f00000004c0)=0x8)

1m41.806782828s ago: executing program 7 (id=4128):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xc, 0xc, &(0x7f0000000f00)=ANY=[@ANYBLOB="29ab103526eb24d19576b673d7f4344d24e49b25f5d43ff22759207464e947eb50953a89094fcd37413a89a64c4ad0fcbf602869a6699aa6b2ab9db00474fad85bc01eaf891cb52bdd0805889ef09d87d37270bd174f3748d0d1d4da3bebf21595368bad65c80a30afbc7c05abad81ff3d65728af76c310cf9b2d0f15d9d04eb11abb382", @ANYBLOB="b08a29e8e39fc7e1b0e6a8708888c6f2e338b376d884566fb55930bf3a35ce7a7ece4828d6e13d3eaafc95a58fe1adec3e54728b", @ANYRES64, @ANYRESOCT=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='kmem_cache_free\x00', r1}, 0x18)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x8040, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) (async)
r2 = open(&(0x7f0000001340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6800, 0x4c)
fcntl$notify(r2, 0x402, 0x8000003d) (async)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x19f) (async)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) (async)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async)
openat(0xffffffffffffff9c, &(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40a02, 0x1f6)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0) (async)
syz_open_dev$evdev(&(0x7f0000000440), 0xd, 0x0) (async)
syz_open_dev$evdev(&(0x7f0000000480), 0x7, 0x100)
r3 = socket(0x10, 0x3, 0x9) (async)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x7fffffffffffffff) (async)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0) (async)
pipe2$9p(&(0x7f0000001900)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x18, 0x25c, &(0x7f0000000440)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002064070000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x7ecae788a6630e8, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r7}, 0x10) (async)
r8 = dup(r6)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[], [], 0x6b}})

1m41.633691232s ago: executing program 7 (id=4130):
r0 = syz_io_uring_setup(0x1118, &(0x7f0000000880)={0x0, 0x2, 0x80, 0x2, 0x1db}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
io_uring_enter(r0, 0x471b, 0xfffffffe, 0x20, 0x0, 0xffffffffffffff68)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r4}, 0x10)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380"], 0x44}}, 0x0)
sendmsg$netlink(r5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r8=>0xffffffffffffffff})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06ce000004000000080000005a"], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x20000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r10}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r8, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x20042, 0x1})

1m41.18235939s ago: executing program 7 (id=4132):
prctl$PR_SET_NAME(0xf, &(0x7f00000002c0)='+}[@\x00G5\v\x89n\xb2\x0e\xb7\xb4\x9a\xb3\xb9\xe1\xff@`\x87\xefy\xb7\xe0\xe6c\x91\x81ND\t3\xc4\xca\xf0\xd0Zp\xadbdY\xdcz\xc6lo\xd0\xc7\'CT')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff27}, 0x41)
r1 = syz_socket_connect_nvme_tcp()
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r1, 0x8982, &(0x7f0000000040)={0x1, 'veth1_virt_wifi\x00', {}, 0x400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
ioctl$FS_IOC_GETVERSION(r3, 0xff03, 0x0)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x46, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000000000100001fe800000000000000000000000000014feff"], 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x2, 0xffffffffffffffff, 0x0}])
io_cancel(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x200, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001000), r5)
sendmsg$TIPC_NL_PEER_REMOVE(r5, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)={0x30, r6, 0x1, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x8004)
sendmsg$ETHTOOL_MSG_STRSET_GET(r5, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x118, 0x0, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x94, 0x2, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}]}, @ETHTOOL_A_STRSET_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}]}]}, 0x118}, 0x1, 0x0, 0x0, 0x8041}, 0x40)

1m41.001907913s ago: executing program 7 (id=4135):
r0 = inotify_init()
r1 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r2 = inotify_add_watch(r0, &(0x7f0000000200)='./file0\x00', 0x640003b3)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x10, &(0x7f0000000800)=ANY=[], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[@ANYRES64=r2], 0x69)
close(r1)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0xc2f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
chown(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
write(0xffffffffffffffff, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r8, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
timer_create(0x3, &(0x7f0000000380)={0x0, 0xb, 0x98c12b245b90eb51, @tid=0xffffffffffffffff}, &(0x7f00000004c0)=<r9=>0x0)
timer_settime(r9, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0}, 0x94)

1m40.968700684s ago: executing program 36 (id=4135):
r0 = inotify_init()
r1 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r2 = inotify_add_watch(r0, &(0x7f0000000200)='./file0\x00', 0x640003b3)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x10, &(0x7f0000000800)=ANY=[], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[@ANYRES64=r2], 0x69)
close(r1)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0xc2f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
chown(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
write(0xffffffffffffffff, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r8, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
timer_create(0x3, &(0x7f0000000380)={0x0, 0xb, 0x98c12b245b90eb51, @tid=0xffffffffffffffff}, &(0x7f00000004c0)=<r9=>0x0)
timer_settime(r9, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0}, 0x94)

1m5.70658826s ago: executing program 3 (id=4700):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f00000000c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x8, 0x2, 0x3}, 0x0, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x4000080)
bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet6(r3, &(0x7f0000000800)="41034b061116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0)

1m5.512721304s ago: executing program 3 (id=4704):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x2)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r1, 0x2)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

1m5.453905675s ago: executing program 3 (id=4706):
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e20, @private=0xa010100}]}, &(0x7f00000002c0)=0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000003c0)={r1, &(0x7f0000000200)="1d7d80ff989bb6bace56926776462bffa4d2e4db60022f5bf273d19c8715677240da0ce15186", &(0x7f0000000300)=""/130}, 0x20)

1m5.122612622s ago: executing program 5 (id=4717):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(0x0, r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="dc000000", @ANYRES16=r1, @ANYBLOB="0f0a29bd7000fddbdf2501000000a40008801400078008000600c900000008000600810000002c000780080005000a256c78080005009c32bb3508000600b600000013fd0500f574c33e080006002500000034000780080006004300000008000500f3ba3a6b080006c224c0ab0008000500ffdcc36b080006000500000008000600a10000002c000780080005002f6c051408000500aac6b06008000600000800060009000000140004800500030080000000050003000600000008000200030000000800010002000000e51be65164b987b77fd44ec7c0b27ab8322b091c5a75c10678d722e0b16cd820b82e31d2b90621d67146162f35799166b13a48b813cd9de29c949811a2d892251df4fb16098c8f888b04ac06e5f18f8946e0072e81206a49d9d827382c3c3618b79d9c3b834865ac2ed7ef8d29ce28f7e6ef02bf20c5e2e5aaec9b5bcc9d72c250ff3e257d59fd061c50f24660c5b24265e934553bf55e58ab7e94a2eeeab1b69c39c7283445cbe515fe3e15670a141fa4ad9773728d1878a954dffdc6482a64204c05249972361e105f7ca59807aa67a5c490e2323ddaf28c03b4cad29b7677f56f2213a9ac4c07b2353bb0ecd92cde340048c73c0bc213a732493e2d4eae"], 0xdc}}, 0x4)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x200c888, &(0x7f00000001c0)=ANY=[], 0x1, 0x319, &(0x7f00000008c0)="$eJzs3M9LG1sUwPGTmMQY0cni8R7vwcPLe5t2M2i6Lw1FoTRQsab0B5SOZtKGTBPJBEtKqbrqpovSP6ILcelOaP0H3HTXVSl056bQRV2UTpnM5Iea1BiNqfr9gMwh956ZezNmOHdgZvv2q8f5rK1njbIEo0oCIiI7InEJSk3A3warcUSaLcvF4a8f/r155+71ZCo1OaPUVHL2UkIpNTr29smzIb/bxqBsxe9vf0l83vpz6+/tH7OPcrbK2apQLCtDzRU/lo05y1SZnJ3XlZq2TMM2Va5gmyWv3VkSsUyVtYoLCxVlFDIjsYWSadvKKFRU3qyoclGVSxVlPDRyBaXruhoSHCi9OjNjJLtMnj/mwaBHSqWkMSAi+38S6dW+DAgAAPSVX//Xq/2gW9J3U/+HWtb/a/9tlodvrY/69f9GxK3/RZrq/weNfZkqE6zX/1ERadT/RW99cIj6fyTWwezP2iLh5e6TI45TDyOt+h+p/scp4db/Mf/3W7Vyb228GlD/AwAAAAAAAAAAAAAAAAAAAABwGuw4juY4juZtB/xPHW1QRKLVJ0i89j4PEz2y+/w3/jj/50PjxR2hURHrxWJ6Me1t/Q6bImKJe2HQ5Hv1/8HnxpFlVe2kXHF5Zy35+UuLae9aksxKTiwxZUI0ie/Nd5ypa6nJCeXZnR+WWHN+QjT5o3V+Ym9+2N1G5ML/Tfm6aPJ+XopiScZ/Mq6W/3xCqas3UnuOP1TtBwAAAADAWaCruvr6fbC5Xd/f7q2PvXZvfR0SGW91f8BbX4+3XN+H5J9Qv2YNAAAAAMD5Ylee5g3LMks9ClZEpMeHaBPUZthpVu0FuW36BCTQrukYgtrBu0t3x3Zs4wl39I0FG0P91PkhxiKHPCktg9pto3Z9ZLqbPTuayFG/w79ev/n26z7enTGRTnZ4eT16wEy7DSIHzTR8YhcgAAAAACemUfTXPrnS3wEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAOncSr+Po9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB38TMAAP//U08AJw==")
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2000002, 0x12, r2, 0x61c40000)

1m4.968925215s ago: executing program 5 (id=4719):
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

1m4.945055155s ago: executing program 5 (id=4720):
socket$netlink(0x10, 0x3, 0x14)
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000ddff00850000008600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000280)='./file2\x00')
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}}, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r8, 0x0, 0xfffffffffffffffd}, 0x18)
tee(r0, r2, 0x3, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)

1m4.674046891s ago: executing program 5 (id=4722):
syz_open_procfs(0x0, &(0x7f0000000580)='timerslack_ns\x00')
socket(0x40000000015, 0x5, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
ptrace$ARCH_FORCE_TAGGED_SVA(0x1e, r2, 0x0, 0x4004)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, 0x0, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000280)='cgroup.kill\x00', 0x275a, 0x0)
r7 = socket(0x1e, 0x4, 0x0)
r8 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r8, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x65}, 0x10)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r7, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r9 = dup3(r8, r7, 0x0)
recvmmsg(r9, &(0x7f0000004a40)=[{{&(0x7f0000000480)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000000940)=[{0x0}, {&(0x7f0000000780)=""/85, 0x55}, {0x0}, {0x0}, {0x0}], 0x5, &(0x7f0000000cc0)=""/229, 0xe5}, 0x2}, {{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000dc0)=""/191, 0xbf}, {0x0}, {&(0x7f0000000e80)=""/210, 0xd2}, {&(0x7f0000000b00)=""/12, 0xc}, {&(0x7f0000001080)=""/227, 0xe3}, {&(0x7f0000001240)=""/230, 0xe6}, {0x0}], 0x7, &(0x7f00000014c0)=""/223, 0xdf}, 0x3}, {{&(0x7f0000000c00)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000001180)=[{&(0x7f0000004cc0)=""/221, 0xdd}, {&(0x7f00000015c0)=""/211, 0xd3}, {&(0x7f0000004c00)=""/163, 0xa3}], 0x3, &(0x7f0000001880)=""/76, 0x4c}, 0xffffffff}, {{&(0x7f0000001900)=@nfc_llcp, 0x80, &(0x7f00000019c0)=[{0x0}, {&(0x7f0000001980)=""/61, 0x3d}, {&(0x7f0000002080)=""/4096, 0x1000}, {0x0}], 0x4}, 0x4}, {{&(0x7f00000043c0)=@caif=@dbg, 0x80, 0x0, 0x0, &(0x7f0000004740)=""/190, 0xbe}, 0x5}], 0x5, 0x40000001, 0x0)
write$cgroup_int(r6, &(0x7f0000000040)=0x1, 0x12)
sync()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000040)=@v3, 0x18, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=ANY=[@ANYRESHEX], 0x0, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)

1m4.549994113s ago: executing program 3 (id=4726):
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000000)=<r0=>0x0, &(0x7f0000000080)=0x4)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690c0000001fbb66ec", 0xa}], 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r1, 0x0, 0x10000008ebc, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x9, 0xff, 0x3, 0x204, 0xffffffffffffffff, 0x9, '\x00', r0, r1, 0x3, 0x0, 0x2, 0x5}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
timer_create(0x3, 0x0, &(0x7f00000012c0)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000001300)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
perf_event_open(&(0x7f00000014c0)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbaa8, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x9, 0x8, 0x1020005, 0xb, 0x0, 0x1, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan4\x00'})
ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x5, 0x3}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r5}, 0x10)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_emit_ethernet(0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd6000120000000000fc010000000000000000000000070000fe880000000000000000000000000001"], 0x0)
r7 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010000000000000006409f0018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)
r10 = fsmount(r9, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r10, &(0x7f0000000080)='./file0\x00')
readlinkat(r10, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000780)=""/198, 0xc6)
timer_create(0x3, 0x0, &(0x7f00000050c0)=<r11=>0x0)
timer_settime(r11, 0x1, &(0x7f0000005100), 0x0)

1m3.832768547s ago: executing program 5 (id=4733):
r0 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="090200000000000000ab01"], 0x30}, 0x1, 0x0, 0x0, 0x24008881}, 0x0) (fail_nth: 1)

1m3.67856881s ago: executing program 3 (id=4734):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x62, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_bp={0x0, 0xd}, 0x604a, 0xb9, 0x2, 0x0, 0x2, 0x240, 0xfffd, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffbfffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r1, 0xa, 0x13)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="1fa160357f768df1e110e00000000000000000000000000000200000ac88a7", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x19, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000b7080000000000007b8af8ff00000000b7080000010000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x40086610, &(0x7f00000004c0)={@desc={0x1, 0x2000000, @auto="c19e91c204bff48d"}})

1m3.551599203s ago: executing program 3 (id=4735):
syz_io_uring_setup(0x315b, 0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x10f, &(0x7f0000000300)={0x0, 0x8d2dc, 0x0, 0xffffffff}, &(0x7f00000003c0)=<r1=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, 0x0, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)='./file0\x00', 0xffffffffffffffff, 0x3000})
io_uring_enter(r0, 0x47f5, 0x2000000, 0x0, 0x0, 0x0)

1m3.532448403s ago: executing program 37 (id=4735):
syz_io_uring_setup(0x315b, 0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x10f, &(0x7f0000000300)={0x0, 0x8d2dc, 0x0, 0xffffffff}, &(0x7f00000003c0)=<r1=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, 0x0, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)='./file0\x00', 0xffffffffffffffff, 0x3000})
io_uring_enter(r0, 0x47f5, 0x2000000, 0x0, 0x0, 0x0)

1m3.529687983s ago: executing program 5 (id=4737):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e20, @private=0xa010100}]}, &(0x7f00000002c0)=0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000003c0)={r1, &(0x7f0000000200)="1d7d80ff989bb6bace56926776462bffa4d2e4db60022f5bf273d19c8715677240da0ce15186", &(0x7f0000000300)=""/130}, 0x20)

1m3.513409663s ago: executing program 38 (id=4737):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e20, @private=0xa010100}]}, &(0x7f00000002c0)=0x10)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000003c0)={r1, &(0x7f0000000200)="1d7d80ff989bb6bace56926776462bffa4d2e4db60022f5bf273d19c8715677240da0ce15186", &(0x7f0000000300)=""/130}, 0x20)

36.49198011s ago: executing program 0 (id=5148):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
socket(0x23, 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x51031, 0xffffffffffffffff, 0x0)
r4 = getpid()
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7fff}]})
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffff001}, 0x18)
setsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000180)={0x7a2a, 0x9, 0x5a}, 0x8)
r7 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)=<r8=>0x0)
timer_settime(r8, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r10, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r10, 0x0)
connect$unix(r9, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r10, &(0x7f0000000380)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000340)={0xa, 0x3, 0x7, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000000c0), 0x4)

36.393725801s ago: executing program 0 (id=5149):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x5)
r1 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x0)
fchdir(r2)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000400)={0x0, r3}, 0x8)
socket(0x28, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000004c0)='kmem_cache_free\x00', r4, 0x0, 0xfffffffffffffffe}, 0x18)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x28, 0x1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r6}, &(0x7f0000000840), &(0x7f0000000880)=r7}, 0x20)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r9=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r7, r9, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000800)=ANY=[], 0x0)

36.350180832s ago: executing program 0 (id=5151):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000070000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x2, 0x7ffc0002}]})
getrlimit(0x3, &(0x7f0000000100))

36.099776357s ago: executing program 0 (id=5155):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000009500160000000000e2bac15d3b6641a215f099e26603a050337b2ccc70a9f928ba3c529bb6e7365e7e246317380f5884d79663e7fcaa89795d7b10e88378c33265a7af06040e3d0bbc6a5864dfa023c6ac1da574242785bbb4ece12b11da52496875e1e384042aad63a3094bf3bc0e40a79960f9f1610940e67e30611d9873d1e6cb9c4cce44c999c49ff52a6400192fd021d7158438d7686a6f66778022c93c544189b684754e7e0f77a4f498609e53104c8aa70632fcc58c757bbc06f6472622dce2729d7296959ce003ec84ac"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='task_newtask\x00', r1, 0x0, 0xfffffffffffffffc}, 0x10)
r2 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xff, 0x7ffc1ffd}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@usrquota}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x89, 0x40000}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10)
ioctl$USBDEVFS_CONTROL(r3, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x302, 0x10, 0x0, 0x101, 0x0})
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
unshare(0x20000000)
syz_clone(0x4808280, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(r2, 0x6, &(0x7f0000000140)={0x4, 0x82}, 0x0)
r8 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00')
ioctl$NS_GET_PARENT(r8, 0xb702, 0x0)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
close(0x3)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
close_range(r7, r3, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000730109000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r9, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)
ioctl$BINDER_FREEZE(0xffffffffffffffff, 0x400c620e, &(0x7f0000000180)={r2, 0x1, 0xffffffff})
madvise(&(0x7f0000f7c000/0x3000)=nil, 0x3000, 0x2)

35.95794843s ago: executing program 0 (id=5158):
r0 = syz_open_dev$vcsn(&(0x7f0000000180), 0x6, 0x4000)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@generic={&(0x7f00000001c0)='./file0\x00', 0x0, 0x10}, 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYRES64=r0], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='io\x00')
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

35.590638207s ago: executing program 0 (id=5175):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8040, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x80000004, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x1, @empty, 0xfffffffc}, 0x1c)
listen(r0, 0xb)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r1, 0x0, 0x0)

35.580501417s ago: executing program 39 (id=5175):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8040, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x80000004, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x1, @empty, 0xfffffffc}, 0x1c)
listen(r0, 0xb)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r1, 0x0, 0x0)

2.797735565s ago: executing program 9 (id=5765):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffdfffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x78)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x142000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000004c0)={0x53, 0xfffffffffffffffe, 0x6, 0x2, @scatter={0x1, 0xdd, &(0x7f0000000040)=[{&(0x7f0000000580)=""/226, 0x95}]}, &(0x7f00000000c0)="ff33501ef663", 0x0, 0x840804, 0x10032, 0x1000, 0x0})
socket$kcm(0x10, 0x400000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="040300000900000000000000000000008500000023"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x2e, 0x0, "8ddbb51a3cfd954e41e8ccb21f650fa6a867fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71bc4b828c7de258b6b9ca1fc52bcc83e2a016a"}, 0xd8)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYRES8=r4, @ANYRESDEC=r1, @ANYRESDEC], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000000400))
timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r8 = fcntl$dupfd(r7, 0x0, r7)
read$snapshot(r8, 0x0, 0xffffffbf)

