last executing test programs:

17.248182612s ago: executing program 0 (id=4209):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a00", @ANYRES64], 0x44}}, 0x0)

17.079943333s ago: executing program 0 (id=4212):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00'}, 0x10)
rmdir(0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a9a4850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
msgsnd(0x0, 0x0, 0x8, 0x5c0e98538dd202a3)
rt_tgsigqueueinfo(r1, r1, 0x15, &(0x7f0000000180)={0x100001f, 0x8, 0xfffffffd})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000dc0)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb01001800000000000058000c0000000c00000002000000000000000000000a000000000100"], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
rt_sigqueueinfo(0x0, 0xd, &(0x7f0000000300)={0x18, 0xd, 0x80000001})
r3 = socket(0x400000000010, 0x3, 0x0)
fsetxattr$security_evm(r0, &(0x7f0000000080), &(0x7f00000000c0)=@sha1={0x1, "f01f7b7452354da446b12ceac142e85344f9810d"}, 0x15, 0x3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001500)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x100}, 0x0)
write(r3, &(0x7f0000000040)="3a03000018002551075c0165ff0ffc02802000030004000500e1000c0400070080000900", 0x33a)

17.046533903s ago: executing program 0 (id=4214):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000002c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2008, 0x800})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000340)={[{@resuid}, {@mblk_io_submit}, {@usrquota}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@jqfmt_vfsold}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0x100}}, {@grpquota}]}, 0x0, 0x488, &(0x7f0000002900)="$eJzs3c9vVFUbAOD3TmeA70NoRURB0CoaG9GWFlQWbjSasNDERBeYuKltIchADa2JEKLVGFwaEvfGpYl/gHGlG6OuTNzq3pAQJCagG8fcO/eWmWGm9PdU5nmSgXPmnLnnvL333Dlzz9w2gJ41mP6TRNwVEb9GRH8921xhsP7fjWsXJv66dmEiiVrttatJVu/6tQsTRdXidVvzzFApovRxkjfSbObc+VPj1erU2Tw/Mnv6nZGZc+efOnl6/MTUiakzY0eOHD40+uwzY0+vSpxpfNf3vD+9d/fRNy69MnHs0ls/fpX2d9e+enljHMuz5ZZnBtPA/6hlWsseW1ljG84/tZtxJuVu94bF6ouIdHdVsvHfH31xc+f1x0sfdbVzwJpKz9mbOxfP1YA7WBLd7gHQHcUbffr5t3is09RjQ7jyfP0DUBr3jfxRLylHKa9TWcP2ByPi2Nzfn6ePaLkOUWtz3QAAYKW+Tec/T7ab/5ViV0O97fna0EBE3B0ROyLinojYGRH3RmR174uI+5fYfuvS0K3zz9LlZQW2SOn877l8bat5/lfM/mKgL89ty+KvJMdPVqcO5j+ToahsTvOj7TZebOLFXz7t1H7j/C99pO0Xc8F8I5fLLRfoJsdnx1drUnrlw4g95XbxJ/MrAUlE7I6IPUvb9PYicfKJL/c2F537rkjdPv4FrMI6U+2LiMfr+38uWuIvJAuvT45sierUwZHiqLjVTz9ffLVT+yuKfxWk+39b8/HfUqP/z6RxvXZm6W1c/O2Tjp8py03xb60s9vjflLyereluyp97b3x29uxoxKbk5Szf9PzYzdcW+aJ+Gv/Q/vbjf0f+mjT+ByIiPYj3RcSDEfFQvu8ejohHImL/AvH/8MKjb3cq2wj7f7Lt+W/++B9o3v9LT/Sd+v6bTu0v7vx3OEsN5c9k57/b6NydYp1+uUczAAAA/PeUsu/GJ6Xh+XSpNDxc/w7/zvh/qTo9M3vg+PS7Zybr36EfiEqpuNLV33A9dDSZy7dYz4/l14qL8kP5dePP+v6X5YcnpquTXY4det3WDuM/9Xtft3sHrDn3a0Hvah3/8199aL4VOHP163XoELBuvP9D7zL+oXcZ/9C72o3/D1ry1gLgzuT9H3qX8Q+9qta/4Pg/sH49Adaf93/oSSu5r7+eSLeyjJcXv7+kTVF5gbv3u5Y4mvd3o/Sn24k387/csFH6I9GQKLcd3ZUljfcunIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADWwL8BAAD//13C6OE=")
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2c, r6, 0x1, 0x0, 0x0, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}]}, 0x2c}}, 0x0)

16.933387564s ago: executing program 0 (id=4215):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f00000000c0)={[{@discard}, {@bsdgroups}, {@resuid}, {@noblock_validity}, {@minixdf}, {@errors_remount}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x1) (fail_nth: 3)

16.560362956s ago: executing program 0 (id=4218):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 64)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) (rerun: 64)
request_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000200)='#$*\x00', r1) (async, rerun: 32)
keyctl$restrict_keyring(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e') (rerun: 32)
r2 = perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r3 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00') (async, rerun: 64)
r5 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000300)='./bus\x00', 0x1008002, &(0x7f00000006c0)={[{@grpquota}, {@delalloc}, {@inlinecrypt}, {@usrquota}, {@dioread_nolock}, {@nobh}, {@nomblk_io_submit}, {@grpjquota}, {@grpid}]}, 0x1, 0x5eb, &(0x7f0000001740)="$eJzs3c9vVVUeAPDveX0tLWWmhUxmhlkMTSYTSGZoaYEJmbiArSEN/ogbN1ZaEHlAQ2u0aEJJcGNi3Bhj4sqF+F8okS0rXblw48qQEDUsTXzmvt5b+uO9lpa2t+F+Psmj997zLud7+/rtOe/0nPsCqKyh7J9axMGImE4RA2l+saweeeHQwvMe/fre+eyRotl86ecUKT9WPD/lX/vzk3sj4ttvUhzoWl3vzNyNyxONxtT1fH9k9sr0yMzcjaOXrkxcnLo4dXXsf2OnTp44eWr02Kau62abY2dvv/n2wAfjr37x2W9p9MsfxlOcjufzJy69jq0yFEOt70laXdR/aqsrK0lX/nOy9CVO9RIDYkOK1687Iv4WA9EVj1+8gXj/hVKDA7ZVM0U0gYpK8h8qqugHFO/tV74PrpXSKwF2wsMzCwMAq/O/vjA2GL2tsYG9j1IsHdZJEbG5kbnl9kXE/Xvjty/cG78d2zQOB7Q3fysi/t4u/1Mr/wejNwZb+V9blv9Zv+Bc/jU7/uIm6185VCz/Yecs5H/vmvkfHfL/tSX5//om6x96vPlG37L879vsJQEAAAAAAEBl3T0TEf9t9/f/2uL8n2gz/6c/Ik5vQf1DK/ZX//2/9mALqgHaeHgm4rm2839rxezfwa5860+t+QDd6cKlxtSxiPhzRByJ7j3Z/ugadRz98MCnncqG8vl/xSOr/34+FzCP40F9z/JzJidmJ572uoGIh7ci/tF2/m9abP9Tm/Y/+30w/YR1HPj3nXOdytbPf2C7ND+PONy2/X9814q09v05Rlr9gZGiV7DaP9/96KtO9W82/91iAp5e1v7vXTv/B9PS+/XMbLyO43P1Zqeyzfb/e9LLrVvO9OTH3pmYnb0+GtGTznZlR5cdH9t4zPAsKvKhyJcs/4/8a+3xvxRRX9n/74uI+RX/d/pl+Zriwl9/7/+xUzz6/1CeLP8nN9T+b3xj7M7g153qf7L2/0SrrT+SHzH+Bws+KdK0Z/nxNulYb1e00/ECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLOgFhH7ItWGF7drteHhiP6I+EvsrTWuzcz+58K1t65OZmWtz/+vFZ/0O7Cwn4rP/x9csj+2Yv94ROyPiI+7+lr7w+evNSbLvngAAAAAAAAAAAAAAAAAAADYJfo7rP/P/NRVdnTAtquXHQBQmjb5/10ZcQA7T/sP1SX/obrkP1SX/Ifqkv9QXfIfqkv+Q3XJfwAAAAAAeKbsP3T3+xQR8//vaz0yPXlZd6mRAdutVnYAQGnc4geqy9QfqC7v8YG0Tnlvx5PWO3Mt0+ef4mQAAAAAAAAAAAAAqJzDB63/h6qy/h+qy/p/qK5i/f+hkuMAdp73+ECss5K/7fr/dc8CAAAAAAAAAAAAALbSzNyNyxONxtR1G6/sjjB2cqPZbN7MfgpWF6VdEuEaG8XStd0ST2OqmAq/W+JZsVF8w57srHJ+HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKv9EQAA//+/kiDt") (async, rerun: 64)
r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r6, 0x80044940, &(0x7f0000001b00)={<r7=>0x0, ""/256, 0x0, <r8=>0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r9=>0x0, 0x0, <r10=>0x0}) (async)
r11 = getpid()
sched_setscheduler(r11, 0x2, &(0x7f0000000200)=0x6) (async)
syz_pidfd_open(r11, 0x0) (async)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x126a4b5, &(0x7f000000b6c0)=ANY=[@ANYRES16=r10, @ANYRES64=r9, @ANYBLOB="12a4095a2aac12f0bfcb206d982e44066381388d27f14002d8d7431d3947f6399c7ff9f5193fc0398653e5a67bbb319f02bf4ac6f6ccd5acbfe1350cc3a6d2d48cf6c089ddf67171ffb3b15988e7b394c5daf3e12ca05e4dbdad7edd45f10cbc296a53a530d4c2d203ee650d5fff3a9b5aae78794fe84327e508172cdd72eeff5af4d6db9379bef20dde8e64b91d31a84ce8a7598bb78cc85108874811fc650f0520a5", @ANYRES16=r5, @ANYRESDEC=r7, @ANYRES16=r8, @ANYRES16, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRES8=r7, @ANYRESOCT=0x0], 0x0, 0x0, &(0x7f0000000000)) (async)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r3, 0xc400941d, &(0x7f0000000580)={<r12=>0x0, 0x6, 0x400})
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r2, 0x50009417, &(0x7f00000011c0)={{r4}, r9, 0x4, @unused=[0x800, 0x4, 0xff, 0x3], @devid=r12}) (async, rerun: 64)
r13 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) (async, rerun: 64)
r14 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r14, 0x0, 0x8000000000000000}, 0x18) (async)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r15 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r15, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3f0, 0x3d8, 0x3d8, 0x3f0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0) (async, rerun: 64)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async, rerun: 64)
mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x40010, r13, 0x3)

16.224280637s ago: executing program 0 (id=4225):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001240)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e0, 0x1b0, 0xc8, 0x8, 0x0, 0x5803, 0x310, 0x2e8, 0x2e8, 0x310, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x190, 0x1b0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67442c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x28}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@remote, @mcast2, [], [], 'macvtap0\x00', 'syzkaller1\x00'}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x440)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xa, [@struct={0x8, 0x2, 0x0, 0xf, 0x0, 0x5, [{0x1, 0x1, 0x3}, {0x0, 0x1, 0x7}]}]}, {0x0, [0x5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e]}}, &(0x7f0000000280)=""/266, 0x46, 0x10a, 0x6, 0x0, 0x0, @void, @value}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000200), 0xffffffffffffffff)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@cgroup, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$IEEE802154_DISASSOCIATE_REQ(r3, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r4, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa0}]}, 0x28}, 0x1, 0x0, 0x0, 0x20040000}, 0x4040000)
r5 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002d00)=@newtfilter={0x1118, 0x2c, 0xd27, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_flow={{0x9}, {0x10e8, 0x2, [@TCA_FLOW_BASECLASS={0x8, 0x3, {0xffff, 0xfff2}}, @TCA_FLOW_EMATCHES={0x10d4, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x64}}, @TCA_EMATCH_TREE_LIST={0x10a0}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xd0}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}]}, @TCA_FLOW_KEYS={0x8, 0x1, 0x8c30}]}}]}, 0x1118}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000200008385000000710000001801000002696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
r10 = syz_open_dev$usbfs(&(0x7f0000000480), 0xc, 0x141341)
ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x5, 0x6)
syz_clone(0x240c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10)
ustat(0x1, 0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000005c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021200011800e000100636f6e6e6c696d69740000000c00028008000140fffffff73c0000000c0a01010000000000000000070000000900020073797a310000000009007a3000000000100003800c0000800800034000000002140000001000010000000000000000000084000a"], 0xe0}}, 0x0)

16.224050967s ago: executing program 32 (id=4225):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001240)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e0, 0x1b0, 0xc8, 0x8, 0x0, 0x5803, 0x310, 0x2e8, 0x2e8, 0x310, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x190, 0x1b0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67442c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x28}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@remote, @mcast2, [], [], 'macvtap0\x00', 'syzkaller1\x00'}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x440)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xa, [@struct={0x8, 0x2, 0x0, 0xf, 0x0, 0x5, [{0x1, 0x1, 0x3}, {0x0, 0x1, 0x7}]}]}, {0x0, [0x5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e]}}, &(0x7f0000000280)=""/266, 0x46, 0x10a, 0x6, 0x0, 0x0, @void, @value}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000200), 0xffffffffffffffff)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@cgroup, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$IEEE802154_DISASSOCIATE_REQ(r3, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r4, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0xaaa0}]}, 0x28}, 0x1, 0x0, 0x0, 0x20040000}, 0x4040000)
r5 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002d00)=@newtfilter={0x1118, 0x2c, 0xd27, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_flow={{0x9}, {0x10e8, 0x2, [@TCA_FLOW_BASECLASS={0x8, 0x3, {0xffff, 0xfff2}}, @TCA_FLOW_EMATCHES={0x10d4, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x4}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x7}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x64}}, @TCA_EMATCH_TREE_LIST={0x10a0}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xd0}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x3}}]}, @TCA_FLOW_KEYS={0x8, 0x1, 0x8c30}]}}]}, 0x1118}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000200008385000000710000001801000002696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
r10 = syz_open_dev$usbfs(&(0x7f0000000480), 0xc, 0x141341)
ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
set_mempolicy(0x3, &(0x7f0000000000)=0x5, 0x6)
syz_clone(0x240c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10)
ustat(0x1, 0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000005c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021200011800e000100636f6e6e6c696d69740000000c00028008000140fffffff73c0000000c0a01010000000000000000070000000900020073797a310000000009007a3000000000100003800c0000800800034000000002140000001000010000000000000000000084000a"], 0xe0}}, 0x0)

2.155905199s ago: executing program 4 (id=4454):
perf_event_open(&(0x7f00000034c0)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x3, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
writev(r0, &(0x7f0000004340), 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000040)='G', 0x1}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r4], 0x30, 0x40400d1}}], 0x1, 0x10)
pipe(&(0x7f0000000080))
r5 = socket(0xa, 0x40000000002, 0x0)
r6 = socket(0x2b, 0x80801, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x7fffffe, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000003a000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000"]}, 0x109)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000140)=@newqdisc={0x80, 0x24, 0xf0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x50, 0x2, {{}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x8000000000000001, 0x685c5830, 0x8, 0x9, 0x7fffffff, 0x2}}]}}}]}, 0x80}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000080)={'ip6gre0\x00', r9, 0x4, 0x4, 0x2, 0x6, 0x20, @private2, @rand_addr=' \x01\x00', 0x10, 0x40, 0x0, 0x81}})

2.03750288s ago: executing program 4 (id=4455):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000002c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2008, 0x800})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000340)={[{@resuid}, {@mblk_io_submit}, {@usrquota}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@jqfmt_vfsold}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0x100}}, {@grpquota}]}, 0x0, 0x488, &(0x7f0000002900)="$eJzs3c9vVFUbAOD3TmeA70NoRURB0CoaG9GWFlQWbjSasNDERBeYuKltIchADa2JEKLVGFwaEvfGpYl/gHGlG6OuTNzq3pAQJCagG8fcO/eWmWGm9PdU5nmSgXPmnLnnvL333Dlzz9w2gJ41mP6TRNwVEb9GRH8921xhsP7fjWsXJv66dmEiiVrttatJVu/6tQsTRdXidVvzzFApovRxkjfSbObc+VPj1erU2Tw/Mnv6nZGZc+efOnl6/MTUiakzY0eOHD40+uwzY0+vSpxpfNf3vD+9d/fRNy69MnHs0ls/fpX2d9e+enljHMuz5ZZnBtPA/6hlWsseW1ljG84/tZtxJuVu94bF6ouIdHdVsvHfH31xc+f1x0sfdbVzwJpKz9mbOxfP1YA7WBLd7gHQHcUbffr5t3is09RjQ7jyfP0DUBr3jfxRLylHKa9TWcP2ByPi2Nzfn6ePaLkOUWtz3QAAYKW+Tec/T7ab/5ViV0O97fna0EBE3B0ROyLinojYGRH3RmR174uI+5fYfuvS0K3zz9LlZQW2SOn877l8bat5/lfM/mKgL89ty+KvJMdPVqcO5j+ToahsTvOj7TZebOLFXz7t1H7j/C99pO0Xc8F8I5fLLRfoJsdnx1drUnrlw4g95XbxJ/MrAUlE7I6IPUvb9PYicfKJL/c2F537rkjdPv4FrMI6U+2LiMfr+38uWuIvJAuvT45sierUwZHiqLjVTz9ffLVT+yuKfxWk+39b8/HfUqP/z6RxvXZm6W1c/O2Tjp8py03xb60s9vjflLyereluyp97b3x29uxoxKbk5Szf9PzYzdcW+aJ+Gv/Q/vbjf0f+mjT+ByIiPYj3RcSDEfFQvu8ejohHImL/AvH/8MKjb3cq2wj7f7Lt+W/++B9o3v9LT/Sd+v6bTu0v7vx3OEsN5c9k57/b6NydYp1+uUczAAAA/PeUsu/GJ6Xh+XSpNDxc/w7/zvh/qTo9M3vg+PS7Zybr36EfiEqpuNLV33A9dDSZy7dYz4/l14qL8kP5dePP+v6X5YcnpquTXY4det3WDuM/9Xtft3sHrDn3a0Hvah3/8199aL4VOHP163XoELBuvP9D7zL+oXcZ/9C72o3/D1ry1gLgzuT9H3qX8Q+9qta/4Pg/sH49Adaf93/oSSu5r7+eSLeyjJcXv7+kTVF5gbv3u5Y4mvd3o/Sn24k387/csFH6I9GQKLcd3ZUljfcunIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADWwL8BAAD//13C6OE=")
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2c, r5, 0x1, 0x0, 0x0, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}]}, 0x2c}}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffffff6a)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x4030582a, &(0x7f0000000300)={0x113e, 0x0, 0x2000000, 0x10000})

