last executing test programs:

1m4.519959765s ago: executing program 4 (id=1070):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1600000000000000040000000180000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000003000000000000000000000000000000000000000000000072d2e33fa7ef253a6f762166343e8a08cdb1b9799f15bab0bafd352cfcecc98303c21f3a02000000489cbc"], 0x48)
socket(0x40000000015, 0x5, 0x0)
syz_io_uring_setup(0x43d2, &(0x7f0000000200)={0x0, 0x3670, 0x10100, 0x2, 0x4}, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x2}})
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
write(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x401}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4048000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$key(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020900000700000002000000000000000500", @ANYRES32=<r2=>0xffffffffffffffff], 0x38}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf8}, 0x94)
link(0x0, &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0xc)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='net/fib_triestat\x00')
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
ftruncate(r4, 0x7fffffffffffffff)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e00000000000000fdff070008"], 0x50)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000280)={r5, 0x0, &(0x7f0000000200)=""/76}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000100000000000000", @ANYRES32, @ANYBLOB="00ffffffffdf00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYRES32], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)

1m4.460995249s ago: executing program 4 (id=1073):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64f1f11a85418018, 0x8, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x401}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000440)={'veth1_to_hsr\x00', <r4=>0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000006000000040000000000000500000000010000000000000e0100000000000000000000000000000900000000002e2e2e61"], 0x0, 0x46, 0x0, 0x1}, 0x28)
timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000003c0), 0x1, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={<r8=>0xffffffffffffffff})
recvmsg(r8, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)
r9 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000365d05000000cf6d9122c8d600000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x80}, {{0x18, 0x1, 0x1, 0x0, r10}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
ioctl$EVIOCGMASK(r9, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0)
r11 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r11, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000440)=@ethtool_regs={0x4, 0x0, 0x2f, "f42a637b0000dda5b89a02db8deea00b06ee73e9da31e2faa7a8c01332068d1962fcd5e4e4fc12d7a545aa3ed6bab3"}})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x74, r4, {0x0, 0x7}, {0xc, 0x4}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

1m3.999639366s ago: executing program 4 (id=1086):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000000)={@remote, @dev, <r1=>0x0}, &(0x7f0000000280)=0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ad00000000f844f10340f30000000c00", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000480)='ext4_update_sb\x00', r2, 0x0, 0x10000000fb9}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x8004587d, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffff65})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r7], 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000700)={&(0x7f0000000780)={0x44, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x81}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008001}, 0x41)
sendmsg$nl_route(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@ipv6_newrule={0x44, 0x20, 0x1, 0x0, 0x3, {0xa, 0x10, 0x80, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10017}, [@FRA_SRC={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @FRA_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x44}}, 0x40000)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x11, &(0x7f0000000bc0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x72}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r9}, 0x10)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2440, 0x0)
fcntl$setlease(r10, 0x400, 0x0)
utime(&(0x7f0000000080)='./file0\x00', 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="000000000055e080aa935ca26868780109ae7807158acc25ab6ac9130000003c0012800b000100697036746e6c00002c000280140003002001000000000000000200fc0200"/82], 0x5c}}, 0x0)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001500)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r14, @ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x4040001}, 0x8000)
sendmsg$AUDIT_USER_TTY(r10, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000540)={0x8c, 0x464, 0x604, 0x70bd28, 0x25dfdbfb, "98125a8a3ef7682a0b344f435a9cdaddf5dbb388b8292c1a6b75b1f785ca6e0c2b7f7b54ff0f217ea122d5689825f107e14e6214cd2224bfd0879b3b36934a656b152082954796943c9ad77fd66d3b90b413a1229a63ae22c7c8aa1516b5638c15d7af6725e56d4f049f65ef30748e758561ebb64c18798aa9", [""]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000001}, 0x28000005)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r12, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000940)=ANY=[@ANYBLOB="68020000", @ANYRES16=r14, @ANYBLOB="000227bd7000ffdbdf25880000000a00060008021100000100003c003300c0a40800080211000000080211000000080211000000a7b50e0045c012008c18a808ebbf957244648110e060cfcd3a9778b33202d94ab27329003300b0b80b00080211000000ffffffffffff50505050505021000c004980010002002d0010013f00000034003300a0949f00ffffffffffff080211000001ffffffffffff5a00020005c11e008c10b90517b91faf211f41e78b22736d03c2a001330018050400080211000000080211000001ffffffffffff6500080211000000080211000001ad00d12d7b5554a108abef8fda035b4913ceaa395274150aba60983ebbcf6347e7c51891eb0a600fc2b0d70cd1d63a7e859fdea6f8c4b98b07a6b638b0136249933eba5e86be8c00c850a45227a4b4d2c5eea9bd4ae07086330234a4bcc9daf59bc84ae184e353731977f2b2fb9253edf115a012960ed20a50cbe00a6d6e9aa6e66022dd294ece2f9b099a58c49f0558fe773a8bd80eaf62297eb064d23a5baeb364909d0774deb2b493b632a0c07c00080211000000080211000001b7000fee85c5f856c763c1672f4a94674c5b2ed022d44d2586050000008d4c83284ad3bec419cfd281df081a37c7fffed0e3fe99c1c4b40d20633d6823864c5741fa9fec749dc50653ce176d41ba221176d3014ee18fac872dc620ce777f1d17e9447eaa5137d6812de115dd796a2e3ab59b4a1b2368185e118968c612955d1a4c0cfcee58f6b6f5c365ff63b1b83449f3e17aaf66ef71e54c77234ebee6dae7fbb0c417d3a94b963b9408d035678554d6cf098c181908ffe70000000a0006000802110000000000"], 0x268}, 0x1, 0x0, 0x0, 0x40080}, 0x80)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r11, 0x400454d9, &(0x7f0000000040)={'bridge0\x00', 0x400})
close(r11)