1.895761953s ago: executing program 9 (id=5786):
setreuid(0xffffffffffffffff, 0xee01)
r0 = syz_clone(0x2100, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x15, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000040)=r3}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x30, r6, 0x1, 0x70bd2a, 0x0, {0x2, 0x2, 0x2}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x3}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x30}, 0x1, 0x40030000000000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000240)='./file1\x00', &(0x7f00000002c0), 0x0, 0x0, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0xfc, 0x550, &(0x7f0000001780)="$eJzs3c9vHFcdAPDvTHYTJ3G6LnCASi2FFiUVZDeuaWtxKEVCcKqEKJyDsTeWlbU3yq7b2KrA+QuQEAIkTnDhgsQfgFRF4sKxQqoEZ5CKQIimIMEBOmh3Z9dhM2uvy/pH1p+PNJ733uzM971dz483M5oJ4NR6OiJeiYgPsix7LiIqeXmaD7HTGzqfe//+m8udIYkse+1vSSR52fAyL+azzUTE178a8e3k4bitre2bS41GqZ+vtddv1Vpb21fX1pdW66v1jYWF+RcXX1p8YfFaxFv/fzsvRcTLX/7TD7/386+8/Nbn3vjj9b9c+U6nWrP59KJ2jKm018Re08vnZoZmuP0hg51EnfaU+5nz481z9xDrAwDAaJ1j/I9ExKcj4rmoxJm9D2cBAACAR1D2xdn4dxKRFTs7ohwAAAB4hKTde2CTtJrfCzAbaVqt9u7h/VhcSBvNVvuzN5qbGyu9e2XnopzeWGvUr+X3Cs9FOenk57vp3fzzQ/mFiHg8In5QOd/NV5ebjZXjPvkBAAAAp8TFof7/Pyq9/j8AAAAwZeb2nlw5qnoAAAAAh2ef/j8AAAAwBfT/AQAAYKp97dVXO0PWf//1yutbmzebr19dqbduVtc3l6vLzdu3qqvN5mr3mX3r+y2v0Wze+nxsbN6pteutdq21tX19vbm50b6+FjNH0iAAAADgIY9/8t7vk4jY+cL57tBx9rgrBRyJ0iCV5OOCtf8Pj/XG7x5RpYAjcWbklHSQevdc8SccJ8CjrTRcMGJdB6ZP+bgrABy7ZJ/pQzfvXBik3s7Hn5p8nQAAgMm6/Ini6/+jrwv07aRHUD3gEFmJ4fQa2s9n3vUDp0f3+v+4N/I4WICpUh6jpw9MtwNe/9/19rgRsuxAFQIAACZutjskaTU/vTcbaVqtRlzqvhagnNxYa9SvRcRjEfG7SvlcJz/fnTPZt88AAAAAAAAAAAAAAAAAAAAAAAAAAPRkWRIZAAAAMNUi0j8nv+49y/9y5dnZ4fMDZ5N/dV8JfDYi3vjJaz+6s9Ru357vlL83KG//OC9//jjOYAAAAADD+v307vifx10bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKbN+/ffXO4PY3z8/KTi/vVLETFXFL8UM93xTJQj4sLfkyg9MF8SEWcmEH/nbkR8vCh+0qnWIGRR/El8CfvEj7n8WyiKf3EC8eE0u9fZ/rxStP6l8XR3XLz+lSL+J/9hjd7+xWD7d2bE+n9pzBhPvPPL2sj4dyOeKBVvf/rxkxHxnxkz/re+sb09alr204jL/f1Pd4s3iDDzYKxae/1WrbW1fXVtfWm1vlrfWFiYf3HxpcUXFq/Vbqw16vnfwhjff/JXH+zV/guF+78kr83o9j9bsLyifdJ/3rlz/6P9zM7D8a88UxD/Nz/LP5HHT3bnSfM4n8nTSSSD8mSn930+6Klf/Papvdq/stv+8kF+/yujFjrsoRXlyXH/dQCAQ9Da2r651GjUb09totNLPwHVOPREVun9oielPkOJb753Av/ZvjvRBWZZlnV+gYJJ9yJinOUkMeGWpsX12U2M/FGOecMEAABM3O5B/2SupwMAAAAAAAAAAAAAAAAAAAAHdxRPWRuOufsI5GQSj9AGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJiI/wYAAP//in3QFg==")

1.344267644s ago: executing program 1 (id=5796):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffdfffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x78)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x142000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000004c0)={0x53, 0xfffffffffffffffe, 0x6, 0x2, @scatter={0x1, 0xdd, &(0x7f0000000040)=[{&(0x7f0000000580)=""/226, 0x95}]}, &(0x7f00000000c0)="ff33501ef663", 0x0, 0x840804, 0x10032, 0x1000, 0x0})
socket$kcm(0x10, 0x400000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="040300000900000000000000000000008500000023"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x2e, 0x0, "8ddbb51a3cfd954e41e8ccb21f650fa6a867fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71bc4b828c7de258b6b9ca1fc52bcc83e2a016a"}, 0xd8)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYRES8=r4, @ANYRESDEC=r1, @ANYRESDEC], 0x48)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000000400))
timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = fcntl$dupfd(r6, 0x0, r6)
read$snapshot(r7, 0x0, 0xffffffbf)

1.02638758s ago: executing program 9 (id=5802):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x129)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='mpol=interleave,mpol=local'])

981.690031ms ago: executing program 9 (id=5803):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=0x0, @ANYRES32=r0, @ANYRESHEX=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = dup(0xffffffffffffffff)
sendmsg$tipc(r2, 0x0, 0x8001)
write$UHID_INPUT(r2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c71756965742c6e6f646f74732c666c7573682c756d61736b3d30303030303030303030303030303030303030303030302c646f74732c646f74732c756d61736b3d30303030303030303030303030303030303037373737372c6e66732c646f74732c747a3d5554432c646f74732c646f74732c6e6f636173652c7379735f696d6d757461626c652c646f74732c00f8a7354494367fe599abb0e9fee8f6cdbd4415cc7bc52b6352f54afc78e51de6b37ae8efbdfe1689a174697f9528b4217d017a472c4c8e00a5cdd06438f130234c66db3e61a4ea6b90f67ddc19c74c6ac93054e1668cf0ff55fdebea678f16269706271797abeebc6b043e549356dfa4c7e8b4e091a7a6cfc601e4e66e509afea6dcc9d274ab27afd6f183050075b86a3ffc8dfcd249c141fd90a5331224d62867d9b87a8e7d0cf56567584e7adde32f223d2a9bd69b39c51152b3a827f49a0f7e23d51ac4128630c7668a0b38090b5c86636aee6face102356400fbbd"], 0xfd, 0x1bf, &(0x7f0000000480)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
mkdir(&(0x7f0000000180)='./bus\x00', 0x1b8)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000fc0)={[{@data_ordered}, {@nouser_xattr}, {@init_itable}, {@bsdgroups}, {@nodioread_nolock}, {@min_batch_time={'min_batch_time', 0x3d, 0xa00000}}]}, 0xfd, 0x50f, &(0x7f0000000a00)="$eJzs3cFvI1cZAPDPTuw42bRJSw+AoF3awoJW6yTeNqp6gHJCCFVC9AjSNiTeKIodR7FTmrAS6ZkrEpU4wZE/gHNP3LkguHEpB6QCEahB4mA04/Guk7U3YZPYafz7SaN5M2/i7714573159gvgLF1MyIOIqIYEe9GxFx2Ppdt8VZnS6779PDB6tHhg9VctNvv/COX1ifnoudnEjeyxyxFxA++E/Hj3ONxm3v7myu1WnUnO15o1bcXmnv7dzbqK+vV9epWpbK8tLz4xt3XKxfW15fqxaz05Y//cPCNnybNmu2cKEZPPy5Sp+uFbpzUZER87zKCjcBE1p/iqBvCU8lHxPMR8XJ6/8/FRPpsAgDXWbs9F+253mMA4LrLpzmwXL6c5QJmI58vlzs5vBdiJl9rNFu37zd2t9Y6ubL5KOTvb9Sqi1mucD4KueR4KS0/Oq6cOL4bEc9FxC+mptPj8mqjtjbK//gAwBi7cWL+//dUZ/4HAK650qgbAAAMnfkfAMaP+R8Axo/5HwDGT2f+nx51MwCAIfL6HwDGj/kfAMbK999+O9naR9n3X6+9t7e72Xjvzlq1uVmu766WVxs72+X1RmM9/c6e+mmPV2s0tpdei93357+53WwtNPf279Ubu1ute+n3et+rFtKrDobQMwBgkOde+ujPuWRGfnM63aJnLYfCSFsGXLb8qBsAjMzEqBsAjIzVvmB8neM1vvQAXBN9lug9ptTvA0Ltdrt9eU0CLtmtL8j/w7jqyf/7K2AYM/L/ML7k/2F8tdu5s675H2e9EAC42uT4gQHv/z+f7X+bvTnwo7WTV3x4ma0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAq627/m85Wwt8NvL5cjnimYiYj0Lu/katuhgRz0bEn6YKU8nx0ojbDACcV/5vuWz9r1tzr84eq3rxxsNiMSJ+8qt3fvn+Squ188eIYu6fU93zrQ+z85Xhtx4AOF13nk73PS/kPz18sNrdhtmeT74dEaVO/KPDYhw9jD8Zk+m+FIWImPlXLibjZw9/LteTuziPgw8i4vP9+p+L2TQH0ln5tBP/kST2M0ONnz8WP5/WdfbJ7+Jz/3fk6QtoPXy2fZSMP2/1u//ycTPd97//S+kIdX7Z+Jc81OpROgY+it8d/yb6xE/u+ZtnjfHa77/bKT1+z3/yQcQXJyO6sY96xp9u/NyA+K+eMf5fvvTiy4Pq2r+OuBX94/fGWmjVtxeae/t3Nuor69X16lalsry0vPjG3dcrC2mOemHwbPD3N28/O6gu6f9MFn8qjscvndL/r3aKpw6kv/nvuz/8yhPif/2Vfv3PxwtPiJ/MiV87LXBmZeZ3pUF1Sfy1Ab//057/22eM//Ff9x9bNhwAGJ3m3v7mSq1W3VFQuPqF5J/sFWhG38K3hhWrGP2rfv5K554+UdVuP1WsQSPGRWTdgKsgu+nT9/L/M+rGAAAAAAAAAAAAAAAAfQ3jE0uj7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//55ZzBM=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
r3 = socket$caif_seqpacket(0x25, 0x5, 0x3)
sendmmsg$sock(r3, &(0x7f0000000cc0)=[{{&(0x7f00000003c0)=@ieee802154={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0202}}}, 0x80, &(0x7f0000000000), 0x0, &(0x7f00000007c0)}}, {{0x0, 0x0, &(0x7f0000000b80)=[{0x0}, {0x0}, {&(0x7f0000000b40)}], 0x3}}], 0x2, 0x0)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x700, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000"], 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000bc0)=@delchain={0x40, 0x65, 0x2, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x2}, @filter_kind_options=@f_bpf={{0x8}, {0xc, 0x2, [@TCA_BPF_FD={0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b100bf800", 0x33fe0}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r6, 0x0, 0x40000000, 0x0)

847.594073ms ago: executing program 2 (id=5807):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000740)={@broadcast, @local}, 0xc)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff8c, 0x0, 0x0, 0x10, 0x800}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x3}, 0x18)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x84500, 0x0)

756.284255ms ago: executing program 8 (id=5808):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000004c0)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, r5, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000000800)=ANY=[], 0x0)

754.652655ms ago: executing program 2 (id=5809):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000001480)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))

740.919335ms ago: executing program 8 (id=5810):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
listen(0xffffffffffffffff, 0x8)
write(0xffffffffffffffff, &(0x7f0000000000)="ea", 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=@newtaction={0x110, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0xfc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x5, 0x0, 0x3, 0x1000, {0x0, 0x2, 0x0, 0x0, 0x5}, {0x2, 0x0, 0xff, 0x0, 0x2}}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfffffff7}}]}, {0x4}, {0xc}, {0xc}}}, @m_bpf={0x44, 0x3, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x3ff, 0x9, 0x2, 0x7, 0x3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x110}}, 0x0)

727.599876ms ago: executing program 8 (id=5811):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000740)={@broadcast, @local}, 0xc)
socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000980)='mm_page_free\x00', r2, 0x0, 0x3}, 0x18)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x84500, 0x0)

702.128637ms ago: executing program 8 (id=5813):
r0 = syz_open_dev$hiddev(&(0x7f0000000080), 0xfffffffffffffff7, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r1)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000001600)={0x54, r2, 0x1, 0xfffffffd, 0x0, {0x26}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x51}, {0xc, 0x8f, 0xfffffffffffffffe}, {0xc}}]}, 0x54}}, 0x0)
r3 = accept$unix(0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000000280)=0x6e)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000ddff00850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r5}, 0x10)
cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0)
close_range(r0, r3, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x40)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000002cc0)=ANY=[], 0x50)
prctl$PR_SET_NAME(0xf, 0x0)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)='devices.deny\x00', 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r7, 0x0, 0xb, &(0x7f00000000c0)=0x3, 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (fail_nth: 3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x18)

701.673056ms ago: executing program 2 (id=5814):
inotify_init1(0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580), &(0x7f00000005c0)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x129)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='mpol=interleave,mpol=local'])
open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x101042, 0x1)

683.492976ms ago: executing program 4 (id=5815):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
r0 = socket$netlink(0x10, 0x3, 0x400000000000004)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet(0x2, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r3, 0x0, 0x1034}, 0x18)
setsockopt$inet_msfilter(r2, 0x0, 0x29, 0x0, 0x1c)
r4 = fsopen(&(0x7f0000000080)='bpf\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
ioctl$TIOCSISO7816(r5, 0xc0285443, &(0x7f0000000240)={0x80000001, 0x7, 0x0, 0xd, 0xfff})
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1, 0x0, 0xffffffffffffffff}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c00"], 0x48)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r7}, &(0x7f00000000c0), &(0x7f0000000400)=r6}, 0x20)
writev(r0, &(0x7f0000019440), 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r8, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = signalfd(0xffffffffffffffff, &(0x7f00000003c0)={[0xfffffffffffffffd]}, 0x8)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
close(r9)
inotify_init1(0x800)
fcntl$setstatus(r9, 0x4, 0x2c00)

573.340078ms ago: executing program 8 (id=5816):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000033c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x90}}, 0x4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$TCSETSW2(r0, 0x5435, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0xffffffffffffffc0}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)

565.685189ms ago: executing program 2 (id=5817):
syz_open_procfs(0x0, &(0x7f0000000040)='net/vlan/vlan0\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e0000000000"], 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001040)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000007500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n\x00\x00\x00'], 0x48)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000140)={[0x157]}, 0x8)
r2 = syz_io_uring_setup(0x6934, &(0x7f0000000300)={0x0, 0xd615, 0x10100, 0xffffffff, 0x100000, 0x0, r1}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r1, 0x0, 0x0, 0x0, 0x0, 0x0, {0xfffe}})
io_uring_enter(r2, 0x44fd, 0x3, 0x1, 0x0, 0x0)
exit(0x0)
timer_create(0x2, &(0x7f000049efa0)={0x0, 0xb, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r6, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})

554.735019ms ago: executing program 8 (id=5818):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_pidfd_open(0xffffffffffffffff, 0x0)
ioctl$FICLONE(r0, 0x40049409, r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160100400000000100", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = dup(r3)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x101, 0x1000}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, r4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000840)=ANY=[@ANYBLOB="0500000000a26f2ea3610000007111dd7e0b6f0000851000000200000085000000b2000000950000000000000095000000000000009fd44b3a0bfd049c1af9f667c889ecd61f7ddc5a4490930bd1caecf240d1711254a0c80135dd076f2d2d7c8fd15cae5f1d2b7abe1fe48e61c900452a4c0afc8ed74cb910796bab113827be953780f2dfd4d3842e1bb995278e80"], &(0x7f0000000500)='GPL\x00', 0x0, 0xcd, &(0x7f0000000540)=""/205, 0x0, 0x30, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x6}, 0x94)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000240), r6)
preadv(r5, &(0x7f0000000040)=[{&(0x7f0000000380)=""/183, 0xb7}], 0x1, 0x5, 0x2)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=<r8=>0x0)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r8], 0x1c}}, 0x0)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r9, &(0x7f0000000000)="10", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
sendmsg$inet6(r9, &(0x7f0000000340)={&(0x7f0000000300)={0xa, 0x4e21, 0x5, @private1, 0x29}, 0x1c, &(0x7f0000000100)=[{&(0x7f00000002c0)='\x00', 0x1}], 0x1}, 0x20000000)
poll(&(0x7f0000000080)=[{r9, 0x46a8}], 0x1, 0x400)
shutdown(r9, 0x1)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[], 0xac}, 0x1, 0x0, 0x0, 0x4008805}, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r10}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = dup2(r11, r10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r12}, 0x10)
kexec_load(0x3, 0x0, 0x0, 0x3e0000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="14000000100001f500000000000000000100000a14000000020a497f75241d4e1deb00000500000614000000110001"], 0x3c}, 0x1, 0x0, 0x0, 0x801}, 0xc050)

466.53626ms ago: executing program 1 (id=5819):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000a5"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r1}, 0x18)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r2, 0x2285, 0x0)
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fe08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
sendto$inet6(r4, 0x0, 0x0, 0x4040801, &(0x7f00000002c0)={0xa, 0x4e21, 0x0, @loopback, 0xfffffffe}, 0x1c)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a0000000000ff0f0000070000"], 0x48)
prctl$PR_GET_SPECULATION_CTRL(0x23, 0xb, 0x7fffffffeff3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x4}}}, {0x34, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_MASK={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "8a"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xe8}}, 0x0)
recvmmsg(r4, &(0x7f00000066c0)=[{{0x0, 0x0, 0x0}, 0x3}], 0x400000000000355, 0x2000, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r3}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)

430.174322ms ago: executing program 1 (id=5820):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
r1 = gettid()
tkill(r1, 0x1b)
r2 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newlink={0x40, 0x10, 0x403, 0x70fd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x88adfd8d}, [@IFLA_PORT_SELF={0x4}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x1a6a7}, @IFLA_ALT_IFNAME={0x14, 0x35, 'veth0_to_bridge\x00'}]}, 0x40}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@ipv6_newrule={0x44, 0x20, 0x1, 0x0, 0x3, {0xa, 0x10, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10017}, [@FRA_SRC={0x14, 0x2, @private2}, @FRA_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x44}}, 0x40000)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}]}}}]}, 0x5c}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x4000})
preadv2(r5, &(0x7f0000000340)=[{&(0x7f0000000000)=""/65, 0x41}], 0x1, 0x0, 0x0, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[], 0x119)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x1}, {r2}], 0x2, 0x101)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, 0x0, 0x0)
set_mempolicy(0x3, 0x0, 0x8)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r8=>0xffffffffffffffff})
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r7, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newtaction={0x98, 0x30, 0x1, 0x70bd2b, 0x0, {0x0, 0x0, 0x6a00}, [{0x84, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000, 0x0, 0x4}, 0x3, r9}}]}, {0x4, 0xa}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_mpls={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x4000)