1.768282491s ago: executing program 3 (id=4460):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000014001a80100004800c00068008"], 0x34}}, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x1, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x4e22, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "6d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8dde", "c71cb8adfce542a4bc02006c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
timer_create(0x2, &(0x7f00000003c0)={0x0, 0x21, 0x1, @thr={&(0x7f0000000340)="f238e040e8eb020f3d36c60efa0c8101da8c5a0979b35f4fe039a93615740cf6c27703335e739d84f0eafa2eef505f969086ef6bcff7e8b56b77bc4b79202b624a0b468e8de4ea622784de2b0c578f3c340e24", &(0x7f0000000700)="c5dd03e9450baef61a86a7c17582b88f044991718ee288fb6dc2e803f8f8d913ff686a66e6a712730584228df6d3d853ae1092d4995cb0ddfe7acd4f943a8e2d2907d0398674e83160527d0d867e84c174187deb94544698860b018a5ef20ba5ce803067aef80d0557e8b20370a88c9e40398fa9328ec6e094d0da0f5ab24dbe0931026a7e592aefeb6d9b3ff189e1c7175a93fedf43b86c24e1b923d3d18eeb99aaacaf2bb06a126baa2078e5e415fad8ed7d6040c328e18633f84f23425102dfff40c084836c6c15d530570a"}}, &(0x7f0000000400)=<r4=>0x0)
timer_gettime(r4, &(0x7f0000000440))
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket(0x18, 0x0, 0x0)
connect$pppoe(r7, &(0x7f0000000080)={0x18, 0x0, {0x2, @empty, 'geneve1\x00'}}, 0x1e)
sendmsg$TIPC_CMD_SET_LINK_TOL(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x8102, 0x0, 0x9ac626ed95d16ff3, 0x70bd29, 0x25dfdbfe, {{}, {}, {0x14, 0x18, {0x200000f, @bearer=@l2={'eth', 0x3a, 'bond0\x00'}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x2}, 0x48040)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r6, 0x6, 0x1d, &(0x7f0000000200), &(0x7f0000000300)=0x14)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r9, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006, 0x1, 0x0, 0xbe}]}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x51)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r10, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e08906200000000021000aac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x65e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r8}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20)

1.704252172s ago: executing program 4 (id=4461):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x7, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x700, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'syzkaller0\x00'}}]}, 0x38}}, 0x0)

1.333141373s ago: executing program 4 (id=4466):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
shmctl$IPC_RMID(0x0, 0x0)

1.164396094s ago: executing program 3 (id=4468):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
socket$netlink(0x10, 0x3, 0x0) (async)
signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffc]}, 0x8)
socket$inet_udp(0x2, 0x2, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) (async)
socket(0x2a, 0x2, 0xffffffff)
socket$netlink(0x10, 0x3, 0x0) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async, rerun: 64)
socket$inet_sctp(0x2, 0x5, 0x84) (async, rerun: 64)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) (async)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r2, @ANYRES64=0x0, @ANYRESHEX=r2], 0x20)
r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r3, 0x4, 0x6000) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x5, 0x7ffc1ffb}]}) (async)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)

1.142315035s ago: executing program 1 (id=4470):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff01800400080039503230"], 0x15)
r3 = dup(r1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000000)="b9ff060000000000000014f086dd", 0x0, 0xfffffffe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')

1.124067845s ago: executing program 1 (id=4471):
r0 = shmget$private(0x0, 0x1000, 0x800, &(0x7f0000ffc000/0x1000)=nil)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000054367f00000000000000000000187bc846", @ANYRES32, @ANYRES64=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000600)=[@in6={0xa, 0x4e21, 0xa, @local, 0x30000}]}, &(0x7f00000001c0)=0x10)
shmctl$IPC_RMID(r0, 0x0)

1.103094235s ago: executing program 1 (id=4472):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000002c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2008, 0x800})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000340)={[{@resuid}, {@mblk_io_submit}, {@usrquota}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@jqfmt_vfsold}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0x100}}, {@grpquota}]}, 0x0, 0x488, &(0x7f0000002900)="$eJzs3c9vVFUbAOD3TmeA70NoRURB0CoaG9GWFlQWbjSasNDERBeYuKltIchADa2JEKLVGFwaEvfGpYl/gHGlG6OuTNzq3pAQJCagG8fcO/eWmWGm9PdU5nmSgXPmnLnnvL333Dlzz9w2gJ41mP6TRNwVEb9GRH8921xhsP7fjWsXJv66dmEiiVrttatJVu/6tQsTRdXidVvzzFApovRxkjfSbObc+VPj1erU2Tw/Mnv6nZGZc+efOnl6/MTUiakzY0eOHD40+uwzY0+vSpxpfNf3vD+9d/fRNy69MnHs0ls/fpX2d9e+enljHMuz5ZZnBtPA/6hlWsseW1ljG84/tZtxJuVu94bF6ouIdHdVsvHfH31xc+f1x0sfdbVzwJpKz9mbOxfP1YA7WBLd7gHQHcUbffr5t3is09RjQ7jyfP0DUBr3jfxRLylHKa9TWcP2ByPi2Nzfn6ePaLkOUWtz3QAAYKW+Tec/T7ab/5ViV0O97fna0EBE3B0ROyLinojYGRH3RmR174uI+5fYfuvS0K3zz9LlZQW2SOn877l8bat5/lfM/mKgL89ty+KvJMdPVqcO5j+ToahsTvOj7TZebOLFXz7t1H7j/C99pO0Xc8F8I5fLLRfoJsdnx1drUnrlw4g95XbxJ/MrAUlE7I6IPUvb9PYicfKJL/c2F537rkjdPv4FrMI6U+2LiMfr+38uWuIvJAuvT45sierUwZHiqLjVTz9ffLVT+yuKfxWk+39b8/HfUqP/z6RxvXZm6W1c/O2Tjp8py03xb60s9vjflLyereluyp97b3x29uxoxKbk5Szf9PzYzdcW+aJ+Gv/Q/vbjf0f+mjT+ByIiPYj3RcSDEfFQvu8ejohHImL/AvH/8MKjb3cq2wj7f7Lt+W/++B9o3v9LT/Sd+v6bTu0v7vx3OEsN5c9k57/b6NydYp1+uUczAAAA/PeUsu/GJ6Xh+XSpNDxc/w7/zvh/qTo9M3vg+PS7Zybr36EfiEqpuNLV33A9dDSZy7dYz4/l14qL8kP5dePP+v6X5YcnpquTXY4det3WDuM/9Xtft3sHrDn3a0Hvah3/8199aL4VOHP163XoELBuvP9D7zL+oXcZ/9C72o3/D1ry1gLgzuT9H3qX8Q+9qta/4Pg/sH49Adaf93/oSSu5r7+eSLeyjJcXv7+kTVF5gbv3u5Y4mvd3o/Sn24k387/csFH6I9GQKLcd3ZUljfcunIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADWwL8BAAD//13C6OE=")
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r3}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2c, r6, 0x1, 0x0, 0x0, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}]}, 0x2c}}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffffff6a)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x4030582a, &(0x7f0000000300)={0x113e, 0x0, 0x2000000, 0x10000})

1.101808385s ago: executing program 4 (id=4473):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000580)={&(0x7f0000000b00)={0x5c, 0x0, 0x1, 0x70bd28, 0x25dfdbf9, {{}, {@void, @val={0xc, 0x99, {0x100, 0x57}}}}, [@NL80211_ATTR_FRAME={0x39, 0x33, @reassoc_req={{{0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7}, @device_a, @device_b, @initial, {0x1, 0xff0}}, 0x10, 0x9, @device_b, {0x0, 0x11, @random="eaa39a2498f9fc82421a618c03ca4f6408"}, @void, @void}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4840}, 0x40010)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3}, &(0x7f0000000080), &(0x7f0000000180)=r4}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x90044802, &(0x7f0000000dc0))
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a00000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3, 0x0, 0x3, 0x1, 0x7}, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x14a042)
close_range(r1, 0xffffffffffffffff, 0x204000000000000)

1.092747685s ago: executing program 5 (id=4474):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
splice(r1, 0x0, r0, 0x0, 0x1, 0x4)
vmsplice(r0, &(0x7f00000013c0)=[{&(0x7f0000000080)='4', 0x1}, {&(0x7f0000000100)="a7", 0xfec7}, {&(0x7f0000000880)="9f3846581b1b5159fa75b369536aed7fc089b18592fd1bd099864f1ed35c7046e78c84f4cf0e59594f6dac655efbe84343ff8c186af752f7691c612987b6c089fc2ac412de8edab1f67d0300a1acf9ef331f2b436ff4322adcde8648bcd1e193eb1cb83b0ff2de12d2", 0xfdb9}, {&(0x7f0000000300)='b', 0x1}], 0x28, 0x0)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000240))
close_range(r0, 0xffffffffffffffff, 0x0)

1.092201245s ago: executing program 3 (id=4475):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a00", @ANYRES64], 0x44}}, 0x0)

949.583315ms ago: executing program 2 (id=4476):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket(0xa, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00000000"]}, 0x3c0)

912.138076ms ago: executing program 2 (id=4477):
perf_event_open(&(0x7f00000034c0)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x3, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
writev(r0, &(0x7f0000004340), 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000040)='G', 0x1}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r4], 0x30, 0x40400d1}}], 0x1, 0x10)
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0x400000, 0x0)
r5 = socket(0xa, 0x40000000002, 0x0)
r6 = socket(0x2b, 0x80801, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x7fffffe, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000003a000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000"]}, 0x109)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000140)=@newqdisc={0x80, 0x24, 0xf0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x50, 0x2, {{}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x8000000000000001, 0x685c5830, 0x8, 0x9, 0x7fffffff, 0x2}}]}}}]}, 0x80}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000080)={'ip6gre0\x00', r9, 0x4, 0x4, 0x2, 0x6, 0x20, @private2, @rand_addr=' \x01\x00', 0x10, 0x40, 0x0, 0x81}})

895.063926ms ago: executing program 1 (id=4478):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1400)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')

881.628076ms ago: executing program 5 (id=4479):
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x40, &(0x7f00000008c0)={[{@nobh}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@resuid}, {@dioread_nolock}, {@usrjquota}, {@discard}, {@jqfmt_vfsv1}]}, 0xfc, 0x564, &(0x7f0000002bc0)="$eJzs3c9rHFUcAPDvbLL9rU2hFPUggR6s1G6axB8VPNSjaLGg97ok01Cy6ZbspjSxYHuwFy9SBBEL4h/gyYvH4j/gX1HQQpES9OAlMpvZdNPdTbbJtkm7nw9M8t7M7L757sz38WbfLhvAwBrN/hQiXo2Ib5OIwy3bhiPfOLq63/LD61PZksTKymd/J5Hk65r7J/n/g3nllYj4/euIk4X2dmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sw7kxPvv/du32J98/y/P3x696Mz3xxf/v6X+0duJ3E2DuXbWuPYhhutldEYzV+TYpx9bMfxPjS2myQ7fQBsyVCe58XI+oDDMZRnPfDi+yoiVoABlch/GFDNcUDz3r5P98HPjQcfrt4Atcc/vPreSOxr3BsdWE7W3Rll97sjfWg/a+O3v+7czpbo3/sQAJu6cTMiTg8Pt/d/Sd7/bd3pHvZ5vA39Hzw7d7Pxz1udxj+FtfFPdBj/HOyQu1uxef4X7vehma6y8d8HHce/a5NWI0N57aXGmK+YXLxUSbO+7eWIOBHFvVl9o/mcM8v3Vtav+XWt1Dr+y5as/eZYMD+O+8N71z96ulwvbzfupgc3I17rOP5N1s5/0uH8Z6/H+R7bOJbeeb3bts3jf7pWfo54o+P5fzSjlWw8PznWuB7GmldFu39uHfujW/s9xF/sY7htsvN/YOP4R5LW+dpat2fqPm/0077/0m7btnr970k+b5T35Ouulev1+fGIPckn7esnHj22WW/un8V/4vjG/V+n639/RHzRNeL1bh291XXXnb7+s/inn+j8P3nh3sdf/tit/d7O/9uN0ol8TS/9X68HuJ3XDgAAAAAAAHabQkQciqRQWisXCqXS6uc7jsaBQqVaq5+8WF24PB2N78qORLHQnOk+3PJ5iPH887DN+sRj9cmIOBIR3w3tb9RLU9XK9E4HDwAAAAAAAAAAAAAAAAAAALvEwYh9nb7/n/lzaKePDnjq2n66QeLDwOj+0y35ln780hOwK3XPf+BFJ/9hcMl/GFzyHwaX/IfBJf9hcMl/GFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAPrq/Llz2bKy/PD6VFafvrq4MFu9emo6rc2W5hamSlPV+SulmWp1ppKWpqpzmz1fpVq9Mj4RC9fG6mmtPlZbXLowV124XL9waa48k15Ii88kKgAAAAAAAAAAAAAAAAAAAHi+1BaXZsuVSjqvoLClwvDuOAyFPhd2umcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEf+DwAA//9MBzmC")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0)="c8", &(0x7f0000000380), 0x9, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x3, &(0x7f0000000080)={0x2, &(0x7f0000000180)=[{0x2776, 0x0, 0xf2, 0x30ab7755}, {0x4, 0x1, 0x2, 0x100}]})
capget(&(0x7f00000001c0)={0x20071026}, 0x0)
r2 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000f8)

857.638576ms ago: executing program 3 (id=4480):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r2 = io_uring_setup(0x7bda, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x80000, 0x26c})
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0x16, 0x20000002, r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mq_open(0x0, 0x40, 0x0, 0x0)
mq_unlink(0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f00000008c0)=r6, 0x4)
close(r1)

823.602506ms ago: executing program 2 (id=4481):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180040008003950323030"], 0x15)
r3 = dup(r1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000000)="b9ff060000000000000014f086dd", 0x0, 0xfffffffe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')

764.584057ms ago: executing program 5 (id=4482):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00'}, 0x10)
rmdir(0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a9a4850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
msgsnd(0x0, 0x0, 0x8, 0x5c0e98538dd202a3)
rt_tgsigqueueinfo(r1, r1, 0x15, &(0x7f0000000180)={0x100001f, 0x8, 0xfffffffd})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000dc0)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb01001800000000000058000c0000000c00000002000000000000000000000a000000000100"], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
rt_sigqueueinfo(0x0, 0xd, &(0x7f0000000300)={0x18, 0xd, 0x80000001})
r3 = socket(0x400000000010, 0x3, 0x0)
fsetxattr$security_evm(r0, &(0x7f0000000080), &(0x7f00000000c0)=@sha1={0x1, "f01f7b7452354da446b12ceac142e85344f9810d"}, 0x15, 0x3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001500)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x100}, 0x0)
write(r3, &(0x7f0000000040)="3a03000018002551075c0165ff0ffc02802000030004000500e1000c0400070080000900", 0x33a)

763.987726ms ago: executing program 1 (id=4483):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x21885e, &(0x7f0000000440)={[{@grpquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x2f}}, {@dioread_lock}]}, 0x5, 0x504, &(0x7f0000001480)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9sCWE0KoEqJHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lAMSPyJQg8TBaMaT1E3tJtokdhR/PtJo3ps3nu97cea9+Dn2C2BoXY2I3YgYi4h7ETGdHc9lW9xqb8l5z/ceLe3vPVrKRat155+5tDw5Fh2PSVzJrlmMiB9+N+InuVfjNrZ31har1cpmlp9t1jZmG9s7N1ZriyuVlcp6ubwwvzD3yc2Py2fW1vdqY1nqq8/+sPutnyXVmsqOdLbjLLWbXjiMkxiNiO+fR7ABGMnaMzboivC55CPi7Yh4P73/p2MkfTYBgMus1ZqO1nRnHgC47PLpHFguX8rmAqYiny+V2nN478RkvlpvNK/fr2+tL7fnymaikL+/Wq3MZXOFM1HIJfn5NP0iXz6SvxkRb0XEL8Yn0nxpqV5dHuQfPgAwxK4cGf//M94e/wGAS6446AoAAH1n/AeA4WP8B4DhY/wHgOHTHv8nBl0NAKCPvP4HgOFj/AeAofKD27eTrbWfff/18oPtrbX6gxvLlcZaqba1VFqqb26UVur1lfQ7e2rHXa9ar2/MfxRbD2e+vdFozja2d+7W6lvrzbvp93rfrRTSs3b70DIAoJe33nv651wyIn86kW7RsZZDYaA1A85bftAVAAZmZNAVAAbGal8wvE7xGt/0AFwSXZbofUmx2weEWq1W6/yqBJyza18y/w/DqmP+338Bw5Ax/w/Dy/w/DK9WK3fSNf/jpCcCABebOX6gx/v/b2f732ZvDvx4+egZT7o+bjfrXs6uggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHABHaz/W8rWAp+KfL5UingjImaikLu/Wq3MRcSbEfGn8cJ4kp8fcJ0BgNPK/y2Xrf91bfrDqZeK3r1ymByLiJ/+6s4vHy42m5t/jBjL/Wv84HjzSXa83P/aAwDHOxin033HC/nne4+WDrZ+1ufv34mIYjv+/t5Y7B/GH43RdF+MQkRM/juX5dtyHXMXp7H7OCK+2K39uZhK50DaK58ejZ/EfqOv8fMvxc+nZe198rP4whnUBYbN06T/udXt/svH1XTf/f4vpj3U6WX9X3Kppf20D3wR/6D/G+nR/109aYyPfv+9dmri1bLHEV8ejTiIvd/R/xzEz/WI/+EJ4//lK+++36us9euIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m85Rz/YeDf7x6fU3e5Ul7Z/sEb94TPu/fsL2/+Z/9370tdfE/+YH3eLn453XxE/GxG+cMP7i5O+KvcqS+Ms92n/c83/9hPGf/XXnlWXDAYDBaWzvrC1Wq5VNCYmLn0h+ZS9ANbomPutXrLHoXvTzD9r39JGiVuv1F/yse1GvHuMsZt2Ai+Dwpo+I/w66MgAAAAAAAAAAAAAAQFf9+MTSoNsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA5fX/AAAA//+YXdZi")
acct(&(0x7f0000000200)='./file1\x00')
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet(0x2, 0x3, 0x6)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}})
ioctl$sock_inet_SIOCSARP(r1, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x4e21, @private=0xa010100}, 'syz_tun\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_VLAN(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000540)={0x24, r5, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_VLANID={0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x51}, 0x0)
r6 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r6, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0)

759.846626ms ago: executing program 2 (id=4484):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000b60ad602000008000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = accept$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
connect$inet6(r3, &(0x7f0000000580)={0xa, 0x4e20, 0x4, @loopback, 0x9}, 0x1c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r6 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r6, 0x29, 0x16, &(0x7f0000fcb000)=0x2, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x1, 0x7ffc1ffb}]})
times(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'macvtap0\x00', <r8=>0x0})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r8}}, 0x24}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8, 0x2, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x18, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xcd8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x1, 0x4, 0x20000000, 0x8, 0x5}}, @TCA_SAMPLE_RATE={0x8}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x70}}, 0x0)

669.438067ms ago: executing program 3 (id=4485):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0xa3331ddc6211143)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x29)
syz_open_procfs(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0, r1, 0x0, 0x8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe89)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
futex(0x0, 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc)=0x4, 0x10b, 0x4, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000000), &(0x7f0000048000), 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8001}, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000880), 0xffffffffffffffff)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ftruncate(r3, 0xc17a) (fail_nth: 2)