415.124282ms ago: executing program 9 (id=5821):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000700000000000095000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt(0xffffffffffffffff, 0x84, 0x81, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x2, 0x7ffc0002}]})
getrlimit(0x3, &(0x7f0000000100))

370.699713ms ago: executing program 4 (id=5822):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
listen(0xffffffffffffffff, 0x8)
write(0xffffffffffffffff, &(0x7f0000000000)="ea", 0x1)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=@newtaction={0x110, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0xfc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x5, 0x0, 0x3, 0x1000, {0x0, 0x2, 0x0, 0x0, 0x5}, {0x2, 0x0, 0xff, 0x0, 0x2}}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfffffff7}}]}, {0x4}, {0xc}, {0xc}}}, @m_bpf={0x44, 0x3, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x3ff, 0x9, 0x2, 0x7, 0x3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x110}}, 0x0)

368.024433ms ago: executing program 4 (id=5823):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300000003000085"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1, 0x0, 0x2}, 0x18)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

348.812003ms ago: executing program 4 (id=5824):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000740)={@broadcast, @local}, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000980)='mm_page_free\x00', r2, 0x0, 0x3}, 0x18)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x84500, 0x0)

323.887754ms ago: executing program 4 (id=5825):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
listen(0xffffffffffffffff, 0x8)
write(0xffffffffffffffff, &(0x7f0000000000)="ea", 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=@newtaction={0x110, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0xfc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x5, 0x0, 0x3, 0x1000, {0x0, 0x2, 0x0, 0x0, 0x5}, {0x2, 0x0, 0xff, 0x0, 0x2}}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfffffff7}}]}, {0x4}, {0xc}, {0xc}}}, @m_bpf={0x44, 0x3, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x3ff, 0x9, 0x2, 0x7, 0x3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x110}}, 0x0)

307.502664ms ago: executing program 4 (id=5826):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x4000, &(0x7f0000000300)={[{@resuid}, {@dioread_nolock}, {@noblock_validity}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)=';', 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x40, 0x3, "cd4b6abe42030763d02899c7e9ee2bcc9b6a37b458a8056dd9a87f963d140d7a9d3ac869f3a860917523679abf4579f9cd656422a633a39f03000000"}, @NFTA_TARGET_NAME={0xa, 0x1, 'HMARK\x00'}, @NFTA_TARGET_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc0}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
sendfile(r1, r0, 0x0, 0x3ffff)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r4, &(0x7f00000009c0)="3bf58d", 0x3)
sendfile(r4, r3, 0x0, 0x3ffff)

207.994046ms ago: executing program 9 (id=5827):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001500000000000000000000000200000000000000000008"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x8, 0x3000000000002}, 0x20000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$MRT6_INIT(0xffffffffffffffff, 0x29, 0xc8, 0x0, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r3, 0x0, 0x8000000000000}, 0x18)
write$selinux_validatetrans(0xffffffffffffffff, &(0x7f0000001cc0)=ANY=[], 0x79)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='mpol=interleave,mpol=local'])
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
writev(r0, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193df163e75963f86ddf06712e9001c2f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f00000002c0)="8d09327c", 0x4}, {&(0x7f0000000300)="b03ef9880b815229ff28eac1d4f49bcad59f85c524", 0x15}], 0x3)

184.524456ms ago: executing program 2 (id=5828):
inotify_init1(0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580), &(0x7f00000005c0)=r2}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x129)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='mpol=interleave,mpol=local'])
open$dir(&(0x7f0000000000)='./file0/file0\x00', 0x101042, 0x1)

183.753716ms ago: executing program 2 (id=5829):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffdfffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x78)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x142000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000004c0)={0x53, 0xfffffffffffffffe, 0x6, 0x2, @scatter={0x1, 0xdd, &(0x7f0000000040)=[{&(0x7f0000000580)=""/226, 0x95}]}, &(0x7f00000000c0)="ff33501ef663", 0x0, 0x840804, 0x10032, 0x1000, 0x0})
socket$kcm(0x10, 0x400000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="040300000900000000000000000000008500000023"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x2e, 0x0, "8ddbb51a3cfd954e41e8ccb21f650fa6a867fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71bc4b828c7de258b6b9ca1fc52bcc83e2a016a"}, 0xd8)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000400))
timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r6 = fcntl$dupfd(r5, 0x0, r5)
read$snapshot(r6, 0x0, 0xffffffbf)

94.290948ms ago: executing program 1 (id=5830):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xfd, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)

93.991698ms ago: executing program 1 (id=5831):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000001480)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
r3 = socket$inet6(0x10, 0x3, 0x0)
r4 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r4, &(0x7f00000004c0)="900000001c001f4d154a817393278bff0a80a578020000000109000014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4", 0x7e, 0x48800, 0x0, 0x0)
sendto$inet6(r3, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x44010, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0xa, 0x510, 0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0xa, 0x0, 0x1, 0x7, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0x5, 0xffffffffffffffff, 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x29cc, 0x10100}, 0x0, 0x0)
r6 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r6, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x10003, 0x0, 0xd7c4, 0xfffffff9}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
write(0xffffffffffffffff, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000001d00000000000000080009000d000000", 0x24)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2}}}}}, 0x0)

0s ago: executing program 1 (id=5832):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x100)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=0x0, @ANYRES32=r0, @ANYRESHEX=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = dup(0xffffffffffffffff)
sendmsg$tipc(r2, 0x0, 0x8001)
write$UHID_INPUT(r2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c71756965742c6e6f646f74732c666c7573682c756d61736b3d30303030303030303030303030303030303030303030302c646f74732c646f74732c756d61736b3d30303030303030303030303030303030303037373737372c6e66732c646f74732c747a3d5554432c646f74732c646f74732c6e6f636173652c7379735f696d6d757461626c652c646f74732c00f8a7354494367fe599abb0e9fee8f6cdbd4415cc7bc52b6352f54afc78e51de6b37ae8efbdfe1689a174697f9528b4217d017a472c4c8e00a5cdd06438f130234c66db3e61a4ea6b90f67ddc19c74c6ac93054e1668cf0ff55fdebea678f16269706271797abeebc6b043e549356dfa4c7e8b4e091a7a6cfc601e4e66e509afea6dcc9d274ab27afd6f183050075b86a3ffc8dfcd249c141fd90a5331224d62867d9b87a8e7d0cf56567584e7adde32f223d2a9bd69b39c51152b3a827f49a0f7e23d51ac4128630c7668a0b38090b5c86636aee6face102356400fbbd"], 0xfd, 0x1bf, &(0x7f0000000480)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
mkdir(&(0x7f0000000180)='./bus\x00', 0x1b8)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000fc0)={[{@data_ordered}, {@nouser_xattr}, {@init_itable}, {@bsdgroups}, {@nodioread_nolock}, {@min_batch_time={'min_batch_time', 0x3d, 0xa00000}}]}, 0xfd, 0x50f, &(0x7f0000000a00)="$eJzs3cFvI1cZAPDPTuw42bRJSw+AoF3awoJW6yTeNqp6gHJCCFVC9AjSNiTeKIodR7FTmrAS6ZkrEpU4wZE/gHNP3LkguHEpB6QCEahB4mA04/Guk7U3YZPYafz7SaN5M2/i7714573159gvgLF1MyIOIqIYEe9GxFx2Ppdt8VZnS6779PDB6tHhg9VctNvv/COX1ifnoudnEjeyxyxFxA++E/Hj3ONxm3v7myu1WnUnO15o1bcXmnv7dzbqK+vV9epWpbK8tLz4xt3XKxfW15fqxaz05Y//cPCNnybNmu2cKEZPPy5Sp+uFbpzUZER87zKCjcBE1p/iqBvCU8lHxPMR8XJ6/8/FRPpsAgDXWbs9F+253mMA4LrLpzmwXL6c5QJmI58vlzs5vBdiJl9rNFu37zd2t9Y6ubL5KOTvb9Sqi1mucD4KueR4KS0/Oq6cOL4bEc9FxC+mptPj8mqjtjbK//gAwBi7cWL+//dUZ/4HAK650qgbAAAMnfkfAMaP+R8Axo/5HwDGT2f+nx51MwCAIfL6HwDGj/kfAMbK999+O9naR9n3X6+9t7e72Xjvzlq1uVmu766WVxs72+X1RmM9/c6e+mmPV2s0tpdei93357+53WwtNPf279Ubu1ute+n3et+rFtKrDobQMwBgkOde+ujPuWRGfnM63aJnLYfCSFsGXLb8qBsAjMzEqBsAjIzVvmB8neM1vvQAXBN9lug9ptTvA0Ltdrt9eU0CLtmtL8j/w7jqyf/7K2AYM/L/ML7k/2F8tdu5s675H2e9EAC42uT4gQHv/z+f7X+bvTnwo7WTV3x4ma0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAq627/m85Wwt8NvL5cjnimYiYj0Lu/katuhgRz0bEn6YKU8nx0ojbDACcV/5vuWz9r1tzr84eq3rxxsNiMSJ+8qt3fvn+Squ188eIYu6fU93zrQ+z85Xhtx4AOF13nk73PS/kPz18sNrdhtmeT74dEaVO/KPDYhw9jD8Zk+m+FIWImPlXLibjZw9/LteTuziPgw8i4vP9+p+L2TQH0ln5tBP/kST2M0ONnz8WP5/WdfbJ7+Jz/3fk6QtoPXy2fZSMP2/1u//ycTPd97//S+kIdX7Z+Jc81OpROgY+it8d/yb6xE/u+ZtnjfHa77/bKT1+z3/yQcQXJyO6sY96xp9u/NyA+K+eMf5fvvTiy4Pq2r+OuBX94/fGWmjVtxeae/t3Nuor69X16lalsry0vPjG3dcrC2mOemHwbPD3N28/O6gu6f9MFn8qjscvndL/r3aKpw6kv/nvuz/8yhPif/2Vfv3PxwtPiJ/MiV87LXBmZeZ3pUF1Sfy1Ab//057/22eM//Ff9x9bNhwAGJ3m3v7mSq1W3VFQuPqF5J/sFWhG38K3hhWrGP2rfv5K554+UdVuP1WsQSPGRWTdgKsgu+nT9/L/M+rGAAAAAAAAAAAAAAAAfQ3jE0uj7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//55ZzBM=")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
r3 = socket$caif_seqpacket(0x25, 0x5, 0x3)
sendmmsg$sock(r3, &(0x7f0000000cc0)=[{{&(0x7f00000003c0)=@ieee802154={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0202}}}, 0x80, &(0x7f0000000000), 0x0, &(0x7f00000007c0)}}, {{0x0, 0x0, &(0x7f0000000b80)=[{0x0}, {0x0}, {&(0x7f0000000b40)}], 0x3}}], 0x2, 0x0)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x700, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000"], 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000bc0)=@delchain={0x40, 0x65, 0x2, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x2}, @filter_kind_options=@f_bpf={{0x8}, {0xc, 0x2, [@TCA_BPF_FD={0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b100bf800", 0x33fe0}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r6, 0x0, 0x40000000, 0x0)

kernel console output (not intermixed with test programs):

8d6df
[  375.432062][T19892] RDX: 0000000000000001 RSI: 00007f13981ef0a0 RDI: 0000000000000003
[  375.432072][T19892] RBP: 00007f13981ef090 R08: 0000000000000000 R09: 0000000000000000
[  375.432085][T19892] R10: 0000000000000072 R11: 0000000000000293 R12: 0000000000000001
[  375.432151][T19892] R13: 00007f13999d6038 R14: 00007f13999d5fa0 R15: 00007ffe92f9ced8
[  375.432167][T19892]  </TASK>
[  375.824078][T19903] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5229'.
[  375.847968][T19738] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  375.868796][T19738] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  375.887207][T19738] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  375.902711][T19738] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  376.049531][T19738] 8021q: adding VLAN 0 to HW filter on device bond0
[  376.087025][T19738] 8021q: adding VLAN 0 to HW filter on device team0
[  376.106405][T19919] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5233'.
[  376.120049][T12102] bridge0: port 1(bridge_slave_0) entered blocking state
[  376.127201][T12102] bridge0: port 1(bridge_slave_0) entered forwarding state
[  376.161170][T19738] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  376.171682][T19738] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  376.198152][T12102] bridge0: port 2(bridge_slave_1) entered blocking state
[  376.205386][T12102] bridge0: port 2(bridge_slave_1) entered forwarding state
[  376.297332][T19924] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5234'.
[  376.329348][T19738] 8021q: adding VLAN 0 to HW filter on device batadv0
[  376.509174][T19738] veth0_vlan: entered promiscuous mode
[  376.523242][T19945] loop8: detected capacity change from 0 to 512
[  376.524725][T19738] veth1_vlan: entered promiscuous mode
[  376.551193][T19738] veth0_macvtap: entered promiscuous mode
[  376.558453][T19945] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  376.560989][T19738] veth1_macvtap: entered promiscuous mode
[  376.577948][T19932] tipc: Started in network mode
[  376.580762][T19945] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  376.582892][T19932] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  376.599308][T19945] EXT4-fs (loop8): 1 truncate cleaned up
[  376.607270][T19932] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  376.614688][T19945] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.620233][T19932] tipc: Enabled bearer <udp:syz1>, priority 10
[  376.639954][T19947] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5240'.
[  376.672759][T19738] batman_adv: batadv0: Interface activated: batadv_slave_0
[  376.687351][T19738] batman_adv: batadv0: Interface activated: batadv_slave_1
[  376.699025][T12102] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  376.708544][T12102] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  376.771301][T19954] loop4: detected capacity change from 0 to 4096
[  376.778801][T19954] EXT4-fs: Ignoring removed nomblk_io_submit option
[  376.794532][T12102] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  376.804824][T19954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.853601][T12102] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  377.290279][T19970] loop2: detected capacity change from 0 to 1024
[  377.306505][T19971] loop1: detected capacity change from 0 to 128
[  377.339355][T19971] FAT-fs (loop1): bogus logical sector size 65535
[  377.345975][T19971] FAT-fs (loop1): Can't find a valid FAT filesystem
[  377.354258][T16717] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.368155][T19970] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  377.386434][T19970] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  377.398680][T19971] loop1: detected capacity change from 0 to 512
[  377.413109][T19975] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  377.413109][T19975]    program syz.8.5245 not setting count and/or reply_len properly
[  377.415564][T18384] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.441832][T19975] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5245'.
[  377.477081][T19738] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  377.506357][T19971] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  377.514609][T19971] EXT4-fs (loop1): orphan cleanup on readonly fs
[  377.577395][T19971] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.5243: corrupted inode contents
[  377.605358][T19971] EXT4-fs (loop1): Remounting filesystem read-only
[  377.610385][   T29] kauditd_printk_skb: 92 callbacks suppressed
[  377.610399][   T29] audit: type=1326 audit(1758310953.535:21765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19985 comm="syz.9.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  377.611972][T19971] EXT4-fs (loop1): 1 truncate cleaned up
[  377.618159][ T3406] tipc: Node number set to 1
[  377.649244][T19988] FAULT_INJECTION: forcing a failure.
[  377.649244][T19988] name failslab, interval 1, probability 0, space 0, times 0
[  377.654861][   T29] audit: type=1326 audit(1758310953.575:21766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19985 comm="syz.9.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  377.664714][T19988] CPU: 0 UID: 0 PID: 19988 Comm: syz.9.5250 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  377.664783][T19988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  377.664801][T19988] Call Trace:
[  377.664807][T19988]  <TASK>
[  377.664815][T19988]  __dump_stack+0x1d/0x30
[  377.664841][T19988]  dump_stack_lvl+0xe8/0x140
[  377.664860][T19988]  dump_stack+0x15/0x1b
[  377.664924][T19988]  should_fail_ex+0x265/0x280
[  377.664947][T19988]  ? audit_log_d_path+0x8d/0x150
[  377.665089][T19988]  should_failslab+0x8c/0xb0
[  377.665113][T19988]  __kmalloc_cache_noprof+0x4c/0x320
[  377.665143][T19988]  audit_log_d_path+0x8d/0x150
[  377.665172][T19988]  audit_log_d_path_exe+0x42/0x70
[  377.665291][T19988]  audit_log_task+0x1e9/0x250
[  377.665319][T19988]  audit_seccomp+0x61/0x100
[  377.665372][T19988]  ? __seccomp_filter+0x68c/0x10d0
[  377.665393][T19988]  __seccomp_filter+0x69d/0x10d0
[  377.665452][T19988]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  377.665478][T19988]  ? vfs_write+0x7e8/0x960
[  377.665499][T19988]  ? __rcu_read_unlock+0x4f/0x70
[  377.665594][T19988]  ? __fget_files+0x184/0x1c0
[  377.665652][T19988]  __secure_computing+0x82/0x150
[  377.665673][T19988]  syscall_trace_enter+0xcf/0x1e0
[  377.665698][T19988]  do_syscall_64+0xac/0x200
[  377.665728][T19988]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  377.665881][T19988]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  377.665932][T19988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.665982][T19988] RIP: 0033:0x7f139978ec29
[  377.665998][T19988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.666015][T19988] RSP: 002b:00007f13981ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b5
[  377.666033][T19988] RAX: ffffffffffffffda RBX: 00007f13999d5fa0 RCX: 00007f139978ec29
[  377.666046][T19988] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  377.666059][T19988] RBP: 00007f13981ef090 R08: 0000000000000000 R09: 0000000000000000
[  377.666072][T19988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.666152][T19988] R13: 00007f13999d6038 R14: 00007f13999d5fa0 R15: 00007ffe92f9ced8
[  377.666173][T19988]  </TASK>
[  377.904306][   T29] audit: type=1326 audit(1758310953.575:21767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19985 comm="syz.9.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  377.927938][   T29] audit: type=1326 audit(1758310953.575:21768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19985 comm="syz.9.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  377.951521][   T29] audit: type=1326 audit(1758310953.575:21769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19985 comm="syz.9.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  377.975523][   T29] audit: type=1326 audit(1758310953.575:21770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19985 comm="syz.9.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  377.999075][   T29] audit: type=1326 audit(1758310953.575:21771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19985 comm="syz.9.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f139978d590 code=0x7ffc0000
[  378.022678][   T29] audit: type=1326 audit(1758310953.575:21772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19985 comm="syz.9.5250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f139978d6df code=0x7ffc0000
[  378.150519][T19984] loop4: detected capacity change from 0 to 8192
[  378.419425][T19991] netlink: 32 bytes leftover after parsing attributes in process `syz.9.5251'.
[  378.516932][T19995] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  378.516932][T19995]    program syz.2.5253 not setting count and/or reply_len properly
[  378.554751][T19995] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5253'.
[  378.604560][T19999] loop9: detected capacity change from 0 to 128
[  378.618422][T12109] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  378.629058][T12109] Quota error (device loop1): write_blk: dquota write failed
[  378.636472][T12109] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[  378.646490][T12109] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  378.660958][T19999] FAT-fs (loop9): bogus logical sector size 65535
[  378.667535][T19999] FAT-fs (loop9): Can't find a valid FAT filesystem
[  378.683994][T19999] loop9: detected capacity change from 0 to 512
[  378.707824][T12109] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  378.787081][T20005] infiniband syz1: set active
[  378.791925][T20005] infiniband syz1: added bridge0
[  378.799266][T19999] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  378.807972][T19971] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  378.822626][T19999] EXT4-fs (loop9): orphan cleanup on readonly fs
[  378.848263][T20005] RDS/IB: syz1: added
[  378.857900][T19999] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #16: comm syz.9.5255: corrupted inode contents
[  378.871979][T20005] smc: adding ib device syz1 with port count 1
[  378.879038][T19971] netlink: 256 bytes leftover after parsing attributes in process `syz.1.5243'.
[  378.900668][T20005] smc:    ib device syz1 port 1 has pnetid 
[  378.909039][T19999] EXT4-fs (loop9): Remounting filesystem read-only
[  378.919446][T19999] EXT4-fs (loop9): 1 truncate cleaned up
[  378.956827][T13287] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.208727][T20023] loop4: detected capacity change from 0 to 2048
[  379.237590][T20023] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a842c018, mo2=0002]
[  379.246055][T20023] System zones: 0-7
[  379.250685][T20023] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  379.355632][T12102] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  379.366201][T12102] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  379.378282][T12102] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  379.389168][T19999] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  380.199363][T20026] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  380.235449][T19999] netlink: 256 bytes leftover after parsing attributes in process `syz.9.5255'.
[  380.250954][T18384] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  380.310576][T16479] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.469601][T20045] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5270'.
[  380.486925][T20043] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5269'.
[  380.511263][T20049] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5267'.
[  380.530718][T20043] loop2: detected capacity change from 0 to 512
[  380.575286][T20043] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.5269: iget: bad extended attribute block 1
[  380.588630][T20043] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5269: couldn't read orphan inode 15 (err -117)
[  380.601711][T20043] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  380.631710][T20056] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5274'.
[  380.652870][T20063] 9pnet_fd: Insufficient options for proto=fd
[  380.752213][T20071] loop8: detected capacity change from 0 to 512
[  380.759216][T20071] EXT4-fs: Ignoring removed nomblk_io_submit option
[  380.778928][T20071] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2
[  380.787830][T20071] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  380.803379][T20071] EXT4-fs (loop8): Remounting filesystem read-only
[  380.810085][T20071] EXT4-fs (loop8): 1 truncate cleaned up
[  380.816407][T20071] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.894934][T20073] loop1: detected capacity change from 0 to 128
[  380.902529][T20073] FAT-fs (loop1): bogus logical sector size 65535
[  380.909050][T20073] FAT-fs (loop1): Can't find a valid FAT filesystem
[  380.968673][T19738] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.001225][T20073] loop1: detected capacity change from 0 to 512
[  381.037563][T20075] bond1: entered promiscuous mode
[  381.042699][T20075] bond1: entered allmulticast mode
[  381.050824][T20073] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  381.059523][T20075] 8021q: adding VLAN 0 to HW filter on device bond1
[  381.061906][T20073] EXT4-fs (loop1): orphan cleanup on readonly fs
[  381.083261][T20073] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.5278: corrupted inode contents
[  381.100059][T20075] bond1 (unregistering): Released all slaves
[  381.107207][T20073] EXT4-fs (loop1): Remounting filesystem read-only
[  381.114067][T20073] EXT4-fs (loop1): 1 truncate cleaned up
[  381.120004][T12109] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  381.130750][T12109] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  381.142531][T12109] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  381.153574][T20073] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  381.183307][T20073] netlink: 256 bytes leftover after parsing attributes in process `syz.1.5278'.
[  381.205881][T20088] loop2: detected capacity change from 0 to 1024
[  381.215181][T13287] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.224273][T20088] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  381.237421][T20088] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  381.271371][T19738] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  381.338248][T20097] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  381.338248][T20097]    program syz.1.5285 not setting count and/or reply_len properly
[  381.363289][T20095] SELinux:  Context system_u:object_r:syslogd_var_lib_t:s0 is not valid (left unmapped).
[  381.375264][T16717] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.425645][T20101] loop9: detected capacity change from 0 to 512
[  381.432393][T20101] journal_path: Non-blockdev passed as './file0'
[  381.438826][T20101] EXT4-fs: error: could not find journal device path
[  381.500524][T20114] veth0_vlan: left promiscuous mode
[  381.506258][T20114] veth0_vlan: entered allmulticast mode
[  381.509222][T20119] loop8: detected capacity change from 0 to 512
[  381.518750][T20114] veth0_vlan: entered promiscuous mode
[  381.535487][T20115] loop2: detected capacity change from 0 to 128
[  381.542340][T20115] FAT-fs (loop2): bogus logical sector size 65535
[  381.548877][T20115] FAT-fs (loop2): Can't find a valid FAT filesystem
[  381.566586][T20119] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  381.579253][T20119] EXT4-fs (loop8): 1 truncate cleaned up
[  381.585901][T20119] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.606644][T20122] loop4: detected capacity change from 0 to 512
[  381.621954][T20115] loop2: detected capacity change from 0 to 512
[  381.628400][T20122] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  381.665950][T20115] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  381.674074][T20115] EXT4-fs (loop2): orphan cleanup on readonly fs
[  381.682115][T20122] EXT4-fs (loop4): 1 truncate cleaned up
[  381.697455][T20122] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.711869][T20115] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5294: corrupted inode contents
[  381.725644][T20131] loop1: detected capacity change from 0 to 128
[  381.733449][T20119] ------------[ cut here ]------------
[  381.739197][T20119] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x0, 0x7800000000] s64=[0x0, 0xffffffffffffffff] u32=[0x80000000, 0x0] s32=[0x0, 0xffffffff] var_off=(0x0, 0x7800000000)(1)
[  381.759539][T20119] WARNING: CPU: 1 PID: 20119 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0x673/0x680
[  381.769914][T20119] Modules linked in:
[  381.773900][T20119] CPU: 1 UID: 0 PID: 20119 Comm: syz.8.5296 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  381.783790][T20119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  381.793883][T20119] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[  381.795937][T20131] FAT-fs (loop1): bogus logical sector size 65535
[  381.800291][T20119] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 c2 81 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[  381.806731][T20131] FAT-fs (loop1): Can't find a valid FAT filesystem
[  381.826361][T20119] RSP: 0018:ffffc9000277f440 EFLAGS: 00010292
[  381.839036][T20119] RAX: 40bfdfc59d2d2b00 RBX: ffff88811d7a2840 RCX: 0000000000080000
[  381.841160][T20115] EXT4-fs (loop2): Remounting filesystem read-only
[  381.847038][T20119] RDX: ffffc9000f1dd000 RSI: 000000000002b6bf RDI: 000000000002b6c0
[  381.847055][T20119] RBP: 0000000000000000 R08: 0001c9000277f27f R09: 0000000000000000
[  381.847068][T20119] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811d7a2800
[  381.847080][T20119] R13: ffff888143078000 R14: ffff888143078000 R15: ffff88811d7a2838
[  381.847091][T20119] FS:  00007f036519f6c0(0000) GS:ffff8882aef40000(0000) knlGS:0000000000000000
[  381.853852][T20115] EXT4-fs (loop2): 1 truncate cleaned up
[  381.861771][T20119] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  381.906920][T20119] CR2: 0000000000000000 CR3: 0000000144828000 CR4: 00000000003506f0
[  381.914921][T20119] DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000
[  381.922901][T20119] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  381.930900][T20119] Call Trace:
[  381.934174][T20119]  <TASK>
[  381.937133][T20119]  reg_set_min_max+0x1eb/0x260
[  381.942071][T20119]  check_cond_jmp_op+0x1080/0x16e0
[  381.947266][T20119]  do_check+0x332a/0x7a10
[  381.951634][T20119]  do_check_common+0xc3a/0x12a0
[  381.956538][T20119]  bpf_check+0x942b/0xd9e0
[  381.960979][T20119]  ? __rcu_read_unlock+0x4f/0x70
[  381.966032][T20119]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  381.972135][T20119]  ? alloc_pages_bulk_noprof+0x4b8/0x540
[  381.977876][T20119]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[  381.983805][T20119]  ? pcpu_block_update+0x232/0x3b0
[  381.988955][T20119]  ? pcpu_block_update_hint_alloc+0x636/0x660
[  381.995050][T20119]  ? css_rstat_updated+0xb7/0x240
[  382.000092][T20119]  ? __rcu_read_unlock+0x4f/0x70
[  382.005083][T20119]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[  382.005234][T17795] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  382.010918][T20119]  ? selinux_bpf_prog_load+0x36/0xf0
[  382.010948][T20119]  ? __kmalloc_cache_noprof+0x299/0x320
[  382.021451][T17795] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  382.026748][T20119]  ? selinux_bpf_prog_load+0xbf/0xf0
[  382.032494][T17795] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  382.042779][T20119]  ? security_bpf_prog_load+0x2c/0xa0
[  382.048893][T20115] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  382.058307][T20119]  bpf_prog_load+0xedd/0x1070
[  382.058417][T20119]  ? security_bpf+0x2b/0x90
[  382.058437][T20119]  __sys_bpf+0x462/0x7b0
[  382.089728][T20119]  __x64_sys_bpf+0x41/0x50
[  382.094202][T20119]  x64_sys_call+0x2aea/0x2ff0
[  382.098994][T20119]  do_syscall_64+0xd2/0x200
[  382.103561][T20119]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  382.109509][T20119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.115439][T20119] RIP: 0033:0x7f036673ec29
[  382.119938][T20119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.139835][T20119] RSP: 002b:00007f036519f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  382.148435][T20119] RAX: ffffffffffffffda RBX: 00007f0366985fa0 RCX: 00007f036673ec29
[  382.149029][T20131] loop1: detected capacity change from 0 to 512
[  382.156484][T20119] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  382.156551][T20119] RBP: 00007f03667c1e41 R08: 0000000000000000 R09: 0000000000000000
[  382.178705][T20119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  382.186703][T20119] R13: 00007f0366986038 R14: 00007f0366985fa0 R15: 00007ffddc5f0858
[  382.194709][T20119]  </TASK>
[  382.197729][T20119] ---[ end trace 0000000000000000 ]---
[  382.211289][T20131] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  382.220086][T20131] EXT4-fs (loop1): orphan cleanup on readonly fs
[  382.243835][T20143] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  382.243835][T20143]    program syz.9.5300 not setting count and/or reply_len properly
[  382.253444][T20131] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.5299: corrupted inode contents
[  382.272841][T20131] EXT4-fs (loop1): Remounting filesystem read-only
[  382.279615][T20131] EXT4-fs (loop1): 1 truncate cleaned up
[  382.290648][T17795] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  382.301443][T17795] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  382.312318][T17795] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  382.312638][T19738] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.325192][T16717] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.332287][T20131] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  382.415640][T18384] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.428466][T13287] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.454835][T20161] FAULT_INJECTION: forcing a failure.
[  382.454835][T20161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  382.468156][T20161] CPU: 0 UID: 0 PID: 20161 Comm: syz.4.5305 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  382.468191][T20161] Tainted: [W]=WARN
[  382.468198][T20161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  382.468211][T20161] Call Trace:
[  382.468218][T20161]  <TASK>
[  382.468228][T20161]  __dump_stack+0x1d/0x30
[  382.468250][T20161]  dump_stack_lvl+0xe8/0x140
[  382.468302][T20161]  dump_stack+0x15/0x1b
[  382.468319][T20161]  should_fail_ex+0x265/0x280
[  382.468344][T20161]  should_fail+0xb/0x20
[  382.468421][T20161]  should_fail_usercopy+0x1a/0x20
[  382.468443][T20161]  strncpy_from_user+0x25/0x230
[  382.468586][T20161]  ? __fget_files+0x184/0x1c0
[  382.468684][T20161]  __se_sys_request_key+0x57/0x290
[  382.468704][T20161]  ? fput+0x8f/0xc0
[  382.468748][T20161]  __x64_sys_request_key+0x55/0x70
[  382.468770][T20161]  x64_sys_call+0x1d98/0x2ff0
[  382.468811][T20161]  do_syscall_64+0xd2/0x200