659.143187ms ago: executing program 5 (id=4486):
r0 = syz_open_dev$usbfs(&(0x7f0000000340), 0x800000001fe, 0x802)
r1 = dup(r0)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x12, 0x2, 0x0, 0x0, 0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r2}, 0x8)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_tracing={0x1a, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000300000000000000a30200c09abe4b00", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000009500000000000000184300000700000000000000000000007c64d3ff040000009500000000000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x100, 0xcd, &(0x7f0000000400)=""/205, 0x41000, 0x15, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000180)={0x1, 0x1, 0x3, 0x4595}, 0x10, 0x23e44, 0xffffffffffffffff, 0x7, &(0x7f0000000500)=[r2, r2, r2, r2, r2], &(0x7f0000000540)=[{0x3, 0x4, 0x9, 0x8}, {0x1, 0x5, 0xf, 0xb}, {0x5, 0x3, 0x1}, {0x3, 0x4, 0x4, 0xb}, {0x5, 0x5, 0x14, 0x3}, {0x0, 0x5, 0xc, 0xd}, {0x5, 0x1, 0x5, 0x6}], 0x10, 0x7, @void, @value}, 0x94)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
sendfile(r4, r4, 0x0, 0x24002de8)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000940)={'ip_vti0\x00', &(0x7f0000000880)={'gretap0\x00', <r5=>0x0, 0x20, 0x20, 0x8000, 0x8, {{0x1a, 0x4, 0x1, 0xc, 0x68, 0x65, 0x0, 0x81, 0x0, 0x0, @loopback, @local, {[@end, @generic={0x0, 0x11, "47e860a6f71f1dcfa55459ba0dfbb3"}, @lsrr={0x83, 0x27, 0xd8, [@multicast1, @multicast2, @broadcast, @rand_addr=0x64010101, @broadcast, @private=0xa010101, @multicast1, @private=0xa010101, @broadcast]}, @generic={0x7, 0xf, "0d1447a415c1db9304a9f9f624"}, @end, @ssrr={0x89, 0xb, 0x53, [@initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102]}]}}}}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000a00)={0x10, <r6=>0x0}, 0x8)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r2, @ANYBLOB='\b\x00\x00\x00#\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="03000000030000000100"/28], 0x50)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0xce, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x100000, 0x5dd8, 0x3, 0x0, 0x0, 0x8, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r8 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r8)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00')
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x1f, 0x18, &(0x7f0000000700)=ANY=[@ANYBLOB="180000008c9b00000000000002000000cc781000ffffffff9d345000010000005d321800f0ffffff186300000900000000000000feb400008749fcff0800000018200000", @ANYRES32=r1, @ANYBLOB="0000000003000000b7080000000000007b8af8ff00000000b7080000040000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705001f0800000000"], &(0x7f0000000100)='syzkaller\x00', 0x43b1, 0xab, &(0x7f00000007c0)=""/171, 0x41000, 0x1, '\x00', r5, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000980)={0x7, 0x2}, 0xfffffffffffffffe, 0x10, &(0x7f00000009c0)={0x1, 0x0, 0x7, 0x5fb}, 0x10, r6, r3, 0x0, &(0x7f0000000ac0)=[r1, r2, r1, r7], &(0x7f0000000b00), 0x10, 0x5, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000104000000000000000000000c62ee880500000018290000", @ANYRES32=r2, @ANYBLOB="000000005964e7e27f9c810000648fafdf980044", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
dup2(r9, r2)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r10, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
shutdown(r10, 0x1)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r11, 0x8953, &(0x7f0000000100)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @random="08a503576a7f"}, 0x0, {0x2, 0x0, @loopback}, 'syz_tun\x00'})

376.095989ms ago: executing program 5 (id=4487):
socket$kcm(0x11, 0xa, 0x300)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0x5}, 0x18)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

353.471359ms ago: executing program 5 (id=4488):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@acl}, {@bh}, {@lazytime}, {@nombcache}, {@noload}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x48140, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='kmem_cache_free\x00', r2, 0x0, 0x6}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x0, {{}, 0x4}}, 0x10, 0x0}, 0x0)
acct(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00')
acct(0x0)
r4 = dup(r1)
finit_module(r4, 0x0, 0x0)
mount(&(0x7f0000000200)=@sg0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000740)='rpc_pipefs\x00', 0x20000c0, &(0x7f0000000780)='lazytime')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
shmctl$IPC_RMID(0x0, 0x0)

352.963739ms ago: executing program 2 (id=4489):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000002c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x2008, 0x800})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000340)={[{@resuid}, {@mblk_io_submit}, {@usrquota}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@jqfmt_vfsold}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0x100}}, {@grpquota}]}, 0x0, 0x488, &(0x7f0000002900)="$eJzs3c9vVFUbAOD3TmeA70NoRURB0CoaG9GWFlQWbjSasNDERBeYuKltIchADa2JEKLVGFwaEvfGpYl/gHGlG6OuTNzq3pAQJCagG8fcO/eWmWGm9PdU5nmSgXPmnLnnvL333Dlzz9w2gJ41mP6TRNwVEb9GRH8921xhsP7fjWsXJv66dmEiiVrttatJVu/6tQsTRdXidVvzzFApovRxkjfSbObc+VPj1erU2Tw/Mnv6nZGZc+efOnl6/MTUiakzY0eOHD40+uwzY0+vSpxpfNf3vD+9d/fRNy69MnHs0ls/fpX2d9e+enljHMuz5ZZnBtPA/6hlWsseW1ljG84/tZtxJuVu94bF6ouIdHdVsvHfH31xc+f1x0sfdbVzwJpKz9mbOxfP1YA7WBLd7gHQHcUbffr5t3is09RjQ7jyfP0DUBr3jfxRLylHKa9TWcP2ByPi2Nzfn6ePaLkOUWtz3QAAYKW+Tec/T7ab/5ViV0O97fna0EBE3B0ROyLinojYGRH3RmR174uI+5fYfuvS0K3zz9LlZQW2SOn877l8bat5/lfM/mKgL89ty+KvJMdPVqcO5j+ToahsTvOj7TZebOLFXz7t1H7j/C99pO0Xc8F8I5fLLRfoJsdnx1drUnrlw4g95XbxJ/MrAUlE7I6IPUvb9PYicfKJL/c2F537rkjdPv4FrMI6U+2LiMfr+38uWuIvJAuvT45sierUwZHiqLjVTz9ffLVT+yuKfxWk+39b8/HfUqP/z6RxvXZm6W1c/O2Tjp8py03xb60s9vjflLyereluyp97b3x29uxoxKbk5Szf9PzYzdcW+aJ+Gv/Q/vbjf0f+mjT+ByIiPYj3RcSDEfFQvu8ejohHImL/AvH/8MKjb3cq2wj7f7Lt+W/++B9o3v9LT/Sd+v6bTu0v7vx3OEsN5c9k57/b6NydYp1+uUczAAAA/PeUsu/GJ6Xh+XSpNDxc/w7/zvh/qTo9M3vg+PS7Zybr36EfiEqpuNLV33A9dDSZy7dYz4/l14qL8kP5dePP+v6X5YcnpquTXY4det3WDuM/9Xtft3sHrDn3a0Hvah3/8199aL4VOHP163XoELBuvP9D7zL+oXcZ/9C72o3/D1ry1gLgzuT9H3qX8Q+9qta/4Pg/sH49Adaf93/oSSu5r7+eSLeyjJcXv7+kTVF5gbv3u5Y4mvd3o/Sn24k387/csFH6I9GQKLcd3ZUljfcunIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADWwL8BAAD//13C6OE=")
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r3}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2c, r6, 0x1, 0x0, 0x0, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}]}, 0x2c}}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffffff6a)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x4030582a, &(0x7f0000000300)={0x113e, 0x0, 0x2000000, 0x10000})

279.342259ms ago: executing program 3 (id=4490):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xc, &(0x7f0000000ec0)=ANY=[@ANYRESHEX=r0, @ANYRESOCT, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff3, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000280)={<r2=>0x0, 0x3, 0x1, 0x41fd}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000300)=@sack_info={r2, 0x9, 0xae}, &(0x7f0000000340)=0xc)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='writeback_bdi_register\x00', 0xffffffffffffffff, 0x0, 0xf}, 0xfffffffffffffd18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2$9p(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
splice(r5, 0x0, r7, 0x0, 0xfdef, 0x0) (fail_nth: 1)
write$P9_ROPEN(r6, &(0x7f0000000300)={0x18, 0x71, 0x0, {{0x89}}}, 0x18)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000580)=ANY=[@ANYBLOB="1400bbc3ebed360000", @ANYRES16=0x0, @ANYBLOB="d9deddad"], 0x14}}, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r12, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff000000000000004000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007663616e000000000400028008000a00", @ANYRES32=r12, @ANYBLOB], 0x3c}}, 0x4000840)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xb)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newlink={0x34, 0x10, 0x10, 0x70bd26, 0x25dfdbff, {}, [@IFLA_ADDRESS={0xa, 0x1, @multicast}, @IFLA_MASTER={0x8, 0xa, r13}]}, 0x34}}, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, 0x30100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, r3, 0x2)
syz_emit_ethernet(0x36, &(0x7f0000000ac0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv6={0x86dd, @generic={0xa, 0x6, '\x00', 0x0, 0x2b, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @local}}}}, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

278.709279ms ago: executing program 1 (id=4491):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a00", @ANYRES64], 0x44}}, 0x0)

199.019049ms ago: executing program 2 (id=4492):
perf_event_open(&(0x7f00000034c0)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x3, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
writev(r0, &(0x7f0000004340), 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000040)='G', 0x1}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r4], 0x30, 0x40400d1}}], 0x1, 0x10)
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0x400000, 0x0)
r5 = socket(0xa, 0x40000000002, 0x0)
r6 = socket(0x2b, 0x80801, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x7fffffe, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000000000000000003a000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000"]}, 0x109)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000140)=@newqdisc={0x80, 0x24, 0xf0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x50, 0x2, {{}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x8000000000000001, 0x685c5830, 0x8, 0x9, 0x7fffffff, 0x2}}]}}}]}, 0x80}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000080)={'ip6gre0\x00', r9, 0x4, 0x4, 0x2, 0x6, 0x20, @private2, @rand_addr=' \x01\x00', 0x10, 0x40, 0x0, 0x81}})

0s ago: executing program 4 (id=4493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xc, &(0x7f0000000ec0)=ANY=[@ANYRESHEX=r0, @ANYRESOCT, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff3, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000280)={<r2=>0x0, 0x3, 0x1, 0x41fd}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000300)=@sack_info={r2, 0x9, 0xae}, &(0x7f0000000340)=0xc)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='writeback_bdi_register\x00', 0xffffffffffffffff, 0x0, 0xf}, 0xfffffffffffffd18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2$9p(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
splice(r5, 0x0, r7, 0x0, 0xfdef, 0x0)
write$P9_ROPEN(r6, &(0x7f0000000300)={0x18, 0x71, 0x0, {{0x89}}}, 0x18)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000580)=ANY=[@ANYBLOB="1400bbc3ebed360000", @ANYRES16=0x0, @ANYBLOB="d9deddad"], 0x14}}, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r12, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff000000000000004000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007663616e000000000400028008000a00", @ANYRES32=r12, @ANYBLOB], 0x3c}}, 0x4000840)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xb)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newlink={0x34, 0x10, 0x10, 0x70bd26, 0x25dfdbff, {}, [@IFLA_ADDRESS={0xa, 0x1, @multicast}, @IFLA_MASTER={0x8, 0xa, r13}]}, 0x34}}, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, 0x30100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, r3, 0x2)
syz_emit_ethernet(0x36, &(0x7f0000000ac0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv6={0x86dd, @generic={0xa, 0x6, '\x00', 0x0, 0x2b, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @local}}}}, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

kernel console output (not intermixed with test programs):