[  382.468900][T20161]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  382.468922][T20161]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  382.468962][T20161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.468984][T20161] RIP: 0033:0x7f493bbeec29
[  382.469056][T20161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.469075][T20161] RSP: 002b:00007f493a657038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  382.469095][T20161] RAX: ffffffffffffffda RBX: 00007f493be35fa0 RCX: 00007f493bbeec29
[  382.469108][T20161] RDX: 0000200000000140 RSI: 0000200000000080 RDI: 0000200000000040
[  382.469119][T20161] RBP: 00007f493a657090 R08: 0000000000000000 R09: 0000000000000000
[  382.469130][T20161] R10: fffffffffffffffe R11: 0000000000000246 R12: 0000000000000001
[  382.469140][T20161] R13: 00007f493be36038 R14: 00007f493be35fa0 R15: 00007fffb84377a8
[  382.469226][T20161]  </TASK>
[  382.659715][   T29] kauditd_printk_skb: 297 callbacks suppressed
[  382.659727][   T29] audit: type=1400 audit(1758310958.395:22042): avc:  denied  { read } for  pid=20162 comm="syz.2.5308" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  382.662519][T20165] loop1: detected capacity change from 0 to 512
[  382.666126][   T29] audit: type=1400 audit(1758310958.395:22043): avc:  denied  { open } for  pid=20162 comm="syz.2.5308" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  382.729733][T20168] loop8: detected capacity change from 0 to 1024
[  382.729940][T20165] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  382.746704][   T29] audit: type=1326 audit(1758310958.645:22044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20162 comm="syz.2.5308" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb846dcec29 code=0x0
[  382.772450][T20165] EXT4-fs (loop1): 1 truncate cleaned up
[  382.778846][T20165] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  382.796985][T20168] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  382.824977][T20168] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  382.838950][   T29] audit: type=1326 audit(1758310958.765:22045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20181 comm="syz.9.5313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  382.867076][   T29] audit: type=1326 audit(1758310958.785:22046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20181 comm="syz.9.5313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  382.890717][   T29] audit: type=1326 audit(1758310958.785:22047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20181 comm="syz.9.5313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  382.914315][   T29] audit: type=1326 audit(1758310958.785:22048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20181 comm="syz.9.5313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  382.917112][T20183] __nla_validate_parse: 6 callbacks suppressed
[  382.917155][T20183] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5312'.
[  382.937992][   T29] audit: type=1326 audit(1758310958.785:22049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20181 comm="syz.9.5313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  382.938023][   T29] audit: type=1326 audit(1758310958.785:22050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20181 comm="syz.9.5313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  382.960835][T20165] xt_HMARK: proto mask must be zero with L3 mode
[  382.977136][   T29] audit: type=1326 audit(1758310958.785:22051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20181 comm="syz.9.5313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  383.031490][T16717] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  383.071509][T20188] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  383.071509][T20188]    program syz.8.5315 not setting count and/or reply_len properly
[  383.113327][T20188] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5315'.
[  383.171776][T20194] loop2: detected capacity change from 0 to 128
[  383.202695][T20200] netlink: 20 bytes leftover after parsing attributes in process `syz.9.5322'.
[  383.388224][T20211] loop9: detected capacity change from 0 to 1024
[  383.402736][T13287] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.416633][T20211] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  383.429642][T20211] ext4 filesystem being mounted at /257/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  383.492922][T20218] loop1: detected capacity change from 0 to 4096
[  383.654113][T16479] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  383.694210][T20218] EXT4-fs: Ignoring removed nomblk_io_submit option
[  383.812051][T20218] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.851598][T20227] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  383.851598][T20227]    program syz.9.5330 not setting count and/or reply_len properly
[  383.883411][T20218] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5329'.
[  383.893636][T20227] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5330'.
[  384.011759][T20245] loop2: detected capacity change from 0 to 128
[  384.029497][T20245] FAT-fs (loop2): bogus logical sector size 65535
[  384.036003][T20245] FAT-fs (loop2): Can't find a valid FAT filesystem
[  384.111052][T20245] loop2: detected capacity change from 0 to 512
[  384.170832][T20245] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  384.192746][T20245] EXT4-fs (loop2): orphan cleanup on readonly fs
[  384.202534][T20256] loop9: detected capacity change from 0 to 128
[  384.223307][T20256] FAT-fs (loop9): bogus logical sector size 65535
[  384.229967][T20256] FAT-fs (loop9): Can't find a valid FAT filesystem
[  384.248503][T20245] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5338: corrupted inode contents
[  384.271850][T20256] loop9: detected capacity change from 0 to 512
[  384.280914][T20245] EXT4-fs (loop2): Remounting filesystem read-only
[  384.296204][T20245] EXT4-fs (loop2): 1 truncate cleaned up
[  384.304712][T12102] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  384.315360][T12102] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  384.327531][T12102] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  384.339056][T20245] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  384.351866][T20256] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  384.361596][T20256] EXT4-fs (loop9): orphan cleanup on readonly fs
[  384.378684][T20256] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #16: comm syz.9.5342: corrupted inode contents
[  384.393478][T20256] EXT4-fs (loop9): Remounting filesystem read-only
[  384.401156][T20256] EXT4-fs (loop9): 1 truncate cleaned up
[  384.408047][T12080] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  384.419084][T12080] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  384.430769][T20245] netlink: 256 bytes leftover after parsing attributes in process `syz.2.5338'.
[  384.448028][T20275] netlink: 96 bytes leftover after parsing attributes in process `syz.8.5347'.
[  384.459533][T12080] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  384.471540][T20275] loop8: detected capacity change from 0 to 512
[  384.480294][T20256] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  384.485156][T13287] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.503504][T20275] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #15: comm syz.8.5347: iget: bad extended attribute block 1
[  384.516988][T19738] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.519133][T20256] netlink: 256 bytes leftover after parsing attributes in process `syz.9.5342'.
[  384.535750][T20275] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.5347: couldn't read orphan inode 15 (err -117)
[  384.556366][T20282] netlink: 'syz.1.5348': attribute type 1 has an invalid length.
[  384.574882][T20282] loop1: detected capacity change from 0 to 2048
[  384.581696][T20282] EXT4-fs: Ignoring removed nomblk_io_submit option
[  384.592106][T20275] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.604821][T16479] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.605692][T20282] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  384.692956][T13287] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.704711][T16717] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.824547][   T23] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  384.834661][   T23] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  384.858396][T20306] loop8: detected capacity change from 0 to 512
[  384.868592][T20306] EXT4-fs error (device loop8): ext4_xattr_inode_iget:442: comm +}[@: error while reading EA inode 32 err=-116
[  384.883536][T20310] loop9: detected capacity change from 0 to 2048
[  384.892445][T20306] EXT4-fs error (device loop8): ext4_xattr_inode_iget:442: comm +}[@: error while reading EA inode 32 err=-116
[  384.914850][T20306] EXT4-fs (loop8): 1 orphan inode deleted
[  384.921300][T20306] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.949202][T20306] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.139796][T20349] loop4: detected capacity change from 0 to 128
[  385.146812][T20349] FAT-fs (loop4): bogus logical sector size 65535
[  385.153263][T20349] FAT-fs (loop4): Can't find a valid FAT filesystem
[  385.164487][T20353] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5 sclass=netlink_route_socket pid=20353 comm=syz.9.5374
[  385.183234][T20351] loop9: detected capacity change from 0 to 1059
[  385.194062][T20349] loop4: detected capacity change from 0 to 512
[  385.201808][T20351] EXT4-fs: Ignoring removed bh option
[  385.207673][T20351] EXT4-fs: inline encryption not supported
[  385.214156][T20349] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  385.222605][T20349] EXT4-fs (loop4): orphan cleanup on readonly fs
[  385.229080][T20351] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  385.238407][T20351] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  385.251255][T20349] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.5375: corrupted inode contents
[  385.263772][T20351] EXT4-fs warning (device loop9): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  385.281307][T20349] EXT4-fs (loop4): Remounting filesystem read-only
[  385.288753][T20349] EXT4-fs (loop4): 1 truncate cleaned up
[  385.294723][T12080] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  385.294772][T20351] EXT4-fs (loop9): mount failed
[  385.305371][T12080] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  385.310321][T20361] rdma_op ffff888119934580 conn xmit_rdma 0000000000000000
[  385.327990][T12080] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  385.341147][T20349] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  385.358342][T20358] loop1: detected capacity change from 0 to 512
[  385.368596][T20349] netlink: 256 bytes leftover after parsing attributes in process `syz.4.5375'.
[  385.378891][T20358] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  385.387363][T20358] EXT4-fs (loop1): orphan cleanup on readonly fs
[  385.393995][T20358] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  385.409769][T20358] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  385.417368][T20358] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #16: comm syz.1.5377: casefold flag without casefold feature
[  385.430565][T18384] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.430793][T20358] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.5377: couldn't read orphan inode 16 (err -117)
[  385.452526][T20358] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  385.479049][T20369] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5378'.
[  385.500995][T13287] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.619979][T20385] loop1: detected capacity change from 0 to 512
[  385.635773][T20385] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.5385: iget: bad extended attribute block 1
[  385.649605][T20385] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.5385: couldn't read orphan inode 15 (err -117)
[  385.652546][T20390] loop2: detected capacity change from 0 to 512
[  385.663198][T20385] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  385.681483][T20391] netlink: 'syz.4.5386': attribute type 30 has an invalid length.
[  385.696886][T20390] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.709722][T20390] ext4 filesystem being mounted at /27/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  385.724866][T20390] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.5387: corrupted inode contents
[  385.736932][T20390] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #2: comm syz.2.5387: mark_inode_dirty error
[  385.748562][T20390] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #2: comm syz.2.5387: corrupted inode contents
[  385.760702][T20390] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.5387: mark_inode_dirty error
[  385.803027][T13287] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.915793][T20406] loop8: detected capacity change from 0 to 2048
[  386.035180][T20416] loop2: detected capacity change from 0 to 1024
[  386.233205][T20423] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  386.406339][T20423] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 426 with error 28
[  386.418923][T20423] EXT4-fs (loop8): This should not happen!! Data will be lost
[  386.418923][T20423] 
[  386.428797][T20423] EXT4-fs (loop8): Total free blocks count 0
[  386.434881][T20423] EXT4-fs (loop8): Free/Dirty block details
[  386.440790][T20423] EXT4-fs (loop8): free_blocks=2415919104
[  386.446584][T20423] EXT4-fs (loop8): dirty_blocks=432
[  386.451867][T20423] EXT4-fs (loop8): Block reservation details
[  386.457891][T20423] EXT4-fs (loop8): i_reserved_data_blocks=27
[  386.541507][T20433] loop9: detected capacity change from 0 to 1024
[  386.549695][T20433] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  386.560598][T20433] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  386.571840][T20433] JBD2: no valid journal superblock found
[  386.577656][T20433] EXT4-fs (loop9): Could not load journal inode
[  386.772718][T20436] loop1: detected capacity change from 0 to 512
[  386.808103][T20436] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.5399: iget: bad extended attribute block 1
[  386.822499][T20431] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu) failed with errno=-22
[  386.824670][T20436] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.5399: couldn't read orphan inode 15 (err -117)
[  386.945969][T20452] loop4: detected capacity change from 0 to 1024
[  386.953081][T20452] EXT4-fs: Ignoring removed mblk_io_submit option
[  386.960324][T20452] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  386.984502][T17801] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  386.996908][T17801] EXT4-fs (loop8): This should not happen!! Data will be lost
[  386.996908][T17801] 
[  387.054432][T20463] loop4: detected capacity change from 0 to 512
[  387.068195][T20463] EXT4-fs: inline encryption not supported
[  387.074063][T20463] EXT4-fs: Ignoring removed mblk_io_submit option
[  387.080936][T20463] ext2: Unknown parameter 'uid<00000000000000000000'
[  387.166225][T20469] loop1: detected capacity change from 0 to 128
[  387.185901][T20469] FAT-fs (loop1): bogus logical sector size 65535
[  387.192357][T20469] FAT-fs (loop1): Can't find a valid FAT filesystem
[  387.204071][T20472] FAULT_INJECTION: forcing a failure.
[  387.204071][T20472] name failslab, interval 1, probability 0, space 0, times 0
[  387.218501][T20472] CPU: 0 UID: 0 PID: 20472 Comm: syz.8.5414 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  387.218534][T20472] Tainted: [W]=WARN
[  387.218542][T20472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  387.218554][T20472] Call Trace:
[  387.218561][T20472]  <TASK>
[  387.218568][T20472]  __dump_stack+0x1d/0x30
[  387.218591][T20472]  dump_stack_lvl+0xe8/0x140
[  387.218698][T20472]  dump_stack+0x15/0x1b
[  387.218713][T20472]  should_fail_ex+0x265/0x280
[  387.218735][T20472]  should_failslab+0x8c/0xb0
[  387.218761][T20472]  kmem_cache_alloc_node_noprof+0x57/0x320
[  387.218857][T20472]  ? __alloc_skb+0x101/0x320
[  387.218881][T20472]  __alloc_skb+0x101/0x320
[  387.218958][T20472]  netlink_alloc_large_skb+0xba/0xf0
[  387.218981][T20472]  netlink_sendmsg+0x3cf/0x6b0
[  387.219055][T20472]  ? __pfx_netlink_sendmsg+0x10/0x10
[  387.219083][T20472]  __sock_sendmsg+0x145/0x180
[  387.219115][T20472]  ____sys_sendmsg+0x31e/0x4e0
[  387.219175][T20472]  ___sys_sendmsg+0x17b/0x1d0
[  387.219217][T20472]  __x64_sys_sendmsg+0xd4/0x160
[  387.219249][T20472]  x64_sys_call+0x191e/0x2ff0
[  387.219314][T20472]  do_syscall_64+0xd2/0x200
[  387.219341][T20472]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  387.219372][T20472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.219419][T20472] RIP: 0033:0x7f036673ec29
[  387.219509][T20472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.219524][T20472] RSP: 002b:00007f036519f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  387.219541][T20472] RAX: ffffffffffffffda RBX: 00007f0366985fa0 RCX: 00007f036673ec29
[  387.219552][T20472] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000007
[  387.219605][T20472] RBP: 00007f036519f090 R08: 0000000000000000 R09: 0000000000000000
[  387.219616][T20472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.219628][T20472] R13: 00007f0366986038 R14: 00007f0366985fa0 R15: 00007ffddc5f0858
[  387.219649][T20472]  </TASK>
[  387.424205][T20469] loop1: detected capacity change from 0 to 512
[  387.448906][T20469] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  387.452159][T20477] FAULT_INJECTION: forcing a failure.
[  387.452159][T20477] name failslab, interval 1, probability 0, space 0, times 0
[  387.457381][T20469] EXT4-fs (loop1): orphan cleanup on readonly fs
[  387.469561][T20477] CPU: 0 UID: 0 PID: 20477 Comm: syz.8.5415 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  387.469589][T20477] Tainted: [W]=WARN
[  387.469596][T20477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  387.469607][T20477] Call Trace:
[  387.469615][T20477]  <TASK>
[  387.469623][T20477]  __dump_stack+0x1d/0x30
[  387.469644][T20477]  dump_stack_lvl+0xe8/0x140
[  387.469663][T20477]  dump_stack+0x15/0x1b
[  387.469679][T20477]  should_fail_ex+0x265/0x280
[  387.469702][T20477]  should_failslab+0x8c/0xb0
[  387.469725][T20477]  kmem_cache_alloc_noprof+0x50/0x310
[  387.469750][T20477]  ? vm_area_alloc+0x2c/0xb0
[  387.469778][T20477]  vm_area_alloc+0x2c/0xb0
[  387.469803][T20477]  mmap_region+0xaa2/0x1630
[  387.469846][T20477]  do_mmap+0x9b3/0xbe0
[  387.469877][T20477]  vm_mmap_pgoff+0x17a/0x2e0
[  387.469907][T20477]  ksys_mmap_pgoff+0xc2/0x310
[  387.469923][T20477]  ? __x64_sys_mmap+0x49/0x70
[  387.469952][T20477]  x64_sys_call+0x14a3/0x2ff0
[  387.469972][T20477]  do_syscall_64+0xd2/0x200
[  387.470000][T20477]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  387.470022][T20477]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  387.470048][T20477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.470067][T20477] RIP: 0033:0x7f036673ec63
[  387.470084][T20477] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  387.470099][T20477] RSP: 002b:00007f036519ed68 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  387.470117][T20477] RAX: ffffffffffffffda RBX: 00000000000005e9 RCX: 00007f036673ec63
[  387.470129][T20477] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  387.470140][T20477] RBP: 0000200000000f02 R08: 00000000ffffffff R09: 0000000000000000
[  387.470152][T20477] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000006
[  387.470164][T20477] R13: 00007f036519edec R14: 00007f036519edf0 R15: 00007ffddc5f0858
[  387.470182][T20477]  </TASK>
[  387.671653][T20469] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.5412: corrupted inode contents
[  387.683761][T20469] EXT4-fs (loop1): Remounting filesystem read-only
[  387.690518][T20469] EXT4-fs (loop1): 1 truncate cleaned up
[  387.699133][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  387.709809][   T12] __quota_error: 616 callbacks suppressed
[  387.709822][   T12] Quota error (device loop1): write_blk: dquota write failed
[  387.723480][   T12] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[  387.733555][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  387.744122][   T12] Quota error (device loop1): write_blk: dquota write failed
[  387.751793][   T12] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[  387.765153][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  387.775330][   T12] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  387.784238][   T29] audit: type=1326 audit(1758310963.695:22650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20482 comm="syz.9.5418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  387.808006][   T29] audit: type=1326 audit(1758310963.695:22651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20482 comm="syz.9.5418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  387.831614][   T29] audit: type=1326 audit(1758310963.695:22652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20482 comm="syz.9.5418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  387.855316][   T29] audit: type=1326 audit(1758310963.695:22653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20482 comm="syz.9.5418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  387.879002][   T29] audit: type=1326 audit(1758310963.695:22654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20482 comm="syz.9.5418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f139978ec29 code=0x7ffc0000
[  387.896842][T20488] random: crng reseeded on system resumption
[  387.909056][T20486] loop8: detected capacity change from 0 to 512
[  387.936071][T20486] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #15: comm syz.8.5417: iget: bad extended attribute block 1
[  387.955221][T20486] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.5417: couldn't read orphan inode 15 (err -117)
[  387.981922][T20469] __nla_validate_parse: 5 callbacks suppressed
[  387.981937][T20469] netlink: 256 bytes leftover after parsing attributes in process `syz.1.5412'.
[  388.016898][T20493] loop4: detected capacity change from 0 to 512
[  388.023490][T20493] EXT4-fs: Ignoring removed orlov option
[  388.025770][T20497] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5423'.
[  388.048922][T20497] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5423'.
[  388.060157][T20502] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5425'.
[  388.069894][T20502] 8021q: adding VLAN 0 to HW filter on device bond0
[  388.098339][T20493] ext4 filesystem being mounted at /129/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  388.113105][T20510] FAULT_INJECTION: forcing a failure.
[  388.113105][T20510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.126339][T20510] CPU: 1 UID: 0 PID: 20510 Comm: syz.8.5426 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  388.126371][T20510] Tainted: [W]=WARN
[  388.126379][T20510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  388.126391][T20510] Call Trace:
[  388.126425][T20510]  <TASK>