00000020000200 RDI: 0000000000000004
[  214.741459][T13649] RBP: 00007fb3b8fc70a0 R08: 0000000000000000 R09: 0000000000000000
[  214.749453][T13649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.757437][T13649] R13: 0000000000000000 R14: 00007fb3bab15fa0 R15: 00007ffcfaa08d28
[  214.765429][T13649]  </TASK>
[  214.875092][T13659] netlink: 'syz.2.3715': attribute type 21 has an invalid length.
[  214.937307][T13667] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  214.976123][T13658] loop3: detected capacity change from 0 to 8192
[  215.005455][T13659] xt_TPROXY: Can be used only with -p tcp or -p udp
[  215.127296][T13676] bond1: entered promiscuous mode
[  215.132417][T13676] bond1: entered allmulticast mode
[  215.139700][T13676] 8021q: adding VLAN 0 to HW filter on device bond1
[  215.166134][T13676] bond1 (unregistering): Released all slaves
[  215.211604][T13679] loop4: detected capacity change from 0 to 512
[  215.258417][T13679] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.3721: invalid indirect mapped block 256 (level 2)
[  215.290083][T13683] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  215.341667][T13679] EXT4-fs (loop4): 2 truncates cleaned up
[  215.375214][T13679] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.445897][T13685] loop3: detected capacity change from 0 to 8192
[  215.591623][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.659241][T13697] __nla_validate_parse: 4 callbacks suppressed
[  215.659339][T13697] netlink: 88 bytes leftover after parsing attributes in process `syz.0.3728'.
[  215.777305][T13704] netlink: 'syz.4.3731': attribute type 21 has an invalid length.
[  215.813886][T13704] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3731'.
[  215.836713][T13704] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  215.874066][T13704] xt_TPROXY: Can be used only with -p tcp or -p udp
[  215.962173][ T3394] hid-generic 0000:0000:0000.0044: unknown main item tag 0x0
[  215.973811][ T3394] hid-generic 0000:0000:0000.0044: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  216.001900][T13714] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  216.110821][T13718] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  216.230431][T13725] netlink: 88 bytes leftover after parsing attributes in process `syz.0.3739'.
[  216.234081][T13726] sctp: [Deprecated]: syz.2.3740 (pid 13726) Use of struct sctp_assoc_value in delayed_ack socket option.
[  216.234081][T13726] Use struct sctp_sack_info instead
[  216.317444][T13732] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  216.458110][T13735] loop2: detected capacity change from 0 to 8192
[  216.706908][T13745] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3746'.
[  216.736201][T13740] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3746'.
[  216.745308][T13740] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3746'.
[  216.754333][T13740] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3746'.
[  216.809724][T13747] netlink: 550 bytes leftover after parsing attributes in process `syz.4.3749'.
[  216.984820][T13762] netlink: 88 bytes leftover after parsing attributes in process `syz.2.3754'.
[  217.189135][T13777] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3759'.
[  217.342095][T13783] bond1: entered promiscuous mode
[  217.347297][T13783] bond1: entered allmulticast mode
[  217.353970][T13783] 8021q: adding VLAN 0 to HW filter on device bond1
[  217.372353][T13783] bond1 (unregistering): Released all slaves
[  217.382243][T13786] FAULT_INJECTION: forcing a failure.
[  217.382243][T13786] name failslab, interval 1, probability 0, space 0, times 0
[  217.394893][T13786] CPU: 0 UID: 0 PID: 13786 Comm: syz.0.3763 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  217.406821][T13786] Tainted: [W]=WARN
[  217.410666][T13786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  217.420787][T13786] Call Trace:
[  217.424136][T13786]  <TASK>
[  217.427119][T13786]  dump_stack_lvl+0xf2/0x150
[  217.431746][T13786]  dump_stack+0x15/0x20
[  217.435924][T13786]  should_fail_ex+0x223/0x230
[  217.440623][T13786]  should_failslab+0x8f/0xb0
[  217.445315][T13786]  kmem_cache_alloc_noprof+0x52/0x320
[  217.450706][T13786]  ? fib6_add_1+0x35d/0xae0
[  217.455380][T13786]  fib6_add_1+0x35d/0xae0
[  217.459748][T13786]  fib6_add+0xfe/0x21c0
[  217.463915][T13786]  ? should_failslab+0x8f/0xb0
[  217.468688][T13786]  ? ip_fib_metrics_init+0x29d/0x480
[  217.474001][T13786]  ? __kmalloc_noprof+0x1e3/0x3f0
[  217.479146][T13786]  ? fib6_info_alloc+0x2c/0x90
[  217.483990][T13786]  ? __ipv6_addr_type+0x136/0x210
[  217.489035][T13786]  ? ip6_route_info_create+0xabd/0xba0
[  217.494516][T13786]  ip6_route_add+0x71/0x120
[  217.499063][T13786]  ipv6_route_ioctl+0x28b/0x2d0
[  217.504072][T13786]  inet6_ioctl+0x153/0x190
[  217.508526][T13786]  sock_do_ioctl+0x81/0x260
[  217.513093][T13786]  sock_ioctl+0x46a/0x640
[  217.517437][T13786]  ? __pfx_sock_ioctl+0x10/0x10
[  217.522311][T13786]  __se_sys_ioctl+0xc9/0x140
[  217.526924][T13786]  __x64_sys_ioctl+0x43/0x50
[  217.531652][T13786]  x64_sys_call+0x1690/0x2dc0
[  217.536427][T13786]  do_syscall_64+0xc9/0x1c0
[  217.540999][T13786]  ? clear_bhb_loop+0x55/0xb0
[  217.545681][T13786]  ? clear_bhb_loop+0x55/0xb0
[  217.550401][T13786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.556315][T13786] RIP: 0033:0x7f671e1b0809
[  217.560739][T13786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.580399][T13786] RSP: 002b:00007f671c827058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  217.588821][T13786] RAX: ffffffffffffffda RBX: 00007f671e375fa0 RCX: 00007f671e1b0809
[  217.596853][T13786] RDX: 0000000020000240 RSI: 000000000000890b RDI: 0000000000000007
[  217.604860][T13786] RBP: 00007f671c8270a0 R08: 0000000000000000 R09: 0000000000000000
[  217.612851][T13786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.620825][T13786] R13: 0000000000000000 R14: 00007f671e375fa0 R15: 00007ffdace677c8
[  217.628859][T13786]  </TASK>
[  217.894098][T13800] loop1: detected capacity change from 0 to 8192
[  217.952430][   T29] kauditd_printk_skb: 177 callbacks suppressed
[  217.952450][   T29] audit: type=1326 audit(1732763515.058:11746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13804 comm="syz.2.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  218.000531][   T29] audit: type=1326 audit(1732763515.058:11747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13804 comm="syz.2.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  218.024170][   T29] audit: type=1326 audit(1732763515.058:11748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13804 comm="syz.2.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  218.047832][   T29] audit: type=1326 audit(1732763515.058:11749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13804 comm="syz.2.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  218.071445][   T29] audit: type=1326 audit(1732763515.058:11750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13804 comm="syz.2.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  218.095153][   T29] audit: type=1326 audit(1732763515.068:11751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13804 comm="syz.2.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  218.118656][   T29] audit: type=1326 audit(1732763515.068:11752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13804 comm="syz.2.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  218.142325][   T29] audit: type=1326 audit(1732763515.068:11753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13804 comm="syz.2.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  218.182339][   T29] audit: type=1326 audit(1732763515.288:11754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13804 comm="syz.2.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  218.206023][   T29] audit: type=1326 audit(1732763515.288:11755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13804 comm="syz.2.3771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  218.243705][T13814] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  218.309723][T13816] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  218.548078][T13824] bond2: entered promiscuous mode
[  218.553179][T13824] bond2: entered allmulticast mode
[  218.589806][T13824] 8021q: adding VLAN 0 to HW filter on device bond2
[  218.633936][T13824] bond2 (unregistering): Released all slaves
[  218.696103][T13834] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  218.816478][T13846] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  219.060081][T13863] loop4: detected capacity change from 0 to 8192
[  219.115514][T13870] bond1: entered promiscuous mode
[  219.120666][T13870] bond1: entered allmulticast mode
[  219.129367][T13870] 8021q: adding VLAN 0 to HW filter on device bond1
[  219.150942][T13870] bond1 (unregistering): Released all slaves
[  219.207944][T13875] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  219.405734][T13890] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  219.692002][T13911] bond1: entered promiscuous mode
[  219.697158][T13911] bond1: entered allmulticast mode
[  219.704476][T13911] 8021q: adding VLAN 0 to HW filter on device bond1
[  219.724024][T13911] bond1 (unregistering): Released all slaves
[  219.968158][T13923] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  220.416039][ T3394] hid-generic 0000:0000:0000.0045: unknown main item tag 0x0
[  220.462195][ T3394] hid-generic 0000:0000:0000.0045: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  220.473376][T13946] syz.2.3826[13946] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  220.473456][T13946] syz.2.3826[13946] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  220.490557][T13946] syz.2.3826[13946] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  220.586230][T13946] lo speed is unknown, defaulting to 1000
[  221.024836][T13975] __nla_validate_parse: 25 callbacks suppressed
[  221.024856][T13975] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3836'.
[  221.230604][T13977] loop2: detected capacity change from 0 to 8192
[  221.333761][T13993] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  221.716397][T14012] netlink: 550 bytes leftover after parsing attributes in process `syz.2.3850'.
[  221.766081][T14013] macsec1: entered promiscuous mode
[  221.771380][T14013] macvlan1: entered promiscuous mode
[  221.776981][T14013] macsec1: entered allmulticast mode
[  221.782274][T14013] macvlan1: entered allmulticast mode
[  221.787693][T14013] veth1_vlan: entered allmulticast mode
[  221.807501][T14013] macvlan1: left allmulticast mode
[  221.812655][T14013] veth1_vlan: left allmulticast mode
[  221.818039][T14013] macvlan1: left promiscuous mode
[  221.838587][ T3397] hid-generic 0000:0000:0000.0046: unknown main item tag 0x0
[  221.846955][ T3397] hid-generic 0000:0000:0000.0046: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  221.877041][T14015] vlan2: entered allmulticast mode
[  221.882792][T14015] bond0: entered allmulticast mode
[  221.888025][T14015] bond_slave_0: entered allmulticast mode
[  221.893818][T14015] bond_slave_1: entered allmulticast mode
[  221.905820][T14015] bond0: left allmulticast mode
[  221.910818][T14015] bond_slave_0: left allmulticast mode
[  221.916802][T14015] bond_slave_1: left allmulticast mode
[  221.970843][T14022] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  222.065351][T14027] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  222.163959][T14033] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  222.308755][T14044] netlink: 550 bytes leftover after parsing attributes in process `syz.3.3862'.
[  222.406399][T14053] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3865'.
[  222.415746][T14046] loop1: detected capacity change from 0 to 8192
[  222.489736][T14057] 9pnet_fd: Insufficient options for proto=fd
[  222.540686][T14059] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3869'.
[  222.595399][T14059] bond1: entered promiscuous mode
[  222.600493][T14059] bond1: entered allmulticast mode
[  222.610436][T14062] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3868'.
[  222.632888][T14059] 8021q: adding VLAN 0 to HW filter on device bond1
[  222.664175][T14068] loop2: detected capacity change from 0 to 256
[  222.714339][T14074] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  222.715053][T14071] netlink: 550 bytes leftover after parsing attributes in process `syz.0.3876'.
[  222.727140][T14068] msdos: Unknown parameter 'nodots-dots'
[  222.904407][T14091] bond1: entered promiscuous mode
[  222.909526][T14091] bond1: entered allmulticast mode
[  222.934093][T14091] 8021q: adding VLAN 0 to HW filter on device bond1
[  222.942913][T14087] loop1: detected capacity change from 0 to 8192
[  222.966417][T14091] bond1 (unregistering): Released all slaves
[  223.084350][T14102] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3883'.
[  223.179417][T14108] bond2: entered promiscuous mode
[  223.184506][T14108] bond2: entered allmulticast mode
[  223.195493][T14108] 8021q: adding VLAN 0 to HW filter on device bond2
[  223.271328][T14111] netlink: 550 bytes leftover after parsing attributes in process `syz.1.3887'.
[  223.298353][   T29] kauditd_printk_skb: 291 callbacks suppressed
[  223.298369][   T29] audit: type=1326 audit(1732763520.378:12047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14110 comm="syz.1.3887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  223.306248][T14117] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  223.328163][   T29] audit: type=1326 audit(1732763520.378:12048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14110 comm="syz.1.3887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  223.358948][   T29] audit: type=1326 audit(1732763520.378:12049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14110 comm="syz.1.3887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  223.382458][   T29] audit: type=1326 audit(1732763520.378:12050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14110 comm="syz.1.3887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  223.406380][   T29] audit: type=1326 audit(1732763520.378:12051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14110 comm="syz.1.3887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  223.430077][   T29] audit: type=1326 audit(1732763520.378:12052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14110 comm="syz.1.3887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  223.453848][   T29] audit: type=1326 audit(1732763520.378:12053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14110 comm="syz.1.3887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  223.477521][   T29] audit: type=1326 audit(1732763520.378:12054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14110 comm="syz.1.3887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  223.501208][   T29] audit: type=1326 audit(1732763520.378:12055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14110 comm="syz.1.3887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  223.524860][   T29] audit: type=1326 audit(1732763520.378:12056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14110 comm="syz.1.3887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  223.624628][T14121] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  223.663197][T14128] netlink: 88 bytes leftover after parsing attributes in process `syz.1.3891'.
[  223.678250][T14131] bond3: entered promiscuous mode
[  223.683363][T14131] bond3: entered allmulticast mode
[  223.688709][T14131] 8021q: adding VLAN 0 to HW filter on device bond3
[  223.707833][T14131] bond3 (unregistering): Released all slaves
[  224.008829][T14153] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  224.018830][T14149] loop2: detected capacity change from 0 to 8192
[  224.218964][T14163] loop4: detected capacity change from 0 to 256
[  224.225712][T14163] msdos: Unknown parameter 'dods'
[  224.378649][T14177] FAULT_INJECTION: forcing a failure.
[  224.378649][T14177] name failslab, interval 1, probability 0, space 0, times 0
[  224.391442][T14177] CPU: 0 UID: 0 PID: 14177 Comm: syz.2.3914 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  224.403535][T14177] Tainted: [W]=WARN
[  224.407349][T14177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  224.413222][T14170] loop3: detected capacity change from 0 to 8192
[  224.417416][T14177] Call Trace:
[  224.417447][T14177]  <TASK>
[  224.417457][T14177]  dump_stack_lvl+0xf2/0x150
[  224.434603][T14177]  dump_stack+0x15/0x20
[  224.438886][T14177]  should_fail_ex+0x223/0x230
[  224.443649][T14177]  should_failslab+0x8f/0xb0
[  224.448256][T14177]  kmem_cache_alloc_lru_noprof+0x57/0x320
[  224.454000][T14177]  ? shmem_alloc_inode+0x34/0x50
[  224.459014][T14177]  shmem_alloc_inode+0x34/0x50
[  224.463861][T14177]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  224.469379][T14177]  alloc_inode+0x3c/0x160
[  224.473743][T14177]  new_inode+0x1e/0x100
[  224.477931][T14177]  shmem_get_inode+0x24e/0x730
[  224.482759][T14177]  __shmem_file_setup+0x127/0x1f0
[  224.487822][T14177]  shmem_file_setup+0x3b/0x50
[  224.492538][T14177]  __se_sys_memfd_create+0x31d/0x5c0
[  224.497865][T14177]  __x64_sys_memfd_create+0x31/0x40
[  224.503156][T14177]  x64_sys_call+0x2d4c/0x2dc0
[  224.507851][T14177]  do_syscall_64+0xc9/0x1c0
[  224.512528][T14177]  ? clear_bhb_loop+0x55/0xb0
[  224.517255][T14177]  ? clear_bhb_loop+0x55/0xb0
[  224.521934][T14177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.527902][T14177] RIP: 0033:0x7fa353620809
[  224.532367][T14177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.552049][T14177] RSP: 002b:00007fa351c96e38 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  224.560548][T14177] RAX: ffffffffffffffda RBX: 00000000000001bf RCX: 00007fa353620809
[  224.568523][T14177] RDX: 00007fa351c96f10 RSI: 0000000000000000 RDI: 00007fa3536941c1
[  224.576501][T14177] RBP: 0000000020000640 R08: 00007fa351c96bd7 R09: 00007fa351c96e60
[  224.584477][T14177] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000080
[  224.592506][T14177] R13: 00007fa351c96f10 R14: 00007fa351c96ed0 R15: 0000000020000bc0
[  224.600492][T14177]  </TASK>
[  224.653858][T14180] loop4: detected capacity change from 0 to 8192
[  224.723297][T14171] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  224.787975][T14186] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  224.918408][T14198] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  225.039916][T14208] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  225.541497][T14229] loop2: detected capacity change from 0 to 2048
[  225.566018][T14216] loop3: detected capacity change from 0 to 8192
[  225.572868][T14229]  loop2: p1 < > p4
[  225.577341][T14229] loop2: p4 size 8388608 extends beyond EOD, truncated
[  225.904493][T14245] loop3: detected capacity change from 0 to 8192
[  226.022170][T14268] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  226.072288][T14273] __nla_validate_parse: 12 callbacks suppressed
[  226.072309][T14273] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3948'.
[  226.128505][T14280] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  226.254666][T14292] bond3: entered promiscuous mode
[  226.259779][T14292] bond3: entered allmulticast mode
[  226.266785][T14292] 8021q: adding VLAN 0 to HW filter on device bond3
[  226.279806][T14292] bond3 (unregistering): Released all slaves
[  226.332559][T14284] loop3: detected capacity change from 0 to 8192
[  226.360342][T14303] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  226.468693][T14308] bond2: entered promiscuous mode
[  226.473785][T14308] bond2: entered allmulticast mode
[  226.507094][T14308] 8021q: adding VLAN 0 to HW filter on device bond2
[  226.549391][T14308] bond2 (unregistering): Released all slaves
[  226.593109][T14314] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  226.604629][T14316] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3958'.
[  226.723965][T14324] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3961'.
[  226.812258][T14331] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3964'.
[  226.946108][T14339] bond2: entered promiscuous mode
[  226.951307][T14339] bond2: entered allmulticast mode
[  226.959486][T14339] 8021q: adding VLAN 0 to HW filter on device bond2
[  226.981226][T14339] bond2 (unregistering): Released all slaves
[  226.994986][T14337] loop1: detected capacity change from 0 to 8192
[  227.047160][T14344] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3969'.
[  227.108011][T14350] 9pnet_fd: Insufficient options for proto=fd
[  227.117218][T14348] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  227.213303][T14357] FAULT_INJECTION: forcing a failure.
[  227.213303][T14357] name failslab, interval 1, probability 0, space 0, times 0
[  227.225982][T14357] CPU: 0 UID: 0 PID: 14357 Comm: syz.3.3973 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  227.237896][T14357] Tainted: [W]=WARN
[  227.241819][T14357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  227.251917][T14357] Call Trace:
[  227.255217][T14357]  <TASK>
[  227.258235][T14357]  dump_stack_lvl+0xf2/0x150
[  227.262837][T14357]  dump_stack+0x15/0x20
[  227.267007][T14357]  should_fail_ex+0x223/0x230
[  227.271805][T14357]  should_failslab+0x8f/0xb0
[  227.276430][T14357]  kmem_cache_alloc_noprof+0x52/0x320
[  227.281887][T14357]  ? skb_clone+0x154/0x1f0
[  227.286330][T14357]  skb_clone+0x154/0x1f0
[  227.290607][T14357]  __netlink_deliver_tap+0x2bd/0x4f0
[  227.295925][T14357]  netlink_unicast+0x64a/0x670
[  227.300790][T14357]  netlink_sendmsg+0x5cc/0x6e0
[  227.305599][T14357]  ? __pfx_netlink_sendmsg+0x10/0x10
[  227.310965][T14357]  __sock_sendmsg+0x140/0x180
[  227.315676][T14357]  __sys_sendto+0x1a8/0x230
[  227.320267][T14357]  __x64_sys_sendto+0x78/0x90
[  227.325015][T14357]  x64_sys_call+0x29fa/0x2dc0
[  227.329866][T14357]  do_syscall_64+0xc9/0x1c0
[  227.334445][T14357]  ? clear_bhb_loop+0x55/0xb0
[  227.339171][T14357]  ? clear_bhb_loop+0x55/0xb0
[  227.343936][T14357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.349909][T14357] RIP: 0033:0x7fb3ba950809
[  227.354343][T14357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.373976][T14357] RSP: 002b:00007fb3b8fc7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  227.382478][T14357] RAX: ffffffffffffffda RBX: 00007fb3bab15fa0 RCX: 00007fb3ba950809
[  227.390483][T14357] RDX: 0000000000000078 RSI: 0000000020000000 RDI: 0000000000000003
[  227.398753][T14357] RBP: 00007fb3b8fc70a0 R08: 0000000000000000 R09: 0000000000000000
[  227.406868][T14357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.414914][T14357] R13: 0000000000000000 R14: 00007fb3bab15fa0 R15: 00007ffcfaa08d28
[  227.422937][T14357]  </TASK>
[  227.466323][T14357] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3973'.
[  227.503441][T14366] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3978'.
[  227.572230][T14369] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3977'.
[  227.587201][T14369] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3977'.
[  227.596192][T14369] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3977'.
[  227.703754][T14375] loop1: detected capacity change from 0 to 8192
[  227.720505][T14382] 9pnet_fd: Insufficient options for proto=fd
[  227.841100][T14388] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  227.874690][T14392] bond1: entered promiscuous mode
[  227.879904][T14392] bond1: entered allmulticast mode
[  227.914668][T14392] 8021q: adding VLAN 0 to HW filter on device bond1
[  227.935675][T14392] bond1 (unregistering): Released all slaves
[  228.124650][T14413] 9pnet_fd: Insufficient options for proto=fd
[  228.215193][T14408] loop4: detected capacity change from 0 to 8192
[  228.244469][T14422] bond1: entered promiscuous mode
[  228.249649][T14422] bond1: entered allmulticast mode
[  228.254990][T14422] 8021q: adding VLAN 0 to HW filter on device bond1
[  228.267500][T14422] bond1 (unregistering): Released all slaves
[  228.309748][   T29] kauditd_printk_skb: 182 callbacks suppressed
[  228.309843][   T29] audit: type=1326 audit(1732763525.418:12239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  228.339647][   T29] audit: type=1326 audit(1732763525.418:12240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14425 comm="syz.1.4001" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  228.399539][   T29] audit: type=1400 audit(1732763525.508:12241): avc:  denied  { connect } for  pid=14434 comm="syz.3.4004" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  228.491051][   T29] audit: type=1400 audit(1732763525.598:12242): avc:  denied  { ioctl } for  pid=14434 comm="syz.3.4004" path="socket:[39887]" dev="sockfs" ino=39887 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  228.627597][T14454] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  228.688981][   T29] audit: type=1400 audit(1732763525.798:12243): avc:  denied  { name_bind } for  pid=14457 comm="syz.0.4013" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  228.698297][T14456] loop3: detected capacity change from 0 to 8192
[  228.741625][   T29] audit: type=1400 audit(1732763525.828:12244): avc:  denied  { read write } for  pid=14457 comm="syz.0.4013" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  228.765272][   T29] audit: type=1400 audit(1732763525.828:12245): avc:  denied  { open } for  pid=14457 comm="syz.0.4013" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  228.788869][   T29] audit: type=1400 audit(1732763525.828:12246): avc:  denied  { ioctl } for  pid=14457 comm="syz.0.4013" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  228.893071][   T29] audit: type=1326 audit(1732763525.998:12247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14461 comm="syz.0.4014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f671e1b0809 code=0x7ffc0000
[  228.916877][   T29] audit: type=1326 audit(1732763525.998:12248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14461 comm="syz.0.4014" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7f671e1b0809 code=0x7ffc0000
[  229.023546][T14467] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  229.366314][T14493] loop1: detected capacity change from 0 to 8192
[  229.372312][T14497] loop3: detected capacity change from 0 to 8192
[  229.594588][T14520] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  229.945994][T14532] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  229.958671][T14533] pimreg: entered allmulticast mode
[  229.985362][T14533] pimreg: left allmulticast mode
[  230.560571][T14562] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  230.661939][T14581] siw: device registration error -23
[  230.733469][T14587] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  230.820429][T14591] loop3: detected capacity change from 0 to 8192
[  230.858748][T14595] lo speed is unknown, defaulting to 1000
[  230.870647][T14600] loop1: detected capacity change from 0 to 256
[  231.011624][T14600] IPVS: Error connecting to the multicast addr
[  231.135990][T14621] __nla_validate_parse: 19 callbacks suppressed
[  231.136005][T14621] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4071'.
[  231.153187][T14618] bond1: entered promiscuous mode
[  231.158351][T14618] bond1: entered allmulticast mode
[  231.183369][T14623] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4074'.
[  231.194694][T14618] 8021q: adding VLAN 0 to HW filter on device bond1
[  231.209723][T14618] bond1 (unregistering): Released all slaves
[  231.235884][T14614] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4071'.
[  231.244910][T14614] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4071'.
[  231.253852][T14614] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4071'.
[  231.326843][T14627] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  231.483098][T14631] loop2: detected capacity change from 0 to 8192
[  231.585508][T14641] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  231.654092][T14638] loop4: detected capacity change from 0 to 8192
[  231.750703][T14645] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4083'.
[  231.870206][T14651] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4087'.
[  231.880144][T14651] veth0_macvtap: left promiscuous mode
[  231.925322][T14660] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4087'.
[  231.934414][T14660] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4087'.
[  231.943427][T14660] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4087'.
[  232.205676][T14670] loop1: detected capacity change from 0 to 8192
[  232.312072][T14671] pimreg: entered allmulticast mode
[  232.399784][T14671] pimreg: left allmulticast mode
[  232.515843][T14677] loop1: detected capacity change from 0 to 8192
[  232.864443][T14704] loop1: detected capacity change from 0 to 8192
[  232.937306][    T8] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0
[  232.958277][    T8] hid-generic 0000:0000:0000.0047: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  233.109637][T14727] bond1: entered promiscuous mode
[  233.114749][T14727] bond1: entered allmulticast mode
[  233.120454][T14727] 8021q: adding VLAN 0 to HW filter on device bond1
[  233.136805][T14727] bond1 (unregistering): Released all slaves
[  233.343511][T14748] loop2: detected capacity change from 0 to 128
[  233.351919][   T29] kauditd_printk_skb: 142 callbacks suppressed
[  233.351936][   T29] audit: type=1400 audit(1732763530.458:12391): avc:  denied  { setattr } for  pid=14747 comm="syz.3.4121" name="cgroup.procs" dev="cgroup" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0"
[  233.358440][T14748] vfat: Unknown parameter './file0'
[  233.450937][   T29] audit: type=1400 audit(1732763530.468:12392): avc:  denied  { mounton } for  pid=14746 comm="syz.2.4120" path="/225/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  233.588368][   T29] audit: type=1326 audit(1732763530.688:12393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14760 comm="syz.2.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  233.612138][   T29] audit: type=1326 audit(1732763530.688:12394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14760 comm="syz.2.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  233.635962][   T29] audit: type=1326 audit(1732763530.688:12395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14760 comm="syz.2.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  233.659637][   T29] audit: type=1326 audit(1732763530.688:12396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14760 comm="syz.2.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  233.683347][   T29] audit: type=1326 audit(1732763530.688:12397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14760 comm="syz.2.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  233.707003][   T29] audit: type=1326 audit(1732763530.688:12398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14760 comm="syz.2.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  233.730561][   T29] audit: type=1326 audit(1732763530.688:12399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14760 comm="syz.2.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  233.754160][   T29] audit: type=1326 audit(1732763530.688:12400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14760 comm="syz.2.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  233.836311][T14770] bond2: entered promiscuous mode
[  233.841471][T14770] bond2: entered allmulticast mode
[  233.847094][T14770] 8021q: adding VLAN 0 to HW filter on device bond2
[  233.866216][T14770] bond2 (unregistering): Released all slaves
[  233.956940][T14784] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  234.161676][ T3384] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  234.175501][T14803] loop4: detected capacity change from 0 to 1024
[  234.182412][ T3384] hid-generic 0000:0000:0000.0048: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  234.185499][T14799] loop1: detected capacity change from 0 to 8192
[  234.199478][T14803] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  234.232501][T14803] JBD2: no valid journal superblock found
[  234.238295][T14803] EXT4-fs (loop4): Could not load journal inode
[  234.382686][T14812] bond1: entered promiscuous mode
[  234.387812][T14812] bond1: entered allmulticast mode
[  234.393322][T14812] 8021q: adding VLAN 0 to HW filter on device bond1
[  234.414072][T14812] bond1 (unregistering): Released all slaves
[  234.836262][T14838] loop4: detected capacity change from 0 to 8192
[  234.853086][T14840] loop2: detected capacity change from 0 to 1024
[  234.890560][T14840] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  234.902923][T14840] JBD2: no valid journal superblock found
[  234.908781][T14840] EXT4-fs (loop2): Could not load journal inode
[  235.087638][T14859] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  235.359804][T14875] loop0: detected capacity change from 0 to 8192
[  235.709842][T14895] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  235.942579][T14911] bond1: entered promiscuous mode
[  235.947693][T14911] bond1: entered allmulticast mode
[  235.964531][T14911] 8021q: adding VLAN 0 to HW filter on device bond1
[  235.976241][T14911] bond1 (unregistering): Released all slaves
[  236.239924][T14926] loop4: detected capacity change from 0 to 8192
[  236.297571][T14940] FAULT_INJECTION: forcing a failure.
[  236.297571][T14940] name failslab, interval 1, probability 0, space 0, times 0
[  236.310306][T14940] CPU: 1 UID: 0 PID: 14940 Comm: syz.2.4190 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  236.322459][T14940] Tainted: [W]=WARN
[  236.326263][T14940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  236.336414][T14940] Call Trace:
[  236.339698][T14940]  <TASK>
[  236.342640][T14940]  dump_stack_lvl+0xf2/0x150
[  236.347336][T14940]  dump_stack+0x15/0x20
[  236.351586][T14940]  should_fail_ex+0x223/0x230
[  236.356275][T14940]  ? nf_tables_newtable+0x3a1/0xf20
[  236.361612][T14940]  should_failslab+0x8f/0xb0
[  236.366267][T14940]  __kmalloc_cache_noprof+0x4e/0x320
[  236.371572][T14940]  nf_tables_newtable+0x3a1/0xf20
[  236.376640][T14940]  nfnetlink_rcv+0xb3e/0x15d0
[  236.381449][T14940]  ? kmem_cache_free+0xdc/0x2d0
[  236.386330][T14940]  netlink_unicast+0x599/0x670
[  236.391114][T14940]  netlink_sendmsg+0x5cc/0x6e0
[  236.395942][T14940]  ? __pfx_netlink_sendmsg+0x10/0x10
[  236.401253][T14940]  __sock_sendmsg+0x140/0x180
[  236.405988][T14940]  ____sys_sendmsg+0x312/0x410
[  236.410772][T14940]  __sys_sendmsg+0x19d/0x230
[  236.415520][T14940]  __x64_sys_sendmsg+0x46/0x50
[  236.420289][T14940]  x64_sys_call+0x2734/0x2dc0
[  236.425042][T14940]  do_syscall_64+0xc9/0x1c0
[  236.429597][T14940]  ? clear_bhb_loop+0x55/0xb0
[  236.434276][T14940]  ? clear_bhb_loop+0x55/0xb0
[  236.438952][T14940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.444877][T14940] RIP: 0033:0x7fa353620809
[  236.449327][T14940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.468947][T14940] RSP: 002b:00007fa351c97058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  236.477463][T14940] RAX: ffffffffffffffda RBX: 00007fa3537e5fa0 RCX: 00007fa353620809
[  236.485484][T14940] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004
[  236.493452][T14940] RBP: 00007fa351c970a0 R08: 0000000000000000 R09: 0000000000000000
[  236.501418][T14940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.509407][T14940] R13: 0000000000000000 R14: 00007fa3537e5fa0 R15: 00007ffdce52d3a8
[  236.517391][T14940]  </TASK>
[  236.580709][T14944] __nla_validate_parse: 33 callbacks suppressed
[  236.580728][T14944] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4191'.
[  236.694426][T14954] loop2: detected capacity change from 0 to 512
[  236.726985][T14954] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  236.760128][T14961] loop4: detected capacity change from 0 to 256
[  236.780120][T14964] loop3: detected capacity change from 0 to 256
[  236.895588][T14973] loop4: detected capacity change from 0 to 256
[  236.926237][T14973] FAULT_INJECTION: forcing a failure.
[  236.926237][T14973] name failslab, interval 1, probability 0, space 0, times 0
[  236.939110][T14973] CPU: 0 UID: 0 PID: 14973 Comm: syz.4.4197 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  236.951031][T14973] Tainted: [W]=WARN
[  236.954974][T14973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  236.965069][T14973] Call Trace:
[  236.968372][T14973]  <TASK>
[  236.971321][T14973]  dump_stack_lvl+0xf2/0x150
[  236.975986][T14973]  dump_stack+0x15/0x20
[  236.980172][T14973]  should_fail_ex+0x223/0x230
[  236.985004][T14973]  should_failslab+0x8f/0xb0
[  236.989772][T14973]  kmem_cache_alloc_noprof+0x52/0x320
[  236.995161][T14973]  ? getname_flags+0x81/0x3b0
[  236.999905][T14973]  getname_flags+0x81/0x3b0
[  237.004421][T14973]  getname+0x17/0x20
[  237.008325][T14973]  do_sys_openat2+0x67/0x120
[  237.012955][T14973]  __x64_sys_creat+0x66/0x90
[  237.017569][T14973]  x64_sys_call+0x1084/0x2dc0
[  237.022329][T14973]  do_syscall_64+0xc9/0x1c0
[  237.026856][T14973]  ? clear_bhb_loop+0x55/0xb0
[  237.031567][T14973]  ? clear_bhb_loop+0x55/0xb0
[  237.036249][T14973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.042244][T14973] RIP: 0033:0x7fbb3c200809
[  237.046661][T14973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.066287][T14973] RSP: 002b:00007fbb3a877058 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  237.074723][T14973] RAX: ffffffffffffffda RBX: 00007fbb3c3c5fa0 RCX: 00007fbb3c200809
[  237.082763][T14973] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100
[  237.090744][T14973] RBP: 00007fbb3a8770a0 R08: 0000000000000000 R09: 0000000000000000
[  237.098786][T14973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.106821][T14973] R13: 0000000000000000 R14: 00007fbb3c3c5fa0 R15: 00007fff63ef3f38
[  237.114837][T14973]  </TASK>
[  237.180402][T14983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4199'.
[  237.233929][T14985] IPv6: NLM_F_CREATE should be specified when creating new route
[  237.407018][T15008] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4204'.
[  237.432053][T15010] 9pnet_fd: Insufficient options for proto=fd
[  237.508205][T15015] loop0: detected capacity change from 0 to 256
[  237.559706][T15017] netlink: 88 bytes leftover after parsing attributes in process `syz.0.4208'.
[  237.598702][T14954] loop2: detected capacity change from 0 to 512
[  237.605638][T15012] loop3: detected capacity change from 0 to 8192
[  237.612953][T14954] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  237.622204][T14954] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  237.665444][T14954] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  237.685757][T14954] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  237.690379][T15019] bond1: entered promiscuous mode
[  237.693977][T14954] System zones: 
[  237.698898][T15019] bond1: entered allmulticast mode
[  237.707928][T14954] 0-2, 18-18, 34-34
[  237.717510][T14954] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  237.718898][T15019] 8021q: adding VLAN 0 to HW filter on device bond1
[  237.742385][T15019] bond1 (unregistering): Released all slaves
[  237.770905][T14954] EXT4-fs (loop2): 1 truncate cleaned up
[  237.777295][T14954] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.831183][T15029] netlink: 558 bytes leftover after parsing attributes in process `syz.0.4212'.
[  237.869678][T15033] loop0: detected capacity change from 0 to 512
[  237.884967][T15033] EXT4-fs: Ignoring removed mblk_io_submit option
[  237.894060][T15033] EXT4-fs: old and new quota format mixing
[  237.998011][T15037] loop0: detected capacity change from 0 to 1024
[  238.011189][T11542] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.025095][T15037] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.059664][T15037] FAULT_INJECTION: forcing a failure.
[  238.059664][T15037] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  238.072858][T15037] CPU: 0 UID: 0 PID: 15037 Comm: syz.0.4215 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  238.084779][T15037] Tainted: [W]=WARN
[  238.088662][T15037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  238.098734][T15037] Call Trace:
[  238.102028][T15037]  <TASK>
[  238.104969][T15037]  dump_stack_lvl+0xf2/0x150
[  238.109636][T15037]  dump_stack+0x15/0x20
[  238.113830][T15037]  should_fail_ex+0x223/0x230
[  238.118526][T15037]  should_fail+0xb/0x10
[  238.122763][T15037]  should_fail_usercopy+0x1a/0x20
[  238.127847][T15037]  strncpy_from_user+0x25/0x210
[  238.132757][T15037]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  238.138412][T15037]  ? getname_flags+0x81/0x3b0
[  238.143110][T15037]  getname_flags+0xb0/0x3b0
[  238.147684][T15037]  getname+0x17/0x20
[  238.151609][T15037]  path_setxattrat+0x23a/0x310
[  238.156403][T15037]  __x64_sys_setxattr+0x6e/0x90
[  238.161264][T15037]  x64_sys_call+0x2247/0x2dc0
[  238.166018][T15037]  do_syscall_64+0xc9/0x1c0
[  238.170678][T15037]  ? clear_bhb_loop+0x55/0xb0
[  238.175382][T15037]  ? clear_bhb_loop+0x55/0xb0
[  238.180071][T15037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.186039][T15037] RIP: 0033:0x7f671e1b0809
[  238.190464][T15037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.210119][T15037] RSP: 002b:00007f671c827058 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  238.218545][T15037] RAX: ffffffffffffffda RBX: 00007f671e375fa0 RCX: 00007f671e1b0809
[  238.226605][T15037] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000020000040
[  238.234657][T15037] RBP: 00007f671c8270a0 R08: 0000000000000001 R09: 0000000000000000
[  238.242633][T15037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.250671][T15037] R13: 0000000000000000 R14: 00007f671e375fa0 R15: 00007ffdace677c8
[  238.258652][T15037]  </TASK>
[  238.294916][T10972] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2793: inode #2: comm syz-executor: corrupted in-inode xattr: bad e_name length
[  238.312410][T10972] EXT4-fs (loop0): Remounting filesystem read-only
[  238.319357][T10972] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=11
[  238.328456][T10972] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=11
[  238.337703][T10972] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=11
[  238.347929][T10972] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=11
[  238.356871][T10972] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=11
[  238.365833][T10972] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=11
[  238.375262][T10972] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=11
[  238.384487][T10972] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=11
[  238.393445][   T29] kauditd_printk_skb: 171 callbacks suppressed
[  238.393460][   T29] audit: type=1400 audit(1732763535.498:12572): avc:  denied  { rmdir } for  pid=10972 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  238.462855][T12318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.640929][  T122] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.651326][  T122] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  238.677060][T15056] bond1: entered promiscuous mode
[  238.682181][T15056] bond1: entered allmulticast mode
[  238.690878][T15056] 8021q: adding VLAN 0 to HW filter on device bond1
[  238.708578][T15056] bond1 (unregistering): Released all slaves
[  238.709925][T15060] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4227'.
[  238.764107][  T122] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.774452][  T122] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  238.795169][   T29] audit: type=1326 audit(1732763535.898:12573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15062 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  238.819029][   T29] audit: type=1326 audit(1732763535.898:12574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15062 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  238.842778][   T29] audit: type=1400 audit(1732763535.898:12575): avc:  denied  { create } for  pid=15062 comm="syz.3.4229" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  238.863913][   T29] audit: type=1326 audit(1732763535.898:12576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15062 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  238.864328][T15069] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4228'.
[  238.887542][   T29] audit: type=1326 audit(1732763535.898:12577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15062 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  238.913372][T15069] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4228'.
[  238.920225][   T29] audit: type=1326 audit(1732763535.898:12578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15062 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  238.929133][T15069] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4228'.
[  238.929163][T15069] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4228'.
[  238.959921][T15073] sit1: entered promiscuous mode
[  238.961754][   T29] audit: type=1326 audit(1732763535.898:12579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15062 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  238.970581][T15073] sit1: entered allmulticast mode