[  388.126433][T20510]  __dump_stack+0x1d/0x30
[  388.126455][T20510]  dump_stack_lvl+0xe8/0x140
[  388.126473][T20510]  dump_stack+0x15/0x1b
[  388.126490][T20510]  should_fail_ex+0x265/0x280
[  388.126531][T20510]  should_fail+0xb/0x20
[  388.126547][T20510]  should_fail_usercopy+0x1a/0x20
[  388.126669][T20510]  _copy_from_user+0x1c/0xb0
[  388.126717][T20510]  __copy_msghdr+0x244/0x300
[  388.126741][T20510]  ___sys_sendmsg+0x109/0x1d0
[  388.126780][T20510]  __x64_sys_sendmsg+0xd4/0x160
[  388.126821][T20510]  x64_sys_call+0x191e/0x2ff0
[  388.126839][T20510]  do_syscall_64+0xd2/0x200
[  388.126950][T20510]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  388.126975][T20510]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  388.127026][T20510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.127123][T20510] RIP: 0033:0x7f036673ec29
[  388.127138][T20510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.127220][T20510] RSP: 002b:00007f036519f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  388.127241][T20510] RAX: ffffffffffffffda RBX: 00007f0366985fa0 RCX: 00007f036673ec29
[  388.127309][T20510] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  388.127322][T20510] RBP: 00007f036519f090 R08: 0000000000000000 R09: 0000000000000000
[  388.127335][T20510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  388.127349][T20510] R13: 00007f0366986038 R14: 00007f0366985fa0 R15: 00007ffddc5f0858
[  388.127369][T20510]  </TASK>
[  388.313275][T20513] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  388.336490][T20493] netlink: 'syz.4.5422': attribute type 4 has an invalid length.
[  388.337149][T20513] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  388.347305][T20493] netlink: 'syz.4.5422': attribute type 4 has an invalid length.
[  388.388472][T20515] loop8: detected capacity change from 0 to 128
[  388.399744][T20515] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  388.407635][T20515] FAT-fs (loop8): Filesystem has been set read-only
[  388.454204][T20515] syz.8.5428: attempt to access beyond end of device
[  388.454204][T20515] loop8: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  388.470093][T20515] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  388.478155][T20515] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  388.487516][T20515] syz.8.5428: attempt to access beyond end of device
[  388.487516][T20515] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  388.501375][T20515] syz.8.5428: attempt to access beyond end of device
[  388.501375][T20515] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  388.515789][T20515] syz.8.5428: attempt to access beyond end of device
[  388.515789][T20515] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  388.550925][T20515] syz.8.5428: attempt to access beyond end of device
[  388.550925][T20515] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  388.576713][T20515] syz.8.5428: attempt to access beyond end of device
[  388.576713][T20515] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  388.594448][T20515] syz.8.5428: attempt to access beyond end of device
[  388.594448][T20515] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  388.614831][T20515] syz.8.5428: attempt to access beyond end of device
[  388.614831][T20515] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  388.641034][T20515] syz.8.5428: attempt to access beyond end of device
[  388.641034][T20515] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  388.656004][T20515] syz.8.5428: attempt to access beyond end of device
[  388.656004][T20515] loop8: rw=0, sector=2065, nr_sectors = 8 limit=128
[  388.738605][T20527] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5433'.
[  388.845489][T20531] loop2: detected capacity change from 0 to 1024
[  388.859016][T20531] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  388.903216][T20539] netlink: 96 bytes leftover after parsing attributes in process `syz.9.5437'.
[  388.915847][T20541] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5438'.
[  388.930628][T20539] loop9: detected capacity change from 0 to 512
[  388.960568][T20543] FAULT_INJECTION: forcing a failure.
[  388.960568][T20543] name failslab, interval 1, probability 0, space 0, times 0
[  388.967532][T20539] EXT4-fs error (device loop9): ext4_orphan_get:1392: inode #15: comm syz.9.5437: iget: bad extended attribute block 1
[  388.973336][T20543] CPU: 0 UID: 0 PID: 20543 Comm: syz.1.5440 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  388.973431][T20543] Tainted: [W]=WARN
[  388.973438][T20543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  388.973451][T20543] Call Trace:
[  388.973458][T20543]  <TASK>
[  388.973467][T20543]  __dump_stack+0x1d/0x30
[  388.973488][T20543]  dump_stack_lvl+0xe8/0x140
[  388.973507][T20543]  dump_stack+0x15/0x1b
[  388.973559][T20543]  should_fail_ex+0x265/0x280
[  388.973609][T20543]  should_failslab+0x8c/0xb0
[  388.973633][T20543]  kmem_cache_alloc_node_noprof+0x57/0x320
[  388.973697][T20543]  ? __alloc_skb+0x101/0x320
[  388.973720][T20543]  __alloc_skb+0x101/0x320
[  388.973743][T20543]  netlink_alloc_large_skb+0xba/0xf0
[  388.973771][T20543]  netlink_sendmsg+0x3cf/0x6b0
[  388.973841][T20543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  388.973866][T20543]  __sock_sendmsg+0x145/0x180
[  388.974063][T20543]  ____sys_sendmsg+0x345/0x4e0
[  388.974110][T20543]  ___sys_sendmsg+0x17b/0x1d0
[  388.974209][T20543]  __sys_sendmmsg+0x178/0x300
[  388.974244][T20543]  __x64_sys_sendmmsg+0x57/0x70
[  388.974270][T20543]  x64_sys_call+0x1c4a/0x2ff0
[  388.974338][T20543]  do_syscall_64+0xd2/0x200
[  388.974379][T20543]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  388.974407][T20543]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  388.974435][T20543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.974456][T20543] RIP: 0033:0x7f3b0202ec29
[  388.974473][T20543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.974533][T20543] RSP: 002b:00007f3b00a8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  388.974552][T20543] RAX: ffffffffffffffda RBX: 00007f3b02275fa0 RCX: 00007f3b0202ec29
[  388.974614][T20543] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  388.974627][T20543] RBP: 00007f3b00a8f090 R08: 0000000000000000 R09: 0000000000000000
[  388.974640][T20543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  388.974653][T20543] R13: 00007f3b02276038 R14: 00007f3b02275fa0 R15: 00007ffc09372f28
[  388.974673][T20543]  </TASK>
[  389.202440][T20548] loop4: detected capacity change from 0 to 1024
[  389.232952][T20539] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.5437: couldn't read orphan inode 15 (err -117)
[  389.255145][T20548] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  389.326401][T20562] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5446'.
[  389.415336][T20569] loop1: detected capacity change from 0 to 1024
[  389.423009][T20569] EXT4-fs: Ignoring removed nomblk_io_submit option
[  389.435395][T20575] loop2: detected capacity change from 0 to 128
[  389.444402][T20569] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  389.452812][T20579] loop9: detected capacity change from 0 to 1024
[  389.460284][T20575] FAT-fs (loop2): bogus logical sector size 65535
[  389.466832][T20575] FAT-fs (loop2): Can't find a valid FAT filesystem
[  389.474811][T20569] System zones: 0-1, 3-36
[  389.491523][T20575] loop2: detected capacity change from 0 to 512
[  389.501921][T20579] ext4 filesystem being mounted at /287/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  389.513646][T20575] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  389.522491][T20575] EXT4-fs (loop2): orphan cleanup on readonly fs
[  389.530928][T20575] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5452: corrupted inode contents
[  389.546430][T20569] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  389.553115][T20575] EXT4-fs (loop2): Remounting filesystem read-only
[  389.561076][T20575] EXT4-fs (loop2): 1 truncate cleaned up
[  389.566967][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  389.577556][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  389.580154][T20569] random: crng reseeded on system resumption
[  389.588296][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  389.640674][T20575] netlink: 256 bytes leftover after parsing attributes in process `syz.2.5452'.
[  389.752839][T20603] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5462'.
[  389.775155][T20603] loop2: detected capacity change from 0 to 512
[  389.789335][T20603] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.5462: iget: bad extended attribute block 1
[  389.834469][T20603] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5462: couldn't read orphan inode 15 (err -117)
[  389.869568][T20612] loop8: detected capacity change from 0 to 1024
[  389.900791][T20614] FAULT_INJECTION: forcing a failure.
[  389.900791][T20614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  389.914078][T20614] CPU: 0 UID: 0 PID: 20614 Comm: syz.9.5466 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  389.914144][T20614] Tainted: [W]=WARN
[  389.914151][T20614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  389.914216][T20614] Call Trace:
[  389.914223][T20614]  <TASK>
[  389.914232][T20614]  __dump_stack+0x1d/0x30
[  389.914254][T20614]  dump_stack_lvl+0xe8/0x140
[  389.914273][T20614]  dump_stack+0x15/0x1b
[  389.914318][T20614]  should_fail_ex+0x265/0x280
[  389.914343][T20614]  should_fail+0xb/0x20
[  389.914364][T20614]  should_fail_usercopy+0x1a/0x20
[  389.914459][T20614]  _copy_from_user+0x1c/0xb0
[  389.914487][T20614]  ___sys_sendmsg+0xc1/0x1d0
[  389.914520][T20614]  __x64_sys_sendmsg+0xd4/0x160
[  389.914596][T20614]  x64_sys_call+0x191e/0x2ff0
[  389.914617][T20614]  do_syscall_64+0xd2/0x200
[  389.914644][T20614]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  389.914667][T20614]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  389.914697][T20614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.914719][T20614] RIP: 0033:0x7f139978ec29
[  389.914734][T20614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  389.914750][T20614] RSP: 002b:00007f13981ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  389.914825][T20614] RAX: ffffffffffffffda RBX: 00007f13999d5fa0 RCX: 00007f139978ec29
[  389.914838][T20614] RDX: 0000000000000800 RSI: 00002000000001c0 RDI: 0000000000000006
[  389.914851][T20614] RBP: 00007f13981ef090 R08: 0000000000000000 R09: 0000000000000000
[  389.914864][T20614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.914877][T20614] R13: 00007f13999d6038 R14: 00007f13999d5fa0 R15: 00007ffe92f9ced8
[  389.914929][T20614]  </TASK>
[  390.136118][T20612] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  390.161254][T20625] netlink: 'syz.4.5470': attribute type 10 has an invalid length.
[  390.170461][T20625] 8021q: adding VLAN 0 to HW filter on device team0
[  390.178765][T20625] bond0: (slave team0): Enslaving as an active interface with an up link
[  390.189415][T20625] netlink: 'syz.4.5470': attribute type 10 has an invalid length.
[  390.207268][T20625] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  390.303083][T20641] loop2: detected capacity change from 0 to 4096
[  390.303318][T20641] EXT4-fs: Ignoring removed nomblk_io_submit option
[  390.442182][ T1046] hid-generic 0001:10000:D11D.0007: unknown main item tag 0x0
[  390.442209][ T1046] hid-generic 0001:10000:D11D.0007: unknown main item tag 0x0
[  390.442232][ T1046] hid-generic 0001:10000:D11D.0007: unknown main item tag 0x0
[  390.442253][ T1046] hid-generic 0001:10000:D11D.0007: unknown main item tag 0x0
[  390.442277][ T1046] hid-generic 0001:10000:D11D.0007: unknown main item tag 0x0
[  390.442297][ T1046] hid-generic 0001:10000:D11D.0007: unknown main item tag 0x0
[  390.442358][ T1046] hid-generic 0001:10000:D11D.0007: unknown main item tag 0x0
[  390.442379][ T1046] hid-generic 0001:10000:D11D.0007: unknown main item tag 0x0
[  390.442403][ T1046] hid-generic 0001:10000:D11D.0007: unknown main item tag 0x0
[  390.442431][ T1046] hid-generic 0001:10000:D11D.0007: unknown main item tag 0x0
[  390.443873][ T1046] hid-generic 0001:10000:D11D.0007: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  390.588580][T20665] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  390.588580][T20665]    program syz.1.5486 not setting count and/or reply_len properly
[  390.662571][T20669] loop4: detected capacity change from 0 to 1024
[  390.663051][T20669] EXT4-fs: Ignoring removed bh option
[  390.691540][T20669] FAULT_INJECTION: forcing a failure.
[  390.691540][T20669] name failslab, interval 1, probability 0, space 0, times 0
[  390.691572][T20669] CPU: 0 UID: 0 PID: 20669 Comm: syz.4.5488 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  390.691606][T20669] Tainted: [W]=WARN
[  390.691612][T20669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  390.691622][T20669] Call Trace:
[  390.691627][T20669]  <TASK>
[  390.691633][T20669]  __dump_stack+0x1d/0x30
[  390.691656][T20669]  dump_stack_lvl+0xe8/0x140
[  390.691675][T20669]  dump_stack+0x15/0x1b
[  390.691693][T20669]  should_fail_ex+0x265/0x280
[  390.691736][T20669]  should_failslab+0x8c/0xb0
[  390.691757][T20669]  kmem_cache_alloc_node_noprof+0x57/0x320
[  390.691830][T20669]  ? __alloc_skb+0x101/0x320
[  390.691926][T20669]  __alloc_skb+0x101/0x320
[  390.691945][T20669]  netlink_alloc_large_skb+0xba/0xf0
[  390.691969][T20669]  netlink_sendmsg+0x3cf/0x6b0
[  390.691993][T20669]  ? __pfx_netlink_sendmsg+0x10/0x10
[  390.692042][T20669]  __sock_sendmsg+0x145/0x180
[  390.692074][T20669]  ____sys_sendmsg+0x31e/0x4e0
[  390.692103][T20669]  ___sys_sendmsg+0x17b/0x1d0
[  390.692210][T20669]  __x64_sys_sendmsg+0xd4/0x160
[  390.692241][T20669]  x64_sys_call+0x191e/0x2ff0
[  390.692258][T20669]  do_syscall_64+0xd2/0x200
[  390.692283][T20669]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  390.692329][T20669]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  390.692356][T20669]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.692443][T20669] RIP: 0033:0x7f493bbeec29
[  390.692458][T20669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.692478][T20669] RSP: 002b:00007f493a657038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  390.692497][T20669] RAX: ffffffffffffffda RBX: 00007f493be35fa0 RCX: 00007f493bbeec29
[  390.692510][T20669] RDX: 00000000000000c4 RSI: 0000200000000280 RDI: 0000000000000008
[  390.692523][T20669] RBP: 00007f493a657090 R08: 0000000000000000 R09: 0000000000000000
[  390.692536][T20669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  390.692579][T20669] R13: 00007f493be36038 R14: 00007f493be35fa0 R15: 00007fffb84377a8
[  390.692596][T20669]  </TASK>
[  390.924884][T20647] syz_tun: entered allmulticast mode
[  391.548468][T20631] syz_tun: left allmulticast mode
[  391.679950][T20715] loop1: detected capacity change from 0 to 1024
[  391.692923][T20717] loop8: detected capacity change from 0 to 128
[  391.699919][T20717] FAT-fs (loop8): bogus logical sector size 65535
[  391.706454][T20717] FAT-fs (loop8): Can't find a valid FAT filesystem
[  391.711797][T20715] ext4 filesystem being mounted at /480/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  391.730337][T20717] loop8: detected capacity change from 0 to 512
[  391.756733][T20717] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  391.770482][T20717] EXT4-fs (loop8): orphan cleanup on readonly fs
[  391.813722][T20733] program syz.4.5513 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  391.823220][T20733] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  391.837623][T20717] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.5508: corrupted inode contents
[  391.850723][T20717] EXT4-fs (loop8): Remounting filesystem read-only
[  391.858830][T20717] EXT4-fs (loop8): 1 truncate cleaned up
[  391.864913][   T12] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  391.875482][   T12] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  391.886277][   T12] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  392.056391][T20770] loop8: detected capacity change from 0 to 512
[  392.066160][T20770] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #15: comm syz.8.5522: iget: bad extended attribute block 1
[  392.080093][T20770] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.5522: couldn't read orphan inode 15 (err -117)
[  392.101419][T20777] loop1: detected capacity change from 0 to 512
[  392.119318][T20777] ext4 filesystem being mounted at /486/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  392.189089][T20793] loop8: detected capacity change from 0 to 1024
[  392.196053][T20793] EXT4-fs: Invalid want_extra_isize 125
[  392.206008][T20793] netlink: 'syz.8.5525': attribute type 1 has an invalid length.
[  392.515899][T20887] loop1: detected capacity change from 0 to 128
[  392.525032][T20887] FAT-fs (loop1): bogus logical sector size 65535
[  392.531559][T20887] FAT-fs (loop1): Can't find a valid FAT filesystem
[  392.543888][T20887] loop1: detected capacity change from 0 to 512
[  392.625427][T20909] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  392.625427][T20909]    program syz.4.5534 not setting count and/or reply_len properly
[  392.643767][T20887] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  392.661935][T20887] EXT4-fs (loop1): orphan cleanup on readonly fs
[  392.672742][T20887] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.5529: corrupted inode contents
[  392.691776][T20887] EXT4-fs (loop1): Remounting filesystem read-only
[  392.698449][T20887] EXT4-fs (loop1): 1 truncate cleaned up
[  392.705155][T17795] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  392.715768][T17795] __quota_error: 255 callbacks suppressed
[  392.715781][T17795] Quota error (device loop1): write_blk: dquota write failed
[  392.729370][T17795] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[  392.733157][T20914] loop8: detected capacity change from 0 to 512
[  392.739536][T17795] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  392.747767][T20914] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  392.756186][T17795] Quota error (device loop1): write_blk: dquota write failed
[  392.771634][T20915] loop2: detected capacity change from 0 to 512
[  392.773334][T17795] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list
[  392.782167][T20915] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.5536: iget: bad extended attribute block 1
[  392.802630][T17795] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  392.804665][T20915] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5536: couldn't read orphan inode 15 (err -117)
[  392.812965][T17795] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  392.836001][T20914] EXT4-fs (loop8): 1 truncate cleaned up
[  392.842629][T17795] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  392.858504][T20920] loop4: detected capacity change from 0 to 128
[  392.869427][T20920] FAT-fs (loop4): bogus logical sector size 65535
[  392.875999][T20920] FAT-fs (loop4): Can't find a valid FAT filesystem
[  392.893856][T20920] loop4: detected capacity change from 0 to 512
[  392.915650][T20920] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  392.923918][T20920] EXT4-fs (loop4): orphan cleanup on readonly fs
[  392.931909][T20920] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.5538: corrupted inode contents
[  392.946300][T20920] EXT4-fs (loop4): Remounting filesystem read-only
[  392.953085][T20920] EXT4-fs (loop4): 1 truncate cleaned up
[  392.959027][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  392.969734][   T12] Quota error (device loop4): write_blk: dquota write failed
[  392.977193][   T12] Quota error (device loop4): remove_free_dqentry: Can't write block (5) with free entries
[  392.987376][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  392.994110][   T29] audit: type=1326 audit(1758310968.906:22897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20927 comm="syz.1.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b0202ec29 code=0x7ffc0000
[  392.997976][   T12] Quota error (device loop4): write_blk: dquota write failed
[  393.032356][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  393.054087][T20920] __nla_validate_parse: 11 callbacks suppressed
[  393.054101][T20920] netlink: 256 bytes leftover after parsing attributes in process `syz.4.5538'.
[  393.120892][T20939] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5544'.
[  393.169113][T20939] FAULT_INJECTION: forcing a failure.
[  393.169113][T20939] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  393.182361][T20939] CPU: 0 UID: 0 PID: 20939 Comm: syz.4.5544 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  393.182446][T20939] Tainted: [W]=WARN
[  393.182452][T20939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  393.182464][T20939] Call Trace:
[  393.182502][T20939]  <TASK>
[  393.182510][T20939]  __dump_stack+0x1d/0x30
[  393.182530][T20939]  dump_stack_lvl+0xe8/0x140
[  393.182546][T20939]  dump_stack+0x15/0x1b
[  393.182560][T20939]  should_fail_ex+0x265/0x280
[  393.182657][T20939]  should_fail+0xb/0x20
[  393.182674][T20939]  should_fail_usercopy+0x1a/0x20
[  393.182695][T20939]  _copy_from_user+0x1c/0xb0
[  393.182762][T20939]  ___sys_sendmsg+0xc1/0x1d0
[  393.182874][T20939]  __x64_sys_sendmsg+0xd4/0x160
[  393.182898][T20939]  x64_sys_call+0x191e/0x2ff0
[  393.182916][T20939]  do_syscall_64+0xd2/0x200
[  393.182943][T20939]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  393.182963][T20939]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  393.183058][T20939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.183076][T20939] RIP: 0033:0x7f493bbeec29
[  393.183089][T20939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.183246][T20939] RSP: 002b:00007f493a657038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  393.183269][T20939] RAX: ffffffffffffffda RBX: 00007f493be35fa0 RCX: 00007f493bbeec29
[  393.183280][T20939] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000005
[  393.183318][T20939] RBP: 00007f493a657090 R08: 0000000000000000 R09: 0000000000000000
[  393.183329][T20939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  393.183339][T20939] R13: 00007f493be36038 R14: 00007f493be35fa0 R15: 00007fffb84377a8
[  393.183355][T20939]  </TASK>
[  393.363147][T20946] loop9: detected capacity change from 0 to 128
[  393.377053][T20948] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5547'.
[  393.377653][T20950] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  393.377653][T20950]    program syz.4.5548 not setting count and/or reply_len properly
[  393.408315][T20950] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5548'.
[  393.408900][T20948] netlink: 'syz.2.5547': attribute type 4 has an invalid length.
[  393.455859][T20952] loop4: detected capacity change from 0 to 512
[  393.468724][T20948] netlink: 'syz.2.5547': attribute type 4 has an invalid length.
[  393.477202][T20952] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  393.499861][T20952] EXT4-fs (loop4): 1 truncate cleaned up