[  238.975664][   T29] audit: type=1326 audit(1732763535.898:12580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15062 comm="syz.3.4229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  239.028295][   T29] audit: type=1326 audit(1732763535.898:12581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15064 comm="syz.2.4228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa353620809 code=0x7ffc0000
[  239.083297][  T122] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.093688][  T122] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  239.123581][T15079] loop2: detected capacity change from 0 to 2048
[  239.130922][T15079] EXT4-fs: Ignoring removed mblk_io_submit option
[  239.159561][T15079] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.221056][  T122] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.231391][  T122] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  239.313873][T15091] FAULT_INJECTION: forcing a failure.
[  239.313873][T15091] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  239.327186][T15091] CPU: 1 UID: 0 PID: 15091 Comm: syz.2.4232 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  239.339180][T15091] Tainted: [W]=WARN
[  239.343020][T15091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  239.353096][T15091] Call Trace:
[  239.356410][T15091]  <TASK>
[  239.359359][T15091]  dump_stack_lvl+0xf2/0x150
[  239.363977][T15091]  dump_stack+0x15/0x20
[  239.368210][T15091]  should_fail_ex+0x223/0x230
[  239.372958][T15091]  should_fail_alloc_page+0xfd/0x110
[  239.378347][T15091]  __alloc_pages_noprof+0x109/0x340
[  239.383557][T15091]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  239.389052][T15091]  folio_alloc_noprof+0xee/0x130
[  239.394041][T15091]  filemap_alloc_folio_noprof+0x69/0x220
[  239.399698][T15091]  __filemap_get_folio+0x298/0x5b0
[  239.404826][T15091]  ? block_write_end+0x18f/0x210
[  239.409772][T15091]  ext4_da_write_begin+0x2ef/0x540
[  239.414980][T15091]  generic_perform_write+0x1a8/0x4a0
[  239.420298][T15091]  ext4_buffered_write_iter+0x1ea/0x370
[  239.426034][T15091]  ext4_file_write_iter+0x383/0xf20
[  239.431331][T15091]  ? kstrtouint_from_user+0xb0/0xe0
[  239.437050][T15091]  ? avc_policy_seqno+0x15/0x20
[  239.441983][T15091]  ? selinux_file_permission+0x22a/0x360
[  239.447753][T15091]  vfs_write+0x77f/0x920
[  239.452073][T15091]  ? __pfx_ext4_file_write_iter+0x10/0x10
[  239.457869][T15091]  ksys_write+0xe8/0x1b0
[  239.462137][T15091]  __x64_sys_write+0x42/0x50
[  239.466782][T15091]  x64_sys_call+0x287e/0x2dc0
[  239.471518][T15091]  do_syscall_64+0xc9/0x1c0
[  239.476070][T15091]  ? clear_bhb_loop+0x55/0xb0
[  239.480830][T15091]  ? clear_bhb_loop+0x55/0xb0
[  239.485510][T15091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.491536][T15091] RIP: 0033:0x7fa353620809
[  239.495961][T15091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.515701][T15091] RSP: 002b:00007fa351c76058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  239.524121][T15091] RAX: ffffffffffffffda RBX: 00007fa3537e6080 RCX: 00007fa353620809
[  239.532098][T15091] RDX: 000000000000fcb8 RSI: 0000000020000140 RDI: 000000000000000a
[  239.540077][T15091] RBP: 00007fa351c760a0 R08: 0000000000000000 R09: 0000000000000000
[  239.548131][T15091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  239.556147][T15091] R13: 0000000000000000 R14: 00007fa3537e6080 R15: 00007ffdce52d3a8
[  239.564129][T15091]  </TASK>
[  239.567475][T15091] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4232: bg 0: block 234: padding at end of block bitmap is not set
[  239.615466][T15091] EXT4-fs (loop2): Remounting filesystem read-only
[  239.664920][T15061] lo speed is unknown, defaulting to 1000
[  239.790286][  T122] bridge_slave_1: left allmulticast mode
[  239.796068][  T122] bridge_slave_1: left promiscuous mode
[  239.801916][  T122] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.879437][  T122] bridge_slave_0: left allmulticast mode
[  239.885193][  T122] bridge_slave_0: left promiscuous mode
[  239.891105][  T122] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.008158][T11542] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.170642][  T122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  240.185032][  T122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  240.198862][  T122] bond0 (unregistering): Released all slaves
[  240.234883][ T3396] printk: udevd: 299 output lines suppressed due to ratelimiting
[  240.437991][  T122] hsr_slave_0: left promiscuous mode
[  240.449049][  T122] hsr_slave_1: left promiscuous mode
[  240.456686][  T122] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  240.464188][  T122] batman_adv: batadv0: Removing interface: batadv_slave_0
[  240.478002][  T122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  240.485455][  T122] batman_adv: batadv0: Removing interface: batadv_slave_1
[  240.498362][T15145] loop4: detected capacity change from 0 to 8192
[  240.508231][  T122] veth1_macvtap: left promiscuous mode
[  240.513757][  T122] veth1_vlan: left promiscuous mode
[  240.519105][  T122] veth0_vlan: left promiscuous mode
[  240.735236][  T122] team0 (unregistering): Port device team_slave_1 removed
[  240.761872][  T122] team0 (unregistering): Port device team_slave_0 removed
[  240.873880][T15061] chnl_net:caif_netlink_parms(): no params data found
[  240.956792][T15061] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.963891][T15061] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.022857][T15061] bridge_slave_0: entered allmulticast mode
[  241.047141][T15061] bridge_slave_0: entered promiscuous mode
[  241.079824][T15061] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.087027][T15061] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.115087][T15061] bridge_slave_1: entered allmulticast mode
[  241.126865][T15061] bridge_slave_1: entered promiscuous mode
[  241.192432][T15061] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.229173][T15061] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.270470][T15196] loop3: detected capacity change from 0 to 8192
[  241.284694][T15061] team0: Port device team_slave_0 added
[  241.304146][T15061] team0: Port device team_slave_1 added
[  241.367203][T15061] batman_adv: batadv0: Adding interface: batadv_slave_0
[  241.374283][T15061] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.374337][T15061] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  241.389895][T15061] batman_adv: batadv0: Adding interface: batadv_slave_1
[  241.428868][T15061] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.454817][T15061] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  241.562724][T15061] hsr_slave_0: entered promiscuous mode
[  241.577380][T15061] hsr_slave_1: entered promiscuous mode
[  241.594185][T15061] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  241.613303][T15061] Cannot create hsr debugfs directory
[  241.659599][T15222] __nla_validate_parse: 8 callbacks suppressed
[  241.659614][T15222] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4277'.
[  241.811766][T15225] netlink: 558 bytes leftover after parsing attributes in process `syz.1.4278'.
[  241.865876][T15061] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  241.898527][T15061] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  241.914809][T15230] loop3: detected capacity change from 0 to 8192
[  241.935928][T15061] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  241.940679][T15237] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4283'.
[  241.953958][T15061] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  242.065251][T15241] loop4: detected capacity change from 0 to 512
[  242.071750][T15061] 8021q: adding VLAN 0 to HW filter on device bond0
[  242.102207][T15061] 8021q: adding VLAN 0 to HW filter on device team0
[  242.125132][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.132242][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  242.166758][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.173859][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[  242.183347][T15249] loop3: detected capacity change from 0 to 2048
[  242.192346][T15241] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.223445][T15249] EXT4-fs (loop3): failed to initialize system zone (-117)
[  242.242323][T15241] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.247690][T15249] EXT4-fs (loop3): mount failed
[  242.269097][T15241] Process accounting resumed
[  242.281052][T15241] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  242.364718][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.382006][T15061] 8021q: adding VLAN 0 to HW filter on device batadv0
[  242.413673][T15262] loop3: detected capacity change from 0 to 256
[  242.482367][T15262] FAT-fs (loop3): Directory bread(block 64) failed
[  242.496454][T15262] FAT-fs (loop3): Directory bread(block 65) failed
[  242.503051][T15262] FAT-fs (loop3): Directory bread(block 66) failed
[  242.516409][T15262] FAT-fs (loop3): Directory bread(block 67) failed
[  242.537417][T15275] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4294'.
[  242.538034][T15262] FAT-fs (loop3): Directory bread(block 68) failed
[  242.588675][T15262] FAT-fs (loop3): Directory bread(block 69) failed
[  242.615869][T15262] FAT-fs (loop3): Directory bread(block 70) failed
[  242.638311][T15262] FAT-fs (loop3): Directory bread(block 71) failed
[  242.653746][T15262] FAT-fs (loop3): Directory bread(block 72) failed
[  242.661198][T15285] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  242.671779][T15262] FAT-fs (loop3): Directory bread(block 73) failed
[  242.720115][T15282] loop1: detected capacity change from 0 to 8192
[  242.760241][T15061] veth0_vlan: entered promiscuous mode
[  242.799120][   T28] bio_check_eod: 782 callbacks suppressed
[  242.799135][   T28] kworker/u8:1: attempt to access beyond end of device
[  242.799135][   T28] loop3: rw=1, sector=1800, nr_sectors = 132 limit=256
[  242.820467][T15061] veth1_vlan: entered promiscuous mode
[  242.850564][T15061] veth0_macvtap: entered promiscuous mode
[  242.875184][T15295] bond3: entered promiscuous mode
[  242.880475][T15295] bond3: entered allmulticast mode
[  242.885819][T15295] 8021q: adding VLAN 0 to HW filter on device bond3
[  242.911409][T15295] bond3 (unregistering): Released all slaves
[  242.922220][T15061] veth1_macvtap: entered promiscuous mode
[  242.935819][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.946401][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.956260][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.959018][T15300] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4301'.
[  242.966824][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.966862][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.996417][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.006284][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.016754][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.026611][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.037089][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.046949][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.057414][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.069119][T15061] batman_adv: batadv0: Interface activated: batadv_slave_0
[  243.077597][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.088128][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.097970][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.108418][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.118326][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.128798][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.138637][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.149148][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.159016][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.169463][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.179310][T15061] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  243.189752][T15061] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.206856][T15061] batman_adv: batadv0: Interface activated: batadv_slave_1
[  243.222664][T15305] bond2: entered promiscuous mode
[  243.227879][T15305] bond2: entered allmulticast mode
[  243.233213][T15305] 8021q: adding VLAN 0 to HW filter on device bond2
[  243.263798][T15318] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4306'.
[  243.274218][T15305] bond2 (unregistering): Released all slaves
[  243.290452][T15300] sit1: entered promiscuous mode
[  243.295481][T15300] sit1: entered allmulticast mode
[  243.309980][T15061] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  243.318925][T15061] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  243.327672][T15061] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  243.336515][T15061] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  243.414103][T15327] FAULT_INJECTION: forcing a failure.
[  243.414103][T15327] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  243.427281][T15327] CPU: 1 UID: 0 PID: 15327 Comm: syz.2.4310 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  243.439202][T15327] Tainted: [W]=WARN
[  243.443070][T15327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  243.453250][T15327] Call Trace:
[  243.456542][T15327]  <TASK>
[  243.459478][T15327]  dump_stack_lvl+0xf2/0x150
[  243.464115][T15327]  dump_stack+0x15/0x20
[  243.468296][T15327]  should_fail_ex+0x223/0x230
[  243.472993][T15327]  should_fail+0xb/0x10
[  243.477235][T15327]  should_fail_usercopy+0x1a/0x20
[  243.482316][T15327]  _copy_from_user+0x1e/0xb0
[  243.486933][T15327]  copy_msghdr_from_user+0x54/0x2a0
[  243.492245][T15327]  ? __fget_files+0x17c/0x1c0
[  243.496978][T15327]  __sys_sendmsg+0x13e/0x230
[  243.501608][T15327]  __x64_sys_sendmsg+0x46/0x50
[  243.506407][T15327]  x64_sys_call+0x2734/0x2dc0
[  243.511148][T15327]  do_syscall_64+0xc9/0x1c0
[  243.515768][T15327]  ? clear_bhb_loop+0x55/0xb0
[  243.520481][T15327]  ? clear_bhb_loop+0x55/0xb0
[  243.525173][T15327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.531142][T15327] RIP: 0033:0x7fa353620809
[  243.535565][T15327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.555184][T15327] RSP: 002b:00007fa351c97058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  243.563609][T15327] RAX: ffffffffffffffda RBX: 00007fa3537e5fa0 RCX: 00007fa353620809
[  243.571588][T15327] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006
[  243.579614][T15327] RBP: 00007fa351c970a0 R08: 0000000000000000 R09: 0000000000000000
[  243.587700][T15327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  243.595690][T15327] R13: 0000000000000000 R14: 00007fa3537e5fa0 R15: 00007ffdce52d3a8
[  243.603683][T15327]  </TASK>
[  243.624337][T15329] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4226'.
[  243.673107][T15336] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  243.803319][T15347] loop1: detected capacity change from 0 to 512
[  243.833961][T15347] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  243.913433][T15350] loop5: detected capacity change from 0 to 8192
[  243.925816][T15354] bond3: entered promiscuous mode
[  243.930937][T15354] bond3: entered allmulticast mode
[  243.947605][T15354] 8021q: adding VLAN 0 to HW filter on device bond3
[  243.962917][T15354] bond3 (unregistering): Released all slaves
[  244.053979][T15357] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4321'.
[  244.072577][T15359] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4320'.
[  244.091544][T15357] sit1: entered promiscuous mode
[  244.096607][T15357] sit1: entered allmulticast mode
[  244.140732][T15362] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4322'.
[  244.200979][T15365] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  244.478354][T15383] loop3: detected capacity change from 0 to 512
[  244.493786][T15383] EXT4-fs: Ignoring removed orlov option
[  244.514460][T15383] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  244.548270][T15383] EXT4-fs (loop3): 1 orphan inode deleted
[  244.554129][T15383] EXT4-fs (loop3): 1 truncate cleaned up
[  244.571537][T15383] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.593263][T15385] loop5: detected capacity change from 0 to 8192
[  244.620675][T15383] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  244.697896][T15388] loop4: detected capacity change from 0 to 8192
[  244.721809][T11175] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.919583][T15400] loop3: detected capacity change from 0 to 512
[  244.941068][T15400] EXT4-fs: Ignoring removed orlov option
[  244.948954][T15402] rose0: tun_chr_ioctl cmd 1074025672
[  244.954423][T15402] rose0: ignored: set checksum enabled
[  244.971532][T15400] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  244.995348][T15402] loop1: detected capacity change from 0 to 1024
[  245.015639][T15400] EXT4-fs (loop3): 1 orphan inode deleted
[  245.018936][T15402] ext4: Unknown parameter 'fsuuid'
[  245.021426][T15400] EXT4-fs (loop3): 1 truncate cleaned up
[  245.032644][T15400] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  245.050036][T15400] FAULT_INJECTION: forcing a failure.
[  245.050036][T15400] name failslab, interval 1, probability 0, space 0, times 0
[  245.062820][T15400] CPU: 1 UID: 0 PID: 15400 Comm: syz.3.4337 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  245.074834][T15400] Tainted: [W]=WARN
[  245.078652][T15400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  245.088789][T15400] Call Trace:
[  245.092088][T15400]  <TASK>
[  245.095037][T15400]  dump_stack_lvl+0xf2/0x150
[  245.099641][T15400]  dump_stack+0x15/0x20
[  245.103877][T15400]  should_fail_ex+0x223/0x230
[  245.108618][T15400]  should_failslab+0x8f/0xb0
[  245.113224][T15400]  kmem_cache_alloc_noprof+0x52/0x320
[  245.118646][T15400]  ? getname_flags+0x81/0x3b0
[  245.123410][T15400]  getname_flags+0x81/0x3b0
[  245.127947][T15400]  getname+0x17/0x20
[  245.131861][T15400]  do_sys_openat2+0x67/0x120
[  245.136554][T15400]  __x64_sys_creat+0x66/0x90
[  245.141185][T15400]  x64_sys_call+0x1084/0x2dc0
[  245.145886][T15400]  do_syscall_64+0xc9/0x1c0
[  245.150455][T15400]  ? clear_bhb_loop+0x55/0xb0
[  245.155208][T15400]  ? clear_bhb_loop+0x55/0xb0
[  245.159945][T15400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.165978][T15400] RIP: 0033:0x7fb3ba950809
[  245.170455][T15400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.190117][T15400] RSP: 002b:00007fb3b8fc7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  245.198585][T15400] RAX: ffffffffffffffda RBX: 00007fb3bab15fa0 RCX: 00007fb3ba950809
[  245.206580][T15400] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100
[  245.213546][T15411] loop4: detected capacity change from 0 to 512
[  245.214639][T15400] RBP: 00007fb3b8fc70a0 R08: 0000000000000000 R09: 0000000000000000
[  245.214660][T15400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.214675][T15400] R13: 0000000000000000 R14: 00007fb3bab15fa0 R15: 00007ffcfaa08d28
[  245.214695][T15400]  </TASK>
[  245.254229][T15413] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  245.274737][T15411] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  245.320576][T11175] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.323920][T15411] EXT4-fs (loop4): 1 orphan inode deleted
[  245.335586][T15411] EXT4-fs (loop4): 1 truncate cleaned up
[  245.356954][T15411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  245.399213][T15422] FAULT_INJECTION: forcing a failure.
[  245.399213][T15422] name failslab, interval 1, probability 0, space 0, times 0
[  245.412163][T15422] CPU: 0 UID: 0 PID: 15422 Comm: syz.3.4343 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  245.416183][T15411] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, 
[  245.424082][T15422] Tainted: [W]=WARN
[  245.424093][T15422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  245.424141][T15422] Call Trace:
[  245.424151][T15422]  <TASK>
[  245.424161][T15422]  dump_stack_lvl+0xf2/0x150
[  245.424191][T15422]  dump_stack+0x15/0x20
[  245.424212][T15422]  should_fail_ex+0x223/0x230
[  245.432486][T15411] block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  245.436289][T15422]  should_failslab+0x8f/0xb0
[  245.466641][T15419] sit1: entered promiscuous mode
[  245.474375][T15422]  kmem_cache_alloc_noprof+0x52/0x320
[  245.479014][T15419] sit1: entered allmulticast mode
[  245.483887][T15422]  ? mas_alloc_nodes+0x1e3/0x490
[  245.483918][T15422]  ? __mod_memcg_state+0x122/0x280
[  245.483948][T15422]  mas_alloc_nodes+0x1e3/0x490
[  245.483976][T15422]  mas_preallocate+0x44a/0x650
[  245.484020][T15422]  vma_link+0x93/0x370
[  245.515314][T15423] loop5: detected capacity change from 0 to 8192
[  245.518066][T15422]  insert_vm_struct+0x17b/0x210
[  245.518107][T15422]  alloc_bprm+0x36d/0x5d0
[  245.533709][T15422]  do_execveat_common+0x134/0x800
[  245.538806][T15422]  ? getname_flags+0x15a/0x3b0
[  245.543682][T15422]  __x64_sys_execveat+0x75/0x90
[  245.548589][T15422]  x64_sys_call+0x291e/0x2dc0
[  245.553382][T15422]  do_syscall_64+0xc9/0x1c0
[  245.557912][T15422]  ? clear_bhb_loop+0x55/0xb0
[  245.562659][T15422]  ? clear_bhb_loop+0x55/0xb0
[  245.567360][T15422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.573396][T15422] RIP: 0033:0x7fb3ba950809
[  245.577830][T15422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.597498][T15422] RSP: 002b:00007fb3b8fc7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  245.605933][T15422] RAX: ffffffffffffffda RBX: 00007fb3bab15fa0 RCX: 00007fb3ba950809
[  245.613931][T15422] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[  245.622001][T15422] RBP: 00007fb3b8fc70a0 R08: 0000000000001000 R09: 0000000000000000
[  245.630002][T15422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  245.637998][T15422] R13: 0000000000000000 R14: 00007fb3bab15fa0 R15: 00007ffcfaa08d28
[  245.646126][T15422]  </TASK>
[  245.653205][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.778897][T15427] loop4: detected capacity change from 0 to 8192
[  245.786092][T15433] loop1: detected capacity change from 0 to 512
[  245.809005][T15433] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  245.855132][T15433] ext4 filesystem being mounted at /311/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.880056][T15431] loop5: detected capacity change from 0 to 8192
[  245.925953][T15433] Process accounting resumed
[  245.952718][T15433] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  245.980133][T15439] loop4: detected capacity change from 0 to 512
[  246.012116][T15439] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  246.050263][T15439] EXT4-fs (loop4): 1 truncate cleaned up
[  246.062977][T11341] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.080778][T15439] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.164638][T15451] bond1: entered promiscuous mode
[  246.169755][T15451] bond1: entered allmulticast mode
[  246.175714][T15451] 8021q: adding VLAN 0 to HW filter on device bond1
[  246.228077][T15451] bond1 (unregistering): Released all slaves
[  246.308591][T15461] netlink: 'syz.3.4357': attribute type 4 has an invalid length.
[  246.401383][T15461] loop3: detected capacity change from 0 to 2048
[  246.433211][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.479351][T15461] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  246.616116][T15469] loop2: detected capacity change from 0 to 8192
[  246.804724][T15472] loop2: detected capacity change from 0 to 8192
[  246.876806][T15441] FAULT_INJECTION: forcing a failure.
[  246.876806][T15441] name failslab, interval 1, probability 0, space 0, times 0
[  246.889608][T15441] CPU: 1 UID: 0 PID: 15441 Comm: syz.5.4352 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  246.901595][T15441] Tainted: [W]=WARN
[  246.905404][T15441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  246.915509][T15441] Call Trace:
[  246.918815][T15441]  <TASK>
[  246.921750][T15441]  dump_stack_lvl+0xf2/0x150
[  246.926491][T15441]  dump_stack+0x15/0x20
[  246.930653][T15441]  should_fail_ex+0x223/0x230
[  246.935344][T15441]  should_failslab+0x8f/0xb0
[  246.940037][T15441]  kmem_cache_alloc_lru_noprof+0x57/0x320
[  246.945857][T15441]  ? shmem_alloc_inode+0x34/0x50
[  246.950836][T15441]  shmem_alloc_inode+0x34/0x50
[  246.955746][T15441]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  246.961306][T15441]  alloc_inode+0x3c/0x160
[  246.965671][T15441]  new_inode+0x1e/0x100
[  246.969839][T15441]  shmem_get_inode+0x24e/0x730
[  246.974700][T15441]  __shmem_file_setup+0x127/0x1f0
[  246.979760][T15441]  shmem_file_setup+0x3b/0x50
[  246.984453][T15441]  __se_sys_memfd_create+0x31d/0x5c0
[  246.989772][T15441]  __x64_sys_memfd_create+0x31/0x40
[  246.995045][T15441]  x64_sys_call+0x2d4c/0x2dc0
[  246.999748][T15441]  do_syscall_64+0xc9/0x1c0
[  247.004267][T15441]  ? clear_bhb_loop+0x55/0xb0
[  247.008961][T15441]  ? clear_bhb_loop+0x55/0xb0
[  247.013656][T15441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.019652][T15441] RIP: 0033:0x7f4c231b0809
[  247.024126][T15441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.043904][T15441] RSP: 002b:00007f4c21826e38 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  247.052339][T15441] RAX: ffffffffffffffda RBX: 00000000000004c1 RCX: 00007f4c231b0809
[  247.060348][T15441] RDX: 00007f4c21826f10 RSI: 0000000000000000 RDI: 00007f4c232241c1
[  247.068344][T15441] RBP: 0000000020000680 R08: 00007f4c21826bd7 R09: 00007f4c21826e60
[  247.076411][T15441] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000640
[  247.084406][T15441] R13: 00007f4c21826f10 R14: 00007f4c21826ed0 R15: 00000000200001c0
[  247.092400][T15441]  </TASK>
[  247.119399][T15476] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  247.166786][T15479] loop4: detected capacity change from 0 to 512
[  247.179680][T15479] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.194576][T15479] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.247922][T15479] Process accounting resumed
[  247.255826][T15479] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  247.276037][   T29] kauditd_printk_skb: 158 callbacks suppressed
[  247.276055][   T29] audit: type=1326 audit(1732763544.378:12740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15460 comm="syz.3.4357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7fc00000
[  247.381669][   T29] audit: type=1326 audit(1732763544.458:12741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15485 comm="syz.1.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  247.404896][T15493] __nla_validate_parse: 6 callbacks suppressed
[  247.404916][T15493] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4366'.
[  247.405327][   T29] audit: type=1326 audit(1732763544.458:12742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15485 comm="syz.1.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  247.412104][T15494] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4367'.
[  247.420351][   T29] audit: type=1326 audit(1732763544.458:12743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15485 comm="syz.1.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  247.466603][T15493] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4366'.
[  247.476627][   T29] audit: type=1326 audit(1732763544.458:12744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15484 comm="syz.3.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  247.485630][T15493] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4366'.
[  247.509189][   T29] audit: type=1326 audit(1732763544.458:12745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15484 comm="syz.3.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=100 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  247.517944][T15493] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4366'.
[  247.541506][   T29] audit: type=1326 audit(1732763544.458:12746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15484 comm="syz.3.4367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  247.574387][   T29] audit: type=1326 audit(1732763544.458:12747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15485 comm="syz.1.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  247.598058][   T29] audit: type=1326 audit(1732763544.458:12748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15485 comm="syz.1.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  247.621646][T15498] netlink: 88 bytes leftover after parsing attributes in process `syz.5.4369'.
[  247.630768][   T29] audit: type=1326 audit(1732763544.458:12749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15485 comm="syz.1.4366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa44cb80809 code=0x7ffc0000
[  247.654858][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.668731][T15500] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4367'.
[  247.677749][T15500] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4367'.
[  247.686649][T15500] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4367'.
[  247.757894][T15504] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4372'.
[  247.777986][T15506] bond2: entered promiscuous mode
[  247.783046][T15506] bond2: entered allmulticast mode
[  247.810448][T15506] 8021q: adding VLAN 0 to HW filter on device bond2
[  247.847961][T15506] bond2 (unregistering): Released all slaves
[  247.917880][T15503] lo speed is unknown, defaulting to 1000
[  248.220211][T15517] loop1: detected capacity change from 0 to 512
[  248.246126][T15517] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  248.299811][T15524] FAULT_INJECTION: forcing a failure.
[  248.299811][T15524] name failslab, interval 1, probability 0, space 0, times 0
[  248.312654][T15524] CPU: 1 UID: 0 PID: 15524 Comm: syz.5.4378 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  248.324580][T15524] Tainted: [W]=WARN
[  248.328388][T15524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  248.338452][T15524] Call Trace:
[  248.341832][T15524]  <TASK>
[  248.344768][T15524]  dump_stack_lvl+0xf2/0x150
[  248.349376][T15524]  dump_stack+0x15/0x20
[  248.353595][T15524]  should_fail_ex+0x223/0x230
[  248.358308][T15524]  ? audit_log_d_path+0x96/0x250
[  248.363265][T15524]  should_failslab+0x8f/0xb0
[  248.367896][T15524]  __kmalloc_cache_noprof+0x4e/0x320
[  248.373209][T15524]  audit_log_d_path+0x96/0x250
[  248.377991][T15524]  ? __rcu_read_unlock+0x4e/0x70
[  248.383005][T15524]  audit_log_d_path_exe+0x42/0x70
[  248.388048][T15524]  audit_log_task+0x192/0x1c0
[  248.392742][T15524]  ? __mt_destroy+0xc7/0xe0
[  248.397286][T15524]  audit_seccomp+0x68/0x130
[  248.401804][T15524]  __seccomp_filter+0x6fa/0x1180
[  248.406751][T15524]  ? __fput+0x51f/0x6d0
[  248.410931][T15524]  ? kmem_cache_free+0x1e8/0x2d0
[  248.415926][T15524]  ? percpu_counter_add_batch+0xc6/0x140
[  248.421629][T15524]  ? __fput+0x51f/0x6d0
[  248.425936][T15524]  __secure_computing+0x9f/0x1c0
[  248.430884][T15524]  syscall_trace_enter+0xd1/0x1f0
[  248.435967][T15524]  ? fpregs_assert_state_consistent+0x83/0xa0
[  248.442159][T15524]  do_syscall_64+0xaa/0x1c0
[  248.446678][T15524]  ? clear_bhb_loop+0x55/0xb0
[  248.451441][T15524]  ? clear_bhb_loop+0x55/0xb0
[  248.456200][T15524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.462148][T15524] RIP: 0033:0x7f4c231af21c
[  248.466575][T15524] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  248.486210][T15524] RSP: 002b:00007f4c21827050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  248.494677][T15524] RAX: ffffffffffffffda RBX: 00007f4c23375fa0 RCX: 00007f4c231af21c
[  248.502679][T15524] RDX: 000000000000000f RSI: 00007f4c218270b0 RDI: 0000000000000005
[  248.510724][T15524] RBP: 00007f4c218270a0 R08: 0000000000000000 R09: 0000000000000000
[  248.518776][T15524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  248.526829][T15524] R13: 0000000000000000 R14: 00007f4c23375fa0 R15: 00007ffdc7e83538
[  248.534814][T15524]  </TASK>
[  248.540961][T15517] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.554099][T15517] ext4 filesystem being mounted at /317/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.566671][T15522] FAULT_INJECTION: forcing a failure.
[  248.566671][T15522] name failslab, interval 1, probability 0, space 0, times 0
[  248.579423][T15522] CPU: 0 UID: 0 PID: 15522 Comm: syz.2.4379 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  248.591408][T15522] Tainted: [W]=WARN
[  248.595229][T15522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  248.605383][T15522] Call Trace:
[  248.608756][T15522]  <TASK>
[  248.611704][T15522]  dump_stack_lvl+0xf2/0x150
[  248.616317][T15522]  dump_stack+0x15/0x20
[  248.620589][T15522]  should_fail_ex+0x223/0x230
[  248.625290][T15522]  ? audit_log_d_path+0x96/0x250
[  248.630292][T15522]  should_failslab+0x8f/0xb0
[  248.634934][T15522]  __kmalloc_cache_noprof+0x4e/0x320
[  248.640300][T15522]  audit_log_d_path+0x96/0x250
[  248.645150][T15522]  ? __rcu_read_unlock+0x4e/0x70
[  248.650099][T15522]  audit_log_d_path_exe+0x42/0x70
[  248.655147][T15522]  audit_log_task+0x192/0x1c0
[  248.659879][T15522]  audit_seccomp+0x68/0x130
[  248.664467][T15522]  __seccomp_filter+0x6fa/0x1180
[  248.669414][T15522]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  248.675077][T15522]  ? vfs_write+0x596/0x920
[  248.679607][T15522]  __secure_computing+0x9f/0x1c0
[  248.684668][T15522]  syscall_trace_enter+0xd1/0x1f0
[  248.689743][T15522]  ? fpregs_assert_state_consistent+0x83/0xa0
[  248.695839][T15522]  do_syscall_64+0xaa/0x1c0
[  248.700346][T15522]  ? clear_bhb_loop+0x55/0xb0
[  248.705089][T15522]  ? clear_bhb_loop+0x55/0xb0
[  248.709790][T15522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.715704][T15522] RIP: 0033:0x7fa353620809
[  248.720247][T15522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.739896][T15522] RSP: 002b:00007fa351c97058 EFLAGS: 00000246 ORIG_RAX: 00000000000000e5
[  248.748370][T15522] RAX: ffffffffffffffda RBX: 00007fa3537e5fa0 RCX: 00007fa353620809
[  248.756367][T15522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  248.764363][T15522] RBP: 00007fa351c970a0 R08: 0000000000000000 R09: 0000000000000000
[  248.772404][T15522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.780385][T15522] R13: 0000000000000000 R14: 00007fa3537e5fa0 R15: 00007ffdce52d3a8
[  248.788442][T15522]  </TASK>
[  248.817824][T15529] loop2: detected capacity change from 0 to 1024
[  248.827721][T15529] EXT4-fs: Ignoring removed mblk_io_submit option
[  248.869325][T15529] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.888898][T15534] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  249.031964][T11542] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.166767][T11341] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.176048][T15545] loop4: detected capacity change from 0 to 8192
[  249.196199][T15551] bond2: entered promiscuous mode
[  249.201319][T15551] bond2: entered allmulticast mode
[  249.235801][T15551] 8021q: adding VLAN 0 to HW filter on device bond2
[  249.266159][T15551] bond2 (unregistering): Released all slaves
[  249.365498][T15561] loop3: detected capacity change from 0 to 1024
[  249.372362][T15561] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  249.420081][T15566] sit1: entered promiscuous mode
[  249.425159][T15566] sit1: entered allmulticast mode
[  249.455696][T15569] netlink: 'syz.3.4394': attribute type 10 has an invalid length.
[  249.519197][T15569] 8021q: adding VLAN 0 to HW filter on device team0
[  249.543939][T15569] bond0: (slave team0): Enslaving as an active interface with an up link
[  249.593772][T15575] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  249.648331][T15579] loop4: detected capacity change from 0 to 512
[  249.675905][T15579] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  249.713882][T15579] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.727026][T15571] loop3: detected capacity change from 0 to 8192
[  249.762766][T15569] syz.3.4394: attempt to access beyond end of device
[  249.762766][T15569] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  249.799143][T15585] loop2: detected capacity change from 0 to 512
[  249.801046][T15569] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  249.813314][T15569] FAT-fs (loop3): Filesystem has been set read-only
[  249.821242][T12635] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.848617][T15585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.850482][T15569] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  249.898522][T15569] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  249.901109][T15585] ext4 filesystem being mounted at /281/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.961648][T15585] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  250.004524][T15597] syz.1.4406[15597] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  250.004660][T15597] syz.1.4406[15597] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  250.024469][T15584] Process accounting resumed
[  250.051705][T15597] syz.1.4406[15597] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  250.067573][T15602] bond2: entered promiscuous mode
[  250.084133][T15602] bond2: entered allmulticast mode
[  250.089430][T15602] 8021q: adding VLAN 0 to HW filter on device bond2
[  250.102900][T15604] loop5: detected capacity change from 0 to 512
[  250.107477][T15602] bond2 (unregistering): Released all slaves
[  250.118830][T11542] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.138555][T15604] EXT4-fs (loop5): can't mount with data=, fs mounted w/o journal
[  250.147917][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  250.189095][T15614] FAULT_INJECTION: forcing a failure.
[  250.189095][T15614] name failslab, interval 1, probability 0, space 0, times 0
[  250.201925][T15614] CPU: 0 UID: 0 PID: 15614 Comm: syz.1.4411 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  250.213857][T15614] Tainted: [W]=WARN
[  250.217680][T15614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  250.227762][T15614] Call Trace:
[  250.231070][T15614]  <TASK>
[  250.234052][T15614]  dump_stack_lvl+0xf2/0x150
[  250.238688][T15614]  dump_stack+0x15/0x20
[  250.242869][T15614]  should_fail_ex+0x223/0x230
[  250.247662][T15614]  should_failslab+0x8f/0xb0
[  250.252356][T15614]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  250.258779][T15614]  ? kstrdup_const+0x3e/0x50
[  250.263388][T15614]  kstrdup+0x38/0x80
[  250.267306][T15614]  kstrdup_const+0x3e/0x50
[  250.271741][T15614]  alloc_vfsmnt+0xa9/0x300
[  250.276259][T15614]  clone_mnt+0x45/0x7a0
[  250.280450][T15614]  copy_tree+0xba/0x7f0
[  250.284684][T15614]  ? proc_alloc_inum+0x4c/0x70
[  250.289579][T15614]  copy_mnt_ns+0x11e/0x5f0
[  250.294019][T15614]  ? kmem_cache_alloc_noprof+0x22c/0x320
[  250.299865][T15614]  ? create_new_namespaces+0x3c/0x430
[  250.305261][T15614]  create_new_namespaces+0x89/0x430
[  250.310479][T15614]  ? security_capable+0x81/0x90
[  250.315393][T15614]  unshare_nsproxy_namespaces+0xe6/0x120
[  250.321095][T15614]  ksys_unshare+0x3c9/0x6e0
[  250.325694][T15614]  __x64_sys_unshare+0x1f/0x30
[  250.330563][T15614]  x64_sys_call+0x1a3e/0x2dc0
[  250.335271][T15614]  do_syscall_64+0xc9/0x1c0
[  250.339796][T15614]  ? clear_bhb_loop+0x55/0xb0
[  250.344495][T15614]  ? clear_bhb_loop+0x55/0xb0
[  250.349189][T15614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.355118][T15614] RIP: 0033:0x7fa44cb80809
[  250.359585][T15614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.379271][T15614] RSP: 002b:00007fa44b1f7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  250.387764][T15614] RAX: ffffffffffffffda RBX: 00007fa44cd45fa0 RCX: 00007fa44cb80809
[  250.395760][T15614] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000004a060480
[  250.403744][T15614] RBP: 00007fa44b1f70a0 R08: 0000000000000000 R09: 0000000000000000
[  250.411722][T15614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.419718][T15614] R13: 0000000000000000 R14: 00007fa44cd45fa0 R15: 00007ffc923c7568
[  250.427713][T15614]  </TASK>
[  250.763752][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  250.768519][T15634] loop1: detected capacity change from 0 to 512
[  250.792556][T15641] sit1: entered promiscuous mode
[  250.797746][T15641] sit1: entered allmulticast mode
[  250.823769][T15634] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  250.862943][T15634] ext4 filesystem being mounted at /326/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.949958][T15632] Process accounting resumed
[  250.964183][T11341] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.979464][    T9] hid-generic 0000:0000:0000.0049: unknown main item tag 0x0
[  250.987999][    T9] hid-generic 0000:0000:0000.0049: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  251.041018][T15649] loop3: detected capacity change from 0 to 8192
[  251.069179][T15655] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  251.140547][T15660] lo speed is unknown, defaulting to 1000
[  251.190920][T15666] FAULT_INJECTION: forcing a failure.
[  251.190920][T15666] name failslab, interval 1, probability 0, space 0, times 0
[  251.203722][T15666] CPU: 0 UID: 0 PID: 15666 Comm: syz.3.4432 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  251.215637][T15666] Tainted: [W]=WARN
[  251.219455][T15666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  251.229583][T15666] Call Trace:
[  251.232887][T15666]  <TASK>
[  251.235833][T15666]  dump_stack_lvl+0xf2/0x150
[  251.240448][T15666]  dump_stack+0x15/0x20
[  251.244615][T15666]  should_fail_ex+0x223/0x230
[  251.249339][T15666]  should_failslab+0x8f/0xb0
[  251.254098][T15666]  kmem_cache_alloc_noprof+0x52/0x320
[  251.259607][T15666]  ? vm_area_alloc+0xac/0x130
[  251.264309][T15666]  vm_area_alloc+0xac/0x130
[  251.268837][T15666]  __mmap_region+0x6b5/0x13f0
[  251.273611][T15666]  mmap_region+0x18c/0x1e0
[  251.278048][T15666]  do_mmap+0x718/0xb60
[  251.282139][T15666]  do_shmat+0x58b/0x770
[  251.286335][T15666]  __x64_sys_shmat+0x64/0xb0
[  251.290960][T15666]  x64_sys_call+0x28f6/0x2dc0
[  251.295731][T15666]  do_syscall_64+0xc9/0x1c0
[  251.300382][T15666]  ? clear_bhb_loop+0x55/0xb0
[  251.305080][T15666]  ? clear_bhb_loop+0x55/0xb0
[  251.309797][T15666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.315770][T15666] RIP: 0033:0x7fb3ba950809
[  251.320300][T15666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.339938][T15666] RSP: 002b:00007fb3b8fc7058 EFLAGS: 00000246 ORIG_RAX: 000000000000001e
[  251.348382][T15666] RAX: ffffffffffffffda RBX: 00007fb3bab15fa0 RCX: 00007fb3ba950809
[  251.356377][T15666] RDX: 0000000000000000 RSI: 0000000020001000 RDI: 0000000000000000
[  251.364371][T15666] RBP: 00007fb3b8fc70a0 R08: 0000000000000000 R09: 0000000000000000
[  251.372390][T15666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  251.380423][T15666] R13: 0000000000000000 R14: 00007fb3bab15fa0 R15: 00007ffcfaa08d28
[  251.388480][T15666]  </TASK>
[  251.474457][T15668] x_tables: duplicate underflow at hook 4
[  251.858916][T15686] loop1: detected capacity change from 0 to 164
[  252.007083][T15688] loop4: detected capacity change from 0 to 128
[  252.014928][T15688] EXT4-fs: Ignoring removed nobh option
[  252.026715][T15688] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  252.047815][T15688] ext4 filesystem being mounted at /201/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  252.065901][T15690] loop2: detected capacity change from 0 to 8192
[  252.087843][T12635] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  252.266403][T15707] FAULT_INJECTION: forcing a failure.
[  252.266403][T15707] name failslab, interval 1, probability 0, space 0, times 0
[  252.279161][T15707] CPU: 0 UID: 0 PID: 15707 Comm: syz.4.4448 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  252.291160][T15707] Tainted: [W]=WARN
[  252.294976][T15707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  252.305059][T15707] Call Trace:
[  252.308393][T15707]  <TASK>
[  252.311338][T15707]  dump_stack_lvl+0xf2/0x150
[  252.315973][T15707]  dump_stack+0x15/0x20
[  252.320147][T15707]  should_fail_ex+0x223/0x230
[  252.324860][T15707]  should_failslab+0x8f/0xb0
[  252.329671][T15707]  __kmalloc_node_noprof+0xad/0x410
[  252.334919][T15707]  ? should_failslab+0x8f/0xb0
[  252.339747][T15707]  ? __kvmalloc_node_noprof+0x72/0x170
[  252.345231][T15707]  __kvmalloc_node_noprof+0x72/0x170
[  252.350609][T15707]  page_pool_create_percpu+0x24d/0x650
[  252.356131][T15707]  page_pool_create+0x1a/0x20
[  252.360917][T15707]  bpf_test_run_xdp_live+0x138/0x1040
[  252.366316][T15707]  ? __pfx_autoremove_wake_function+0x10/0x10
[  252.372412][T15707]  ? 0xffffffffa00038c0
[  252.376598][T15707]  ? synchronize_rcu+0x46/0x320
[  252.381501][T15707]  ? 0xffffffffa00038c0
[  252.385748][T15707]  ? bpf_dispatcher_change_prog+0x747/0x840
[  252.391698][T15707]  ? 0xffffffffa00038c0
[  252.395874][T15707]  ? 0xffffffffa000065c
[  252.400113][T15707]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  252.406108][T15707]  bpf_prog_test_run_xdp+0x51d/0x8b0
[  252.411495][T15707]  ? __rcu_read_unlock+0x4e/0x70
[  252.416451][T15707]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  252.422308][T15707]  bpf_prog_test_run+0x20f/0x3a0