[  393.533160][T20955] loop2: detected capacity change from 0 to 128
[  393.541304][T20955] FAT-fs (loop2): bogus logical sector size 65535
[  393.547858][T20955] FAT-fs (loop2): Can't find a valid FAT filesystem
[  393.582278][T20955] loop2: detected capacity change from 0 to 512
[  393.655795][T20962] netlink: 96 bytes leftover after parsing attributes in process `syz.9.5553'.
[  393.669215][T20962] loop9: detected capacity change from 0 to 512
[  393.683010][T20955] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  393.685688][T20962] EXT4-fs error (device loop9): ext4_orphan_get:1392: inode #15: comm syz.9.5553: iget: bad extended attribute block 1
[  393.692600][T20955] EXT4-fs (loop2): orphan cleanup on readonly fs
[  393.710935][T20962] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.5553: couldn't read orphan inode 15 (err -117)
[  393.712202][T20955] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5550: corrupted inode contents
[  393.735488][T20955] EXT4-fs (loop2): Remounting filesystem read-only
[  393.742858][T20955] EXT4-fs (loop2): 1 truncate cleaned up
[  393.750411][T17795] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  393.761036][T17795] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  393.774097][T17795] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  393.795001][T20955] netlink: 256 bytes leftover after parsing attributes in process `syz.2.5550'.
[  393.808077][T20967] loop8: detected capacity change from 0 to 128
[  393.816097][T20967] FAT-fs (loop8): bogus logical sector size 65535
[  393.822615][T20967] FAT-fs (loop8): Can't find a valid FAT filesystem
[  393.838065][T20967] loop8: detected capacity change from 0 to 512
[  393.855646][T20967] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  393.884077][T20967] EXT4-fs (loop8): orphan cleanup on readonly fs
[  393.905435][T20967] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.5554: corrupted inode contents
[  393.925626][T20967] EXT4-fs (loop8): Remounting filesystem read-only
[  393.933169][T20967] EXT4-fs (loop8): 1 truncate cleaned up
[  393.939392][   T12] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  393.949937][   T12] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  393.962657][   T12] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  393.979447][T20981] can: request_module (can-proto-0) failed.
[  393.987296][T20967] netlink: 256 bytes leftover after parsing attributes in process `syz.8.5554'.
[  394.689183][T21013] loop4: detected capacity change from 0 to 128
[  394.697613][T21013] FAT-fs (loop4): bogus logical sector size 65535
[  394.704206][T21013] FAT-fs (loop4): Can't find a valid FAT filesystem
[  394.715480][T21013] loop4: detected capacity change from 0 to 512
[  394.734905][T21013] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  394.743045][T21013] EXT4-fs (loop4): orphan cleanup on readonly fs
[  394.751105][T21013] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.5571: corrupted inode contents
[  394.820089][T21013] EXT4-fs (loop4): Remounting filesystem read-only
[  394.827227][T21013] EXT4-fs (loop4): 1 truncate cleaned up
[  394.834617][T12109] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  394.845307][T12109] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  394.857964][T12109] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  394.884930][T21013] netlink: 256 bytes leftover after parsing attributes in process `syz.4.5571'.
[  394.939816][T21041] FAULT_INJECTION: forcing a failure.
[  394.939816][T21041] name failslab, interval 1, probability 0, space 0, times 0
[  394.952667][T21041] CPU: 0 UID: 0 PID: 21041 Comm: syz.9.5582 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  394.952720][T21041] Tainted: [W]=WARN
[  394.952727][T21041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  394.952765][T21041] Call Trace:
[  394.952771][T21041]  <TASK>
[  394.952779][T21041]  __dump_stack+0x1d/0x30
[  394.952802][T21041]  dump_stack_lvl+0xe8/0x140
[  394.952902][T21041]  dump_stack+0x15/0x1b
[  394.952919][T21041]  should_fail_ex+0x265/0x280
[  394.952944][T21041]  should_failslab+0x8c/0xb0
[  394.952969][T21041]  kmem_cache_alloc_noprof+0x50/0x310
[  394.953033][T21041]  ? alloc_empty_file+0x76/0x200
[  394.953057][T21041]  alloc_empty_file+0x76/0x200
[  394.953145][T21041]  path_openat+0x68/0x2170
[  394.953165][T21041]  ? path_openat+0x1bf8/0x2170
[  394.953235][T21041]  ? _parse_integer_limit+0x170/0x190
[  394.953261][T21041]  ? _parse_integer+0x27/0x40
[  394.953282][T21041]  ? kstrtoull+0x111/0x140
[  394.953361][T21041]  do_filp_open+0x109/0x230
[  394.953389][T21041]  do_sys_openat2+0xa6/0x110
[  394.953466][T21041]  __se_sys_openat2+0x194/0x1f0
[  394.953533][T21041]  __x64_sys_openat2+0x55/0x70
[  394.953564][T21041]  x64_sys_call+0x1121/0x2ff0
[  394.953610][T21041]  do_syscall_64+0xd2/0x200
[  394.953636][T21041]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  394.953740][T21041]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  394.953764][T21041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.953788][T21041] RIP: 0033:0x7f139978ec29
[  394.953804][T21041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.953821][T21041] RSP: 002b:00007f13981ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b5
[  394.953883][T21041] RAX: ffffffffffffffda RBX: 00007f13999d5fa0 RCX: 00007f139978ec29
[  394.953896][T21041] RDX: 0000200000000280 RSI: 0000200000000340 RDI: ffffffffffffff9c
[  394.953908][T21041] RBP: 00007f13981ef090 R08: 0000000000000000 R09: 0000000000000000
[  394.953920][T21041] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[  394.953931][T21041] R13: 00007f13999d6038 R14: 00007f13999d5fa0 R15: 00007ffe92f9ced8
[  394.953951][T21041]  </TASK>
[  395.186921][T21048] loop4: detected capacity change from 0 to 128
[  395.207244][T21048] FAT-fs (loop4): bogus logical sector size 65535
[  395.213735][T21048] FAT-fs (loop4): Can't find a valid FAT filesystem
[  395.225818][T21045] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5583'.
[  395.241254][T21048] loop4: detected capacity change from 0 to 512
[  395.251822][T21045] loop2: detected capacity change from 0 to 512
[  395.259416][T21048] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  395.269471][T21048] EXT4-fs (loop4): orphan cleanup on readonly fs
[  395.277364][T21062] loop1: detected capacity change from 0 to 512
[  395.278070][T21045] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.5583: iget: bad extended attribute block 1
[  395.296603][T21062] EXT4-fs: Ignoring removed mblk_io_submit option
[  395.298210][T21048] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.5584: corrupted inode contents
[  395.303320][T21054] loop9: detected capacity change from 0 to 164
[  395.316106][T21045] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5583: couldn't read orphan inode 15 (err -117)
[  395.322538][T21062] EXT4-fs (loop1): can't mount with both data=journal and delalloc
[  395.341530][T21048] EXT4-fs (loop4): Remounting filesystem read-only
[  395.348356][T21048] EXT4-fs (loop4): 1 truncate cleaned up
[  395.354135][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  395.364710][T21062] pim6reg1: entered promiscuous mode
[  395.364727][T21062] pim6reg1: entered allmulticast mode
[  395.375514][   T12] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  395.386292][   T12] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  395.401901][T21048] netlink: 256 bytes leftover after parsing attributes in process `syz.4.5584'.
[  395.466921][T21073] SELinux:  policydb magic number 0x1001e does not match expected magic number 0xf97cff8c
[  395.477110][T21073] SELinux: failed to load policy
[  395.510502][T21077] tipc: Started in network mode
[  395.515627][T21077] tipc: Node identity faa87286dbe, cluster identity 4711
[  395.522709][T21077] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  395.542356][T21076] tipc: Disabling bearer <eth:syzkaller0>
[  395.616811][T21095] loop4: detected capacity change from 0 to 128
[  395.623735][T21095] FAT-fs (loop4): bogus logical sector size 65535
[  395.630273][T21095] FAT-fs (loop4): Can't find a valid FAT filesystem
[  395.640412][T21095] loop4: detected capacity change from 0 to 512
[  395.655837][T21095] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  395.666222][T21095] EXT4-fs (loop4): orphan cleanup on readonly fs
[  395.687481][T21095] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.5605: corrupted inode contents
[  395.700972][T21095] EXT4-fs (loop4): Remounting filesystem read-only
[  395.707757][T21095] EXT4-fs (loop4): 1 truncate cleaned up
[  395.708260][T21103] SELinux:  policydb magic number 0x18 does not match expected magic number 0xf97cff8c
[  395.724127][T12109] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  395.734773][T12109] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  395.734901][T21103] SELinux: failed to load policy
[  395.778271][T21101] loop2: detected capacity change from 0 to 512
[  395.786634][T12109] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  395.793695][T21105] loop8: detected capacity change from 0 to 512
[  395.798494][T21101] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.5607: iget: bad extended attribute block 1
[  395.809705][T21105] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #15: comm syz.8.5609: iget: bad extended attribute block 1
[  395.816844][T21101] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.5607: couldn't read orphan inode 15 (err -117)
[  395.828968][T21105] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.5609: couldn't read orphan inode 15 (err -117)
[  396.276307][T21149] random: crng reseeded on system resumption
[  396.308281][T21149] loop8: detected capacity change from 0 to 512
[  396.315469][T21149] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  396.336100][T21149] EXT4-fs (loop8): 1 truncate cleaned up
[  396.348253][T21149] EXT4-fs (loop8): shut down requested (2)
[  397.485520][T21176] loop8: detected capacity change from 0 to 128
[  397.492474][T21176] FAT-fs (loop8): bogus logical sector size 65535
[  397.499015][T21176] FAT-fs (loop8): Can't find a valid FAT filesystem
[  397.526207][T21176] loop8: detected capacity change from 0 to 512
[  397.560588][T21176] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  397.576075][T21176] EXT4-fs (loop8): orphan cleanup on readonly fs
[  397.591874][T21176] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #16: comm syz.8.5638: corrupted inode contents
[  397.618144][T21176] EXT4-fs (loop8): Remounting filesystem read-only
[  397.632375][T21176] EXT4-fs (loop8): 1 truncate cleaned up
[  397.639707][T12109] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  397.650351][T12109] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  397.664268][T12109] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  397.694802][T21191] loop2: detected capacity change from 0 to 128
[  397.701572][T21191] FAT-fs (loop2): bogus logical sector size 65535
[  397.708036][T21191] FAT-fs (loop2): Can't find a valid FAT filesystem
[  397.731398][T21191] loop2: detected capacity change from 0 to 512
[  397.749099][T21191] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  397.760115][T21191] EXT4-fs (loop2): orphan cleanup on readonly fs
[  397.770012][T21191] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5644: corrupted inode contents
[  397.782072][T21191] EXT4-fs (loop2): Remounting filesystem read-only
[  397.789565][T21191] EXT4-fs (loop2): 1 truncate cleaned up
[  397.795474][T12109] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  397.806088][T12109] __quota_error: 381 callbacks suppressed
[  397.806102][T12109] Quota error (device loop2): write_blk: dquota write failed
[  397.819253][T12109] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  397.824424][   T29] audit: type=1326 audit(1758310973.746:23238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21209 comm="syz.1.5651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b0202ec29 code=0x7ffc0000
[  397.829281][T12109] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  397.856797][T21210] FAULT_INJECTION: forcing a failure.
[  397.856797][T21210] name failslab, interval 1, probability 0, space 0, times 0
[  397.863327][T12109] Quota error (device loop2): write_blk: dquota write failed
[  397.876022][T21210] CPU: 0 UID: 0 PID: 21210 Comm: syz.1.5651 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  397.876053][T21210] Tainted: [W]=WARN
[  397.876060][T21210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  397.876108][T21210] Call Trace:
[  397.876116][T21210]  <TASK>
[  397.876126][T21210]  __dump_stack+0x1d/0x30
[  397.876220][T21210]  dump_stack_lvl+0xe8/0x140
[  397.876240][T21210]  dump_stack+0x15/0x1b
[  397.876256][T21210]  should_fail_ex+0x265/0x280
[  397.876327][T21210]  should_failslab+0x8c/0xb0
[  397.876374][T21210]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  397.876416][T21210]  ? sidtab_sid2str_get+0xa0/0x130
[  397.876505][T21210]  kmemdup_noprof+0x2b/0x70
[  397.876531][T21210]  sidtab_sid2str_get+0xa0/0x130
[  397.876552][T21210]  security_sid_to_context_core+0x1eb/0x2e0
[  397.876599][T21210]  security_sid_to_context+0x27/0x40
[  397.876619][T21210]  selinux_lsmprop_to_secctx+0x67/0xf0
[  397.876703][T21210]  security_lsmprop_to_secctx+0x43/0x80
[  397.876797][T21210]  audit_log_task_context+0x77/0x190
[  397.876887][T21210]  audit_log_task+0xf4/0x250
[  397.876915][T21210]  audit_seccomp+0x61/0x100
[  397.876939][T21210]  ? __seccomp_filter+0x68c/0x10d0
[  397.876992][T21210]  __seccomp_filter+0x69d/0x10d0
[  397.877014][T21210]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  397.877040][T21210]  ? vfs_write+0x7e8/0x960
[  397.877115][T21210]  ? __rcu_read_unlock+0x4f/0x70
[  397.877137][T21210]  ? __fget_files+0x184/0x1c0
[  397.877163][T21210]  __secure_computing+0x82/0x150
[  397.877211][T21210]  syscall_trace_enter+0xcf/0x1e0
[  397.877236][T21210]  do_syscall_64+0xac/0x200
[  397.877266][T21210]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  397.877377][T21210]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  397.877405][T21210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.877472][T21210] RIP: 0033:0x7f3b0202ec29
[  397.877489][T21210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.877541][T21210] RSP: 002b:00007f3b00a8ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  397.877560][T21210] RAX: ffffffffffffffda RBX: 00000000000005fd RCX: 00007f3b0202ec29
[  397.877573][T21210] RDX: 00007f3b00a8eef0 RSI: 0000000000000000 RDI: 00007f3b020b2810
[  397.877586][T21210] RBP: 0000200000000c00 R08: 00007f3b00a8ebb7 R09: 00007f3b00a8ee40
[  397.877599][T21210] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000480
[  397.877611][T21210] R13: 00007f3b00a8eef0 R14: 00007f3b00a8eeb0 R15: 00002000000002c0
[  397.877628][T21210]  </TASK>
[  397.877636][T21210] audit: error in audit_log_task_context
[  397.883386][T12109] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  397.923393][T12109] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  397.933207][   T29] audit: type=1326 audit(1758310973.786:23239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21209 comm="syz.1.5651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b0202ec29 code=0x7ffc0000
[  397.937552][T12109] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  397.960778][T12109] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  397.964510][   T29] audit: type=1326 audit(1758310973.786:23240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21209 comm="syz.1.5651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b0202ec29 code=0x7ffc0000
[  398.276825][T21222] __nla_validate_parse: 7 callbacks suppressed
[  398.276908][T21222] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5654'.
[  398.338258][T21229] loop2: detected capacity change from 0 to 128
[  398.345191][T21229] FAT-fs (loop2): bogus logical sector size 65535
[  398.351610][T21229] FAT-fs (loop2): Can't find a valid FAT filesystem
[  398.366238][T21229] loop2: detected capacity change from 0 to 512
[  398.554900][T21229] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  398.577269][T21229] EXT4-fs (loop2): orphan cleanup on readonly fs
[  398.616469][T21234] netlink: 256 bytes leftover after parsing attributes in process `syz.1.5658'.
[  398.659911][T21229] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.5657: corrupted inode contents
[  398.711910][T21238] netlink: 96 bytes leftover after parsing attributes in process `syz.9.5659'.
[  398.737492][T21229] EXT4-fs (loop2): Remounting filesystem read-only
[  398.749620][T21229] EXT4-fs (loop2): 1 truncate cleaned up
[  398.790623][T21238] loop9: detected capacity change from 0 to 512
[  398.821237][T21238] EXT4-fs error (device loop9): ext4_orphan_get:1392: inode #15: comm syz.9.5659: iget: bad extended attribute block 1
[  398.880172][T21238] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.5659: couldn't read orphan inode 15 (err -117)
[  398.994038][T21250] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5663'.
[  399.031792][T21248] loop4: detected capacity change from 0 to 512
[  399.051929][T21248] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.5663: iget: bad extended attribute block 1
[  399.090661][T21248] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.5663: couldn't read orphan inode 15 (err -117)
[  399.309802][T17795] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  399.320464][T17795] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  399.335132][T17795] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  399.350860][T21229] netlink: 256 bytes leftover after parsing attributes in process `syz.2.5657'.
[  399.748248][T21284] netlink: zone id is out of range
[  399.753565][T21284] netlink: zone id is out of range
[  399.759436][T21284] netlink: zone id is out of range
[  399.764625][T21284] netlink: zone id is out of range
[  399.769955][T21284] netlink: zone id is out of range
[  399.781716][T21284] netlink: zone id is out of range
[  399.786979][T21284] netlink: zone id is out of range
[  399.792161][T21284] netlink: zone id is out of range
[  399.797353][T21284] netlink: zone id is out of range
[  399.802749][T21284] netlink: zone id is out of range
[  399.827634][T21290] FAULT_INJECTION: forcing a failure.
[  399.827634][T21290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  399.840925][T21290] CPU: 0 UID: 0 PID: 21290 Comm: syz.9.5677 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  399.840957][T21290] Tainted: [W]=WARN
[  399.840964][T21290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  399.840982][T21290] Call Trace:
[  399.840989][T21290]  <TASK>
[  399.840996][T21290]  __dump_stack+0x1d/0x30
[  399.841015][T21290]  dump_stack_lvl+0xe8/0x140
[  399.841032][T21290]  dump_stack+0x15/0x1b
[  399.841046][T21290]  should_fail_ex+0x265/0x280
[  399.841148][T21290]  should_fail+0xb/0x20
[  399.841168][T21290]  should_fail_usercopy+0x1a/0x20
[  399.841224][T21290]  _copy_to_user+0x20/0xa0
[  399.841251][T21290]  simple_read_from_buffer+0xb5/0x130
[  399.841340][T21290]  proc_fail_nth_read+0x10e/0x150
[  399.841356][T21290]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  399.841371][T21290]  vfs_read+0x1a5/0x770
[  399.841383][T21290]  ? __rcu_read_unlock+0x4f/0x70
[  399.841409][T21290]  ? __fget_files+0x184/0x1c0
[  399.841424][T21290]  ksys_read+0xda/0x1a0
[  399.841437][T21290]  __x64_sys_read+0x40/0x50
[  399.841449][T21290]  x64_sys_call+0x27bc/0x2ff0
[  399.841528][T21290]  do_syscall_64+0xd2/0x200
[  399.841572][T21290]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  399.841585][T21290]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  399.841665][T21290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.841678][T21290] RIP: 0033:0x7f139978d63c
[  399.841688][T21290] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  399.841698][T21290] RSP: 002b:00007f13981ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  399.841763][T21290] RAX: ffffffffffffffda RBX: 00007f13999d5fa0 RCX: 00007f139978d63c
[  399.841770][T21290] RDX: 000000000000000f RSI: 00007f13981ef0a0 RDI: 0000000000000006
[  399.841777][T21290] RBP: 00007f13981ef090 R08: 0000000000000000 R09: 0000000000000000
[  399.841784][T21290] R10: 000000000000004a R11: 0000000000000246 R12: 0000000000000001
[  399.841868][T21290] R13: 00007f13999d6038 R14: 00007f13999d5fa0 R15: 00007ffe92f9ced8
[  399.841929][T21290]  </TASK>
[  400.137705][T21304] netlink: 178020 bytes leftover after parsing attributes in process `syz.1.5684'.
[  400.175515][T21311] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5687'.
[  400.244838][T21320] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  400.244838][T21320]    program syz.2.5690 not setting count and/or reply_len properly
[  400.265043][T21320] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5690'.
[  400.513380][T21355] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5700'.
[  400.522497][T21355] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5700'.
[  400.578965][T21355] tmpfs: Cannot enable swap on remount if it was disabled on first mount
[  401.076516][T21384] loop4: detected capacity change from 0 to 512
[  401.096889][T21384] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  401.112948][T21384] EXT4-fs (loop4): 1 truncate cleaned up
[  401.541638][T21401] FAULT_INJECTION: forcing a failure.
[  401.541638][T21401] name failslab, interval 1, probability 0, space 0, times 0
[  401.554379][T21401] CPU: 0 UID: 0 PID: 21401 Comm: syz.8.5720 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  401.554407][T21401] Tainted: [W]=WARN
[  401.554413][T21401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  401.554423][T21401] Call Trace:
[  401.554431][T21401]  <TASK>
[  401.554439][T21401]  __dump_stack+0x1d/0x30
[  401.554461][T21401]  dump_stack_lvl+0xe8/0x140
[  401.554477][T21401]  dump_stack+0x15/0x1b
[  401.554490][T21401]  should_fail_ex+0x265/0x280
[  401.554511][T21401]  ? hugetlb_vm_op_open+0x218/0x390
[  401.554540][T21401]  should_failslab+0x8c/0xb0
[  401.554561][T21401]  __kmalloc_cache_noprof+0x4c/0x320
[  401.554590][T21401]  ? __pfx_hugetlb_vm_op_open+0x10/0x10
[  401.554620][T21401]  hugetlb_vm_op_open+0x218/0x390
[  401.554649][T21401]  ? __pfx_hugetlb_vm_op_open+0x10/0x10
[  401.554680][T21401]  __split_vma+0x355/0x650
[  401.554711][T21401]  ? ___slab_alloc+0x273/0x910
[  401.554741][T21401]  vms_gather_munmap_vmas+0x17a/0x7b0
[  401.554762][T21401]  ? mas_find+0x608/0x700
[  401.554789][T21401]  mmap_region+0x53f/0x1630
[  401.554810][T21401]  ? __rcu_read_unlock+0x4f/0x70
[  401.554827][T21401]  ? mntput_no_expire+0x6f/0x460
[  401.554875][T21401]  do_mmap+0x9b3/0xbe0
[  401.554910][T21401]  __se_sys_remap_file_pages+0x55e/0x600
[  401.554934][T21401]  ? __bpf_trace_sys_enter+0x10/0x30
[  401.554956][T21401]  __x64_sys_remap_file_pages+0x67/0x80
[  401.554974][T21401]  x64_sys_call+0x23af/0x2ff0
[  401.554991][T21401]  do_syscall_64+0xd2/0x200
[  401.555020][T21401]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  401.555043][T21401]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  401.555072][T21401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.555092][T21401] RIP: 0033:0x7f036673ec29