[  252.427284][T15707]  __sys_bpf+0x400/0x7a0
[  252.431567][T15707]  __x64_sys_bpf+0x43/0x50
[  252.436018][T15707]  x64_sys_call+0x2914/0x2dc0
[  252.440762][T15707]  do_syscall_64+0xc9/0x1c0
[  252.445323][T15707]  ? clear_bhb_loop+0x55/0xb0
[  252.450025][T15707]  ? clear_bhb_loop+0x55/0xb0
[  252.454717][T15707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.460798][T15707] RIP: 0033:0x7fbb3c200809
[  252.465269][T15707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  252.484984][T15707] RSP: 002b:00007fbb3a877058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  252.493411][T15707] RAX: ffffffffffffffda RBX: 00007fbb3c3c5fa0 RCX: 00007fbb3c200809
[  252.501427][T15707] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  252.509421][T15707] RBP: 00007fbb3a8770a0 R08: 0000000000000000 R09: 0000000000000000
[  252.517408][T15707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  252.525397][T15707] R13: 0000000000000000 R14: 00007fbb3c3c5fa0 R15: 00007fff63ef3f38
[  252.533532][T15707]  </TASK>
[  252.536977][T15707] page_pool_create_percpu() gave up with errno -12
[  252.661445][   T29] kauditd_printk_skb: 256 callbacks suppressed
[  252.661463][   T29] audit: type=1326 audit(1732763549.768:13006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15720 comm="syz.3.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  252.691549][   T29] audit: type=1326 audit(1732763549.768:13007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15720 comm="syz.3.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  252.715368][   T29] audit: type=1326 audit(1732763549.808:13008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15720 comm="syz.3.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  252.739118][   T29] audit: type=1326 audit(1732763549.808:13009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15720 comm="syz.3.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  252.762898][   T29] audit: type=1326 audit(1732763549.808:13010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15720 comm="syz.3.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  252.786797][   T29] audit: type=1326 audit(1732763549.808:13011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15720 comm="syz.3.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  252.810508][   T29] audit: type=1326 audit(1732763549.808:13012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15720 comm="syz.3.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  252.834300][   T29] audit: type=1326 audit(1732763549.808:13013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15720 comm="syz.3.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  252.858163][   T29] audit: type=1326 audit(1732763549.808:13014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15720 comm="syz.3.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  252.881946][   T29] audit: type=1326 audit(1732763549.808:13015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15720 comm="syz.3.4453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fb3ba950809 code=0x7ffc0000
[  252.909525][T15721] loop3: detected capacity change from 0 to 512
[  252.933333][T15725] loop4: detected capacity change from 0 to 8192
[  252.941251][T15721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.956773][T15729] __nla_validate_parse: 17 callbacks suppressed
[  252.956793][T15729] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4456'.
[  252.974092][T15721] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.050179][T15729] sit1: entered promiscuous mode
[  253.055272][T15729] sit1: entered allmulticast mode
[  253.160578][T11175] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.183547][T15733] loop2: detected capacity change from 0 to 1024
[  253.191490][T15733] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  253.216677][T15733] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  253.224791][T15733] EXT4-fs (loop2): orphan cleanup on readonly fs
[  253.233195][T15733] EXT4-fs warning (device loop2): ext4_enable_quotas:7156: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  253.247903][T15733] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  253.259582][T15733] EXT4-fs (loop2): 1 truncate cleaned up
[  253.265615][T15733] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  253.297789][T15745] netlink: 88 bytes leftover after parsing attributes in process `syz.1.4462'.
[  253.323318][T11542] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.354727][T15747] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  253.699280][T15762] loop3: detected capacity change from 0 to 128
[  253.732948][T15760] netlink: 562 bytes leftover after parsing attributes in process `syz.1.4467'.
[  253.806085][ T3397] hid-generic 0000:0000:0000.004A: unknown main item tag 0x0
[  253.813879][ T3397] hid-generic 0000:0000:0000.004A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  253.910901][T15783] bond2: entered promiscuous mode
[  253.916011][T15783] bond2: entered allmulticast mode
[  253.939452][T15776] loop1: detected capacity change from 0 to 8192
[  253.943629][T15783] 8021q: adding VLAN 0 to HW filter on device bond2
[  253.965977][T15783] bond2 (unregistering): Released all slaves
[  254.024408][T15794] loop5: detected capacity change from 0 to 1024
[  254.031160][T15794] EXT4-fs: Ignoring removed nobh option
[  254.048837][T15794] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.104763][T15061] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.174017][T15808] loop1: detected capacity change from 0 to 512
[  254.196139][T15809] netlink: 558 bytes leftover after parsing attributes in process `syz.5.4482'.
[  254.223482][T15808] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  254.234963][T15807] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4484'.
[  254.251522][T15807] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4484'.
[  254.260616][T15807] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4484'.
[  254.262371][T15808] ext4 filesystem being mounted at /342/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.269541][T15807] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4484'.
[  254.291163][T15816] FAULT_INJECTION: forcing a failure.
[  254.291163][T15816] name failslab, interval 1, probability 0, space 0, times 0
[  254.303841][T15816] CPU: 1 UID: 0 PID: 15816 Comm: syz.3.4485 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  254.315772][T15816] Tainted: [W]=WARN
[  254.319588][T15816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  254.329743][T15816] Call Trace:
[  254.333063][T15816]  <TASK>
[  254.336062][T15816]  dump_stack_lvl+0xf2/0x150
[  254.340681][T15816]  dump_stack+0x15/0x20
[  254.344902][T15816]  should_fail_ex+0x223/0x230
[  254.349607][T15816]  should_failslab+0x8f/0xb0
[  254.354551][T15816]  kmem_cache_alloc_node_noprof+0x59/0x320
[  254.360463][T15816]  ? __alloc_skb+0x10b/0x310
[  254.365230][T15816]  __alloc_skb+0x10b/0x310
[  254.369739][T15816]  ? audit_log_start+0x34c/0x6b0
[  254.374720][T15816]  audit_log_start+0x368/0x6b0
[  254.379587][T15816]  audit_seccomp+0x4b/0x130
[  254.384110][T15816]  __seccomp_filter+0x6fa/0x1180
[  254.389147][T15816]  ? vfs_write+0x596/0x920
[  254.393667][T15816]  ? putname+0xcf/0xf0
[  254.397819][T15816]  __secure_computing+0x9f/0x1c0
[  254.402811][T15816]  syscall_trace_enter+0xd1/0x1f0
[  254.407865][T15816]  ? fpregs_assert_state_consistent+0x83/0xa0
[  254.414018][T15816]  do_syscall_64+0xaa/0x1c0
[  254.418612][T15816]  ? clear_bhb_loop+0x55/0xb0
[  254.423323][T15816]  ? clear_bhb_loop+0x55/0xb0
[  254.428084][T15816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.434046][T15816] RIP: 0033:0x7fb3ba950809
[  254.438476][T15816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.458177][T15816] RSP: 002b:00007fb3b8fc7058 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[  254.466667][T15816] RAX: ffffffffffffffda RBX: 00007fb3bab15fa0 RCX: 00007fb3ba950809
[  254.474703][T15816] RDX: 0000000000000000 RSI: 000000000000c17a RDI: 0000000000000005
[  254.482700][T15816] RBP: 00007fb3b8fc70a0 R08: 0000000000000000 R09: 0000000000000000
[  254.490752][T15816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.498861][T15816] R13: 0000000000000000 R14: 00007fb3bab15fa0 R15: 00007ffcfaa08d28
[  254.506921][T15816]  </TASK>
[  254.511478][T15808] Process accounting resumed
[  254.559573][T15808] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  254.596679][T15823] loop2: detected capacity change from 0 to 8192
[  254.618294][T11341] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.630307][T15826] FAULT_INJECTION: forcing a failure.
[  254.630307][T15826] name failslab, interval 1, probability 0, space 0, times 0
[  254.643090][T15826] CPU: 1 UID: 0 PID: 15826 Comm: syz.3.4490 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  254.655192][T15826] Tainted: [W]=WARN
[  254.659015][T15826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  254.669088][T15826] Call Trace:
[  254.672438][T15826]  <TASK>
[  254.675397][T15826]  dump_stack_lvl+0xf2/0x150
[  254.680089][T15826]  dump_stack+0x15/0x20
[  254.684262][T15826]  should_fail_ex+0x223/0x230
[  254.689027][T15826]  should_failslab+0x8f/0xb0
[  254.693714][T15826]  __kmalloc_noprof+0xab/0x3f0
[  254.698563][T15826]  ? iter_file_splice_write+0x102/0x980
[  254.704278][T15826]  iter_file_splice_write+0x102/0x980
[  254.709745][T15826]  ? path_openat+0x1a5a/0x1fa0
[  254.714651][T15826]  ? _parse_integer_limit+0x167/0x180
[  254.720041][T15826]  ? avc_policy_seqno+0x15/0x20
[  254.724902][T15826]  ? selinux_file_permission+0x22a/0x360
[  254.730556][T15826]  ? __pfx_iter_file_splice_write+0x10/0x10
[  254.736541][T15826]  do_splice+0x98f/0x1120
[  254.740896][T15826]  ? get_pid_task+0x8e/0xc0
[  254.745468][T15826]  ? proc_fail_nth_write+0x12a/0x150
[  254.750773][T15826]  ? __rcu_read_unlock+0x4e/0x70
[  254.755748][T15826]  ? __fget_files+0x17c/0x1c0
[  254.760468][T15826]  __se_sys_splice+0x259/0x3a0
[  254.765407][T15826]  __x64_sys_splice+0x78/0x90
[  254.770245][T15826]  x64_sys_call+0x2ce8/0x2dc0
[  254.775013][T15826]  do_syscall_64+0xc9/0x1c0
[  254.779533][T15826]  ? clear_bhb_loop+0x55/0xb0
[  254.784250][T15826]  ? clear_bhb_loop+0x55/0xb0
[  254.789015][T15826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.795018][T15826] RIP: 0033:0x7fb3ba950809
[  254.799442][T15826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.819228][T15826] RSP: 002b:00007fb3b8fc7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  254.827751][T15826] RAX: ffffffffffffffda RBX: 00007fb3bab15fa0 RCX: 00007fb3ba950809
[  254.835732][T15826] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000006
[  254.843822][T15826] RBP: 00007fb3b8fc70a0 R08: 000000000000fdef R09: 0000000000000000
[  254.851886][T15826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.859863][T15826] R13: 0000000000000000 R14: 00007fb3bab15fa0 R15: 00007ffcfaa08d28
[  254.867850][T15826]  </TASK>
[  254.907539][T15828] bond1: entered promiscuous mode
[  254.912622][T15828] bond1: entered allmulticast mode
[  254.917367][T15832] loop5: detected capacity change from 0 to 512
[  254.918018][T15828] 8021q: adding VLAN 0 to HW filter on device bond1
[  254.924482][T15832] EXT4-fs: Ignoring removed bh option
[  254.935496][T15826] netlink: 'syz.3.4490': attribute type 1 has an invalid length.
[  254.937701][T15832] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  254.955336][T15828] bond1 (unregistering): Released all slaves
[  254.957648][T15832] EXT4-fs (loop5): 1 truncate cleaned up
[  254.967436][T15832] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.980841][T15834] netlink: 'syz.4.4493': attribute type 1 has an invalid length.
[  255.000124][T15826] 8021q: adding VLAN 0 to HW filter on device bond2
Connection to 10.128.0.15 closed by remote host.
[  255.008451][T15832] Process accounting resumed
[  255.023217][T15834] 8021q: adding VLAN 0 to HW filter on device bond1
[  255.024610][T15832] Invalid ELF header magic: != ELF
[  255.245596][   T57] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.347723][   T57] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.427392][   T57] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.452577][T15824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.487895][   T57] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.580331][   T57] bridge_slave_1: left allmulticast mode
[  255.586115][   T57] bridge_slave_1: left promiscuous mode
[  255.591877][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.627976][   T57] bridge_slave_0: left allmulticast mode
[  255.633653][   T57] bridge_slave_0: left promiscuous mode
[  255.639350][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.718864][   T57] bond0 (unregistering): (slave geneve1): Releasing backup interface
[  255.808733][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  255.820747][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  255.830596][   T57] bond0 (unregistering): (slave team0): Releasing backup interface
[  255.841539][   T57] bond0 (unregistering): Released all slaves
[  255.850563][   T57] bond1 (unregistering): Released all slaves
[  255.861389][   T57] bond2 (unregistering): Released all slaves
[  255.945797][   T57] hsr_slave_0: left promiscuous mode
[  255.953805][   T57] hsr_slave_1: left promiscuous mode
[  255.963378][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.970990][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[  255.982054][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.989543][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[  256.003157][   T57] veth1_macvtap: left promiscuous mode
[  256.008703][   T57] veth1_vlan: left promiscuous mode
[  256.013940][   T57] veth0_vlan: left promiscuous mode
[  256.094056][   T57] team0 (unregistering): Port device team_slave_1 removed
[  256.106248][   T57] team0 (unregistering): Port device team_slave_0 removed
[  256.366308][   T57] IPVS: stop unused estimator thread 0...
[  256.411957][   T57] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.459617][   T57] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.518185][   T57] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.579152][   T57] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.654433][   T57] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.719523][   T57] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.779358][   T57] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.839497][   T57] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.916802][   T57] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.979991][   T57] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.039149][   T57] team0: Port device netdevsim1 removed
[  257.045968][   T57] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.109004][   T57] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.185832][   T57] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.249076][   T57] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.309466][   T57] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.368957][   T57] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.442548][   T57] bridge_slave_1: left allmulticast mode
[  257.448265][   T57] bridge_slave_1: left promiscuous mode
[  257.453964][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.466593][   T57] bridge_slave_0: left allmulticast mode
[  257.472352][   T57] bridge_slave_0: left promiscuous mode
[  257.478054][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.488387][   T57] bridge_slave_1: left allmulticast mode
[  257.494042][   T57] bridge_slave_1: left promiscuous mode
[  257.499782][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.507955][   T57] bridge_slave_0: left allmulticast mode
[  257.513600][   T57] bridge_slave_0: left promiscuous mode
[  257.519315][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.529544][   T57] bridge_slave_1: left allmulticast mode
[  257.535193][   T57] bridge_slave_1: left promiscuous mode
[  257.540948][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.551334][   T57] bridge_slave_0: left allmulticast mode
[  257.557086][   T57] bridge_slave_0: left promiscuous mode
[  257.562723][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.571323][   T57] bridge_slave_1: left allmulticast mode
[  257.577045][   T57] bridge_slave_1: left promiscuous mode
[  257.582667][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.590666][   T57] bridge_slave_0: left allmulticast mode
[  257.596418][   T57] bridge_slave_0: left promiscuous mode
[  257.602091][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.048845][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  258.060952][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  258.070645][   T57] bond0 (unregistering): Released all slaves
[  258.081607][   T57] bond1 (unregistering): Released all slaves
[  258.091675][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  258.103713][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  258.113525][   T57] bond0 (unregistering): Released all slaves
[  258.125156][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  258.135358][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  258.147001][   T57] bond0 (unregistering): Released all slaves
[  258.156074][   T57] bond1 (unregistering): Released all slaves
[  258.166804][   T57] bond2 (unregistering): Released all slaves
[  258.175960][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  258.189623][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  258.201287][   T57] bond0 (unregistering): Released all slaves
[  258.414488][   T57] hsr_slave_0: left promiscuous mode
[  258.423549][   T57] hsr_slave_1: left promiscuous mode
[  258.429660][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.437198][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.448273][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.455741][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.467924][   T57] hsr_slave_0: left promiscuous mode
[  258.473666][   T57] hsr_slave_1: left promiscuous mode
[  258.479679][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.487183][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.496263][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.503781][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.514724][   T57] hsr_slave_0: left promiscuous mode
[  258.520481][   T57] hsr_slave_1: left promiscuous mode
[  258.526292][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.533911][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.543350][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.550776][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.561640][   T57] hsr_slave_0: left promiscuous mode
[  258.567419][   T57] hsr_slave_1: left promiscuous mode
[  258.573251][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.580721][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.590334][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.597774][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[  258.616232][   T57] veth1_macvtap: left promiscuous mode
[  258.621789][   T57] veth1_vlan: left promiscuous mode
[  258.627110][   T57] veth0_vlan: left promiscuous mode
[  258.634567][   T57] veth1_macvtap: left promiscuous mode
[  258.640085][   T57] veth0_macvtap: left promiscuous mode
[  258.645613][   T57] veth1_vlan: left promiscuous mode
[  258.650898][   T57] veth0_vlan: left promiscuous mode
[  258.658403][   T57] veth1_macvtap: left promiscuous mode
[  258.663935][   T57] veth1_vlan: left promiscuous mode
[  258.669335][   T57] veth0_vlan: left promiscuous mode
[  258.675190][   T57] veth1_macvtap: left promiscuous mode
[  258.680831][   T57] veth1_vlan: left promiscuous mode
[  258.686096][   T57] veth0_vlan: left promiscuous mode
[  258.955202][   T57] team0 (unregistering): Port device team_slave_1 removed
[  258.968020][   T57] team0 (unregistering): Port device team_slave_0 removed
[  259.043135][   T57] team0 (unregistering): Port device team_slave_1 removed
[  259.054397][   T57] team0 (unregistering): Port device team_slave_0 removed
[  259.127168][   T57] team0 (unregistering): Port device team_slave_1 removed
[  259.139856][   T57] team0 (unregistering): Port device team_slave_0 removed
[  261.826498][    C0] ==================================================================
[  261.834640][    C0] BUG: KCSAN: data-race in __tmigr_cpu_activate / tmigr_handle_remote
[  261.842829][    C0] 
[  261.845143][    C0] write to 0xffff888237d205dc of 1 bytes by task 0 on cpu 1:
[  261.852513][    C0]  __tmigr_cpu_activate+0x55/0x200
[  261.857638][    C0]  tmigr_cpu_activate+0x8a/0xc0
[  261.862493][    C0]  timer_clear_idle+0x28/0x100
[  261.867260][    C0]  tick_nohz_restart_sched_tick+0x22/0x110
[  261.873069][    C0]  tick_nohz_idle_exit+0xfe/0x1d0
[  261.878091][    C0]  do_idle+0x1eb/0x230
[  261.882154][    C0]  cpu_startup_entry+0x25/0x30
[  261.886934][    C0]  start_secondary+0x96/0xa0
[  261.891531][    C0]  common_startup_64+0x12c/0x137
[  261.896479][    C0] 
[  261.898799][    C0] read to 0xffff888237d205dc of 1 bytes by interrupt on cpu 0:
[  261.906354][    C0]  tmigr_handle_remote+0x26e/0x940
[  261.911507][    C0]  run_timer_softirq+0x5f/0x70
[  261.916274][    C0]  handle_softirqs+0xbf/0x280
[  261.920974][    C0]  __irq_exit_rcu+0x3a/0xc0
[  261.925473][    C0]  sysvec_apic_timer_interrupt+0x73/0x80
[  261.931111][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  261.937109][    C0]  kcsan_setup_watchpoint+0x404/0x410
[  261.942503][    C0]  usb_start_wait_urb+0x63/0x190
[  261.947445][    C0]  usb_control_msg+0x182/0x240
[  261.952217][    C0]  hub_ext_port_status+0xbf/0x480
[  261.957239][    C0]  hub_event+0x538/0x2910
[  261.961561][    C0]  process_scheduled_works+0x483/0x9a0
[  261.967012][    C0]  worker_thread+0x51d/0x6f0
[  261.971592][    C0]  kthread+0x1d1/0x210
[  261.975658][    C0]  ret_from_fork+0x4b/0x60
[  261.980070][    C0]  ret_from_fork_asm+0x1a/0x30
[  261.984835][    C0] 
[  261.987148][    C0] value changed: 0x00 -> 0x01
[  261.991808][    C0] 
[  261.994118][    C0] Reported by Kernel Concurrency Sanitizer on:
[  262.000255][    C0] CPU: 0 UID: 0 PID: 3394 Comm: kworker/0:3 Tainted: G        W          6.12.0-syzkaller-10313-g7d4050728c83 #0
[  262.012140][    C0] Tainted: [W]=WARN
[  262.015935][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  262.026015][    C0] Workqueue: usb_hub_wq hub_event
[  262.031041][    C0] ==================================================================