[  401.555106][T21401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.555123][T21401] RSP: 002b:00007f036519f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  401.555142][T21401] RAX: ffffffffffffffda RBX: 00007f0366985fa0 RCX: 00007f036673ec29
[  401.555155][T21401] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000800000
[  401.555168][T21401] RBP: 00007f036519f090 R08: 0000000000000000 R09: 0000000000000000
[  401.555181][T21401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.555194][T21401] R13: 00007f0366986038 R14: 00007f0366985fa0 R15: 00007ffddc5f0858
[  401.555211][T21401]  </TASK>
[  401.555218][T21401] HugeTLB: unable to allocate vma specific lock
[  401.983186][T18384] EXT4-fs unmount: 84 callbacks suppressed
[  401.983203][T18384] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.117509][T21413] loop9: detected capacity change from 0 to 1024
[  402.144691][T21413] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  402.172734][T21417] FAULT_INJECTION: forcing a failure.
[  402.172734][T21417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.185979][T21417] CPU: 0 UID: 0 PID: 21417 Comm: syz.1.5728 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  402.186011][T21417] Tainted: [W]=WARN
[  402.186017][T21417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  402.186027][T21417] Call Trace:
[  402.186032][T21417]  <TASK>
[  402.186040][T21417]  __dump_stack+0x1d/0x30
[  402.186058][T21417]  dump_stack_lvl+0xe8/0x140
[  402.186078][T21417]  dump_stack+0x15/0x1b
[  402.186095][T21417]  should_fail_ex+0x265/0x280
[  402.186137][T21417]  should_fail+0xb/0x20
[  402.186154][T21417]  should_fail_usercopy+0x1a/0x20
[  402.186175][T21417]  _copy_from_user+0x1c/0xb0
[  402.186206][T21417]  ___sys_sendmsg+0xc1/0x1d0
[  402.186326][T21417]  __x64_sys_sendmsg+0xd4/0x160
[  402.186355][T21417]  x64_sys_call+0x191e/0x2ff0
[  402.186418][T21417]  do_syscall_64+0xd2/0x200
[  402.186450][T21417]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  402.186473][T21417]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  402.186499][T21417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.186560][T21417] RIP: 0033:0x7f3b0202ec29
[  402.186574][T21417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.186588][T21417] RSP: 002b:00007f3b00a8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  402.186605][T21417] RAX: ffffffffffffffda RBX: 00007f3b02275fa0 RCX: 00007f3b0202ec29
[  402.186619][T21417] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000005
[  402.186642][T21417] RBP: 00007f3b00a8f090 R08: 0000000000000000 R09: 0000000000000000
[  402.186660][T21417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.186671][T21417] R13: 00007f3b02276038 R14: 00007f3b02275fa0 R15: 00007ffc09372f28
[  402.186687][T21417]  </TASK>
[  402.188788][T21413] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm syz.9.5726: Invalid block bitmap block 0 in block_group 0
[  402.305625][T21427] loop4: detected capacity change from 0 to 128
[  402.313575][T21413] EXT4-fs error (device loop9): ext4_acquire_dquot:6937: comm syz.9.5726: Failed to acquire dquot type 0
[  402.338342][T21427] FAT-fs (loop4): bogus logical sector size 65535
[  402.354409][T21413] EXT4-fs error (device loop9): ext4_free_blocks:6696: comm syz.9.5726: Freeing blocks not in datazone - block = 0, count = 4096
[  402.361866][T21427] FAT-fs (loop4): Can't find a valid FAT filesystem
[  402.433860][T21413] EXT4-fs error (device loop9): ext4_read_inode_bitmap:139: comm syz.9.5726: Invalid inode bitmap blk 0 in block_group 0
[  402.449308][T21413] EXT4-fs error (device loop9) in ext4_free_inode:361: Corrupt filesystem
[  402.458103][T12109] EXT4-fs error (device loop9): ext4_release_dquot:6973: comm kworker/u8:42: Failed to release dquot type 0
[  402.464457][T21424] loop4: detected capacity change from 0 to 512
[  402.471121][T21413] EXT4-fs (loop9): 1 orphan inode deleted
[  402.481959][T21413] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  402.502830][T21434] loop2: detected capacity change from 0 to 512
[  402.524697][T21434] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  402.557837][T21434] EXT4-fs (loop2): 1 truncate cleaned up
[  402.565675][T21424] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  402.580282][T16479] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.589760][T21434] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  402.593790][T21424] EXT4-fs (loop4): orphan cleanup on readonly fs
[  402.610760][T21424] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #16: comm syz.4.5723: corrupted inode contents
[  402.641354][T21424] EXT4-fs (loop4): Remounting filesystem read-only
[  402.658682][T21424] EXT4-fs (loop4): 1 truncate cleaned up
[  402.673511][T17795] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  402.684100][T17795] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  402.706692][T17795] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  402.718993][T21424] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  402.833356][T18384] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.019175][   T29] kauditd_printk_skb: 349 callbacks suppressed
[  403.019191][   T29] audit: type=1326 audit(1758310978.946:23575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.4.5745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493bbeec29 code=0x7ffc0000
[  403.115304][   T29] audit: type=1326 audit(1758310978.976:23576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.4.5745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f493bbeec29 code=0x7ffc0000
[  403.138938][   T29] audit: type=1326 audit(1758310978.976:23577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.4.5745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493bbeec29 code=0x7ffc0000
[  403.162564][   T29] audit: type=1326 audit(1758310978.976:23578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.4.5745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f493bbeec29 code=0x7ffc0000
[  403.186313][   T29] audit: type=1326 audit(1758310978.976:23579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.4.5745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493bbeec29 code=0x7ffc0000
[  403.209935][   T29] audit: type=1326 audit(1758310978.976:23580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.4.5745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f493bbeec29 code=0x7ffc0000
[  403.233676][   T29] audit: type=1326 audit(1758310978.976:23581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.4.5745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493bbeec29 code=0x7ffc0000
[  403.257441][   T29] audit: type=1326 audit(1758310978.976:23582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.4.5745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f493bbeec29 code=0x7ffc0000
[  403.281133][   T29] audit: type=1326 audit(1758310978.976:23583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.4.5745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f493bbeec29 code=0x7ffc0000
[  403.304851][   T29] audit: type=1326 audit(1758310978.976:23584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.4.5745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f493bbeec29 code=0x7ffc0000
[  403.407481][T21477] loop8: detected capacity change from 0 to 512
[  403.419852][T21477] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  403.459451][T21477] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  403.490428][T19738] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.513563][T21477] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.5750: bg 0: block 248: padding at end of block bitmap is not set
[  403.560793][T21481] loop4: detected capacity change from 0 to 512
[  403.568672][T21481] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  403.588873][T21477] EXT4-fs error (device loop8): ext4_acquire_dquot:6937: comm syz.8.5750: Failed to acquire dquot type 1
[  403.611143][T21481] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  403.642466][T21481] System zones: 0-2, 18-18, 34-34
[  403.657315][T21477] EXT4-fs (loop8): 1 truncate cleaned up
[  403.663794][T21481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.684539][T21477] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  403.733570][T21481] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  403.883063][T18384] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.903662][T16717] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  403.953012][T21493] SELinux:  policydb magic number 0x280 does not match expected magic number 0xf97cff8c
[  403.962910][T21493] SELinux: failed to load policy
[  403.971654][T21493] syzkaller1: entered promiscuous mode
[  403.977315][T21493] syzkaller1: entered allmulticast mode
[  404.141653][T21497] __nla_validate_parse: 9 callbacks suppressed
[  404.141667][T21497] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5755'.
[  404.174541][T21500] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5756'.
[  404.343656][T21513] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5762'.
[  404.686587][T21523] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5767'.
[  404.884065][T21541] loop4: detected capacity change from 0 to 256
[  404.897000][T21541] FAT-fs (loop4): Directory bread(block 64) failed
[  404.903735][T21541] FAT-fs (loop4): Directory bread(block 65) failed
[  404.910997][T21541] FAT-fs (loop4): Directory bread(block 66) failed
[  404.918121][T21541] FAT-fs (loop4): Directory bread(block 67) failed
[  404.924741][T21541] FAT-fs (loop4): Directory bread(block 68) failed
[  404.932161][T21541] FAT-fs (loop4): Directory bread(block 69) failed
[  404.938758][T21541] FAT-fs (loop4): Directory bread(block 70) failed
[  404.945440][T21541] FAT-fs (loop4): Directory bread(block 71) failed
[  404.952874][T21541] FAT-fs (loop4): Directory bread(block 72) failed
[  404.961637][T21541] FAT-fs (loop4): Directory bread(block 73) failed
[  404.980868][T21547] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5778'.
[  404.997798][T21552] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_rx_wq": -EINTR
[  405.002652][T21557] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  405.002652][T21557]    program syz.8.5779 not setting count and/or reply_len properly
[  405.031242][T21557] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5779'.
[  405.069296][T21567] FAULT_INJECTION: forcing a failure.
[  405.069296][T21567] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.082461][T21567] CPU: 0 UID: 0 PID: 21567 Comm: syz.8.5783 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  405.082495][T21567] Tainted: [W]=WARN
[  405.082501][T21567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  405.082510][T21567] Call Trace:
[  405.082516][T21567]  <TASK>
[  405.082524][T21567]  __dump_stack+0x1d/0x30
[  405.082562][T21567]  dump_stack_lvl+0xe8/0x140
[  405.082578][T21567]  dump_stack+0x15/0x1b
[  405.082592][T21567]  should_fail_ex+0x265/0x280
[  405.082613][T21567]  should_fail+0xb/0x20
[  405.082630][T21567]  should_fail_usercopy+0x1a/0x20
[  405.082711][T21567]  _copy_from_user+0x1c/0xb0
[  405.082814][T21567]  ___sys_sendmsg+0xc1/0x1d0
[  405.082851][T21567]  __x64_sys_sendmsg+0xd4/0x160
[  405.082877][T21567]  x64_sys_call+0x191e/0x2ff0
[  405.082954][T21567]  do_syscall_64+0xd2/0x200
[  405.082980][T21567]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  405.083004][T21567]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  405.083072][T21567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.083093][T21567] RIP: 0033:0x7f036673ec29
[  405.083109][T21567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.083137][T21567] RSP: 002b:00007f036519f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  405.083157][T21567] RAX: ffffffffffffffda RBX: 00007f0366985fa0 RCX: 00007f036673ec29
[  405.083169][T21567] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  405.083200][T21567] RBP: 00007f036519f090 R08: 0000000000000000 R09: 0000000000000000
[  405.083213][T21567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.083225][T21567] R13: 00007f0366986038 R14: 00007f0366985fa0 R15: 00007ffddc5f0858
[  405.083242][T21567]  </TASK>
[  405.297757][T21574] netlink: 'syz.1.5787': attribute type 4 has an invalid length.
[  405.305701][T21574] netlink: 17 bytes leftover after parsing attributes in process `syz.1.5787'.
[  405.339168][T21574] smc: net device bond0 applied user defined pnetid SYZ0
[  405.348665][T21574] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0
[  405.382390][T21579] loop8: detected capacity change from 0 to 2048
[  405.383765][T21578] loop9: detected capacity change from 0 to 512
[  405.396391][T21574] smc: net device bond0 erased user defined pnetid SYZ0
[  405.404929][T21579]  loop8: p1 < > p4
[  405.408381][T21574] smc: ib device syz1 ibport 1 erased user defined pnetid SYZ0
[  405.417652][T21579] loop8: p4 size 8388608 extends beyond EOD, truncated
[  405.439053][T21584] loop2: detected capacity change from 0 to 512
[  405.453332][T21579] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5789'.
[  405.463553][T21584] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  405.470416][T21579] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5789'.
[  405.475896][T21578] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.495411][T21578] ext4 filesystem being mounted at /350/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  405.513184][T21584] EXT4-fs (loop2): 1 truncate cleaned up
[  405.522974][T21592] FAULT_INJECTION: forcing a failure.
[  405.522974][T21592] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.529437][T21584] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.536132][T21592] CPU: 0 UID: 0 PID: 21592 Comm: syz.4.5793 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  405.536217][T21592] Tainted: [W]=WARN
[  405.536224][T21592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  405.536236][T21592] Call Trace:
[  405.536243][T21592]  <TASK>
[  405.536252][T21592]  __dump_stack+0x1d/0x30
[  405.536273][T21592]  dump_stack_lvl+0xe8/0x140
[  405.536293][T21592]  dump_stack+0x15/0x1b
[  405.536316][T21592]  should_fail_ex+0x265/0x280
[  405.536339][T21592]  should_fail+0xb/0x20
[  405.536359][T21592]  should_fail_usercopy+0x1a/0x20
[  405.536383][T21592]  _copy_to_user+0x20/0xa0
[  405.536414][T21592]  simple_read_from_buffer+0xb5/0x130
[  405.536488][T21592]  proc_fail_nth_read+0x10e/0x150
[  405.536582][T21592]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  405.536607][T21592]  vfs_read+0x1a5/0x770
[  405.536708][T21592]  ? __rcu_read_unlock+0x4f/0x70
[  405.536791][T21592]  ? __fget_files+0x184/0x1c0
[  405.536830][T21592]  ksys_read+0xda/0x1a0
[  405.536852][T21592]  __x64_sys_read+0x40/0x50
[  405.536917][T21592]  x64_sys_call+0x27bc/0x2ff0
[  405.536938][T21592]  do_syscall_64+0xd2/0x200
[  405.537024][T21592]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  405.537049][T21592]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  405.537097][T21592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.537209][T21592] RIP: 0033:0x7f493bbed63c
[  405.537291][T21592] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  405.537309][T21592] RSP: 002b:00007f493a657030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  405.537328][T21592] RAX: ffffffffffffffda RBX: 00007f493be35fa0 RCX: 00007f493bbed63c
[  405.537341][T21592] RDX: 000000000000000f RSI: 00007f493a6570a0 RDI: 0000000000000006
[  405.537402][T21592] RBP: 00007f493a657090 R08: 0000000000000000 R09: 0000000000000000
[  405.537415][T21592] R10: 0000000000001100 R11: 0000000000000246 R12: 0000000000000001
[  405.537428][T21592] R13: 00007f493be36038 R14: 00007f493be35fa0 R15: 00007fffb84377a8
[  405.537447][T21592]  </TASK>
[  405.554558][T21594] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  405.554558][T21594]    program syz.4.5794 not setting count and/or reply_len properly
[  405.771713][T21602] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5787'.
[  406.107199][T21624] loop8: detected capacity change from 0 to 128
[  406.130291][T16479] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.165921][T21624] syz.8.5801: attempt to access beyond end of device
[  406.165921][T21624] loop8: rw=0, sector=121, nr_sectors = 920 limit=128
[  406.215569][T21630] loop9: detected capacity change from 0 to 2048
[  406.231200][T21630] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  406.292231][T21630] net_ratelimit: 128 callbacks suppressed
[  406.292319][T21630] netlink: zone id is out of range
[  406.326914][T19738] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.332770][T21630] netlink: zone id is out of range
[  406.341063][T21630] netlink: zone id is out of range
[  406.346372][T21630] netlink: zone id is out of range
[  406.351808][T21630] netlink: zone id is out of range
[  406.357050][T21630] netlink: zone id is out of range
[  406.362152][T21630] netlink: zone id is out of range
[  406.367445][T21630] netlink: zone id is out of range
[  406.372549][T21630] netlink: zone id is out of range
[  406.377709][T21630] netlink: zone id is out of range
[  406.385430][T21638] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  406.385430][T21638]    program syz.8.5806 not setting count and/or reply_len properly
[  406.486634][T21655] FAULT_INJECTION: forcing a failure.
[  406.486634][T21655] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  406.499871][T21655] CPU: 1 UID: 0 PID: 21655 Comm: syz.8.5813 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  406.499905][T21655] Tainted: [W]=WARN
[  406.499912][T21655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  406.499924][T21655] Call Trace:
[  406.499931][T21655]  <TASK>
[  406.500027][T21655]  __dump_stack+0x1d/0x30
[  406.500119][T21655]  dump_stack_lvl+0xe8/0x140
[  406.500139][T21655]  dump_stack+0x15/0x1b
[  406.500156][T21655]  should_fail_ex+0x265/0x280
[  406.500181][T21655]  should_fail+0xb/0x20
[  406.500227][T21655]  should_fail_usercopy+0x1a/0x20
[  406.500248][T21655]  _copy_from_user+0x1c/0xb0
[  406.500278][T21655]  bpf_test_init+0xdf/0x160
[  406.500425][T21655]  bpf_prog_test_run_xdp+0x274/0x910
[  406.500450][T21655]  ? kstrtouint+0x76/0xc0
[  406.500474][T21655]  ? __rcu_read_unlock+0x4f/0x70
[  406.500500][T21655]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  406.500602][T21655]  bpf_prog_test_run+0x22a/0x390
[  406.500633][T21655]  __sys_bpf+0x4b9/0x7b0
[  406.500665][T21655]  __x64_sys_bpf+0x41/0x50
[  406.500690][T21655]  x64_sys_call+0x2aea/0x2ff0
[  406.500716][T21655]  do_syscall_64+0xd2/0x200
[  406.500747][T21655]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  406.500772][T21655]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  406.500842][T21655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.500864][T21655] RIP: 0033:0x7f036673ec29
[  406.500880][T21655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.500898][T21655] RSP: 002b:00007f036519f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  406.500950][T21655] RAX: ffffffffffffffda RBX: 00007f0366985fa0 RCX: 00007f036673ec29
[  406.500962][T21655] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  406.500975][T21655] RBP: 00007f036519f090 R08: 0000000000000000 R09: 0000000000000000
[  406.500987][T21655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.500999][T21655] R13: 00007f0366986038 R14: 00007f0366985fa0 R15: 00007ffddc5f0858
[  406.501028][T21655]  </TASK>
[  406.711923][T21670] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  406.711923][T21670]    program syz.1.5819 not setting count and/or reply_len properly
[  406.755705][T21677] veth0_to_bridge: entered promiscuous mode
[  406.762491][T16479] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  406.782659][T16479] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  406.795454][T16479] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.873411][T21691] loop4: detected capacity change from 0 to 512
[  406.883388][T21691] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  406.894692][T21691] EXT4-fs (loop4): 1 truncate cleaned up
[  406.901703][T21691] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  407.302795][T21697] ==================================================================
[  407.310907][T21697] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark
[  407.318925][T21697] 
[  407.321253][T21697] write to 0xffff888106fff6ac of 4 bytes by task 21691 on cpu 0:
[  407.329008][T21697]  xas_set_mark+0x12b/0x140
[  407.333525][T21697]  tag_pages_for_writeback+0xc2/0x290
[  407.338911][T21697]  ext4_do_writepages+0x6b2/0x2750
[  407.344035][T21697]  ext4_writepages+0x176/0x300
[  407.348816][T21697]  do_writepages+0x1c3/0x310
[  407.353407][T21697]  filemap_write_and_wait_range+0x144/0x340
[  407.359315][T21697]  filemap_invalidate_pages+0xa4/0x1a0
[  407.364820][T21697]  kiocb_invalidate_pages+0x6e/0x80
[  407.370034][T21697]  __iomap_dio_rw+0x5d4/0x1250
[  407.374809][T21697]  iomap_dio_rw+0x40/0x90
[  407.379154][T21697]  ext4_file_write_iter+0xad9/0xf00
[  407.384368][T21697]  iter_file_splice_write+0x666/0xa60
[  407.389746][T21697]  direct_splice_actor+0x156/0x2a0
[  407.394980][T21697]  splice_direct_to_actor+0x312/0x680
[  407.400358][T21697]  do_splice_direct+0xda/0x150
[  407.405121][T21697]  do_sendfile+0x380/0x650
[  407.409551][T21697]  __x64_sys_sendfile64+0x105/0x150
[  407.414763][T21697]  x64_sys_call+0x2bb0/0x2ff0
[  407.419444][T21697]  do_syscall_64+0xd2/0x200
[  407.423978][T21697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.429879][T21697] 
[  407.432201][T21697] read to 0xffff888106fff6ac of 4 bytes by task 21697 on cpu 1:
[  407.439818][T21697]  file_write_and_wait_range+0x10e/0x2c0
[  407.445460][T21697]  generic_buffers_fsync_noflush+0x45/0x120
[  407.451366][T21697]  ext4_sync_file+0x1ab/0x690
[  407.456305][T21697]  vfs_fsync_range+0x10a/0x130
[  407.461087][T21697]  ext4_buffered_write_iter+0x34f/0x3c0
[  407.466647][T21697]  ext4_file_write_iter+0xdbf/0xf00
[  407.471849][T21697]  iter_file_splice_write+0x666/0xa60
[  407.477229][T21697]  direct_splice_actor+0x156/0x2a0
[  407.482349][T21697]  splice_direct_to_actor+0x312/0x680
[  407.487754][T21697]  do_splice_direct+0xda/0x150
[  407.492613][T21697]  do_sendfile+0x380/0x650
[  407.497069][T21697]  __x64_sys_sendfile64+0x105/0x150
[  407.502278][T21697]  x64_sys_call+0x2bb0/0x2ff0
[  407.506963][T21697]  do_syscall_64+0xd2/0x200
[  407.511484][T21697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.517909][T21697] 
[  407.520230][T21697] value changed: 0x02000021 -> 0x04000021
[  407.525943][T21697] 
[  407.528268][T21697] Reported by Kernel Concurrency Sanitizer on:
[  407.534415][T21697] CPU: 1 UID: 0 PID: 21697 Comm: syz.4.5826 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  407.545875][T21697] Tainted: [W]=WARN
[  407.549671][T21697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  407.559728][T21697] ==================================================================
[  407.760653][T18384] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.