1m3.911185723s ago: executing program 4 (id=1089):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000c00)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000100c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b100000000000000001be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b866aa339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f6688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRESHEX=0x0], 0x20, 0x11e2, &(0x7f0000002480)="$eJzs3MFrHFUcB/BfYm1rarNRa7UF8aEXvQzdHLzoZZEUpAtK2xVaQZiaWV123A2ZJbAiVk9e/TvEozdBvOklF/8Gb7l4zCE44m5iElkPQZOF8Plc5gfvfee9x8DADPNm561vPu13q6ybj2JxYSEWNyLSbooUi3Hgy3j9zZ9/eeneg4d3Wu322t2UbrfuN99IKS2//OMHn3/3yk+jK+9/v/zDpdhe+XDn99Xftq9v39j54/4nvSr1qjQYjlKeHg2Ho/xRWaT1XtXPUnqvLPKqSL1BVWwea++Ww42NccoH6wsRUVRVygfj1C/GaTRMo81xyj/Oe4OUZVm6uhT8F51vd+u6jqjrJ+Ni1HVdPxVLcSWejquxHI1YiWfi2XgursXzcT1eiBfjxqTXvOcNAAAAAAAAAAAAAAAAAAAA54v9/wAAAAAAAAAAAAAAAAAAADB/9x48vNNqt9fupnQ5ovx6q7PVmR6n7a1u9KKMIm5FI/Zisvt/alrffqe9ditNrMRX5eP9/OOtzhPH883J7wRm5pvTfDqevxRLR/Or0Yhrs/OrM/OX47VXj+SzaMSvH8UwyliPv7KH+S+aKb39bvsf+ZuTfgAAAHAeZOlvM5/fs+zf2qf5E7wfqPaH3M9fiJsX5rdupqrxZ/28LIvNUysuxqkPoVAoDoq9uq7/h/PM+87EWTi86POeCQAAAAAAAAAAACdxFp8lznuNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzJDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//9N2dOT")
chdir(&(0x7f00000000c0)='./file0\x00')
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000240)='./bus\x00', 0x1c7102, 0x1)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10)
timer_create(0x2, 0x0, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
unshare(0x64000600)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="5000000010000104000000000000000000000004", @ANYRES32=0x0, @ANYBLOB="08000000008000001c0012800b00010067656e65766500000c00028005000a00000000001400350067656e65766531000000000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x24000004}, 0x4048040)
ioctl$TUNSETOFFLOAD(r1, 0x4004743d, 0x110e22fff6)
syz_io_uring_setup(0x670b, &(0x7f0000000400)={0x0, 0xcc8d, 0x100, 0x3, 0x288}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0), 0x62000, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x40082404, &(0x7f0000000100)=0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r9 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$selinux_load(r9, &(0x7f0000000480)={0xf97cff8c, 0x8, 'SE Linux', "31c4ae4281862e2635c7f2a50163d96098d10dae8071fa902b6c8b922dba2acdcbc34f346348eaf781a98ef80a5784fb8ef01938d8331e7d53d8fa6ae07f6ef291897313e3c36bfe10b093122f3ac4da2aad282e3c0e3a7cf92d83648df4409d02a90b929660705735c31d2417905d1ca1410977d482dfbc0bcfd9339c8c68647cf2415509c7d3fe22bd701d82aad73869f80c34e2402dd29df73b34992f2693330051fa4635e319973ee8598cdc1ada4562f0b5c4349919cb176319e096b1a831118c84bada73e21bc23701f578b188974a7b5727072c712368c31df1caac97c8fd9a898d42ca81fa87796aaecdbc9921de46be656478175859c1fcbdfc3750b0f09af5d24247bcfb2eaad03fb506ce7a55a7370faf91e6c3ec0bb2596621dbb35efc4c1ab96d0e9258fb2055c30d4d3fe2839513b1ce32e685c40a2ac8e98c06df806adea2a111131f3a8b90707bb779f2d47589c4ee20dc022d25afd468a5c23a941b56afd90ac3e81dde24fda1e7678a893f5a21b9005ddd218d9b1dc1caa0755b7435a310c1fac6785f6f22b5da3a4060c53b07f9a01d6cce6bcf4d70d2bbec242ff5291a28ac5a740a93e519e8e3e8ab38b65993e26a64c95962676ccf612bcc8d16b1ad27e8c3beda45156f13f8137e5832e4fc36316f5c40233ef0657b80acf54ee29ec8d113f74c6659e2c2a810ca2d2ba98d7beaa7cd89bce4bd041312bb7f6de410f7685bcbcfabcdde27974ffacc3b992335d5f3607cbc3526f07d45a14e7b96a6e96a51926a0222d0289de53fa383030181dde72c133adb8c3900ffc03732d89cf6ea49d2b7235fc687d90a9ccd118b69f2b208a473f61639ac7c283556fcb8eb23e7cfa82e8989340077d0e8148d514004774e7b4b984eca6daab7beed8744193aaaebd52be520184fbabaad34a753206399f43159dede144664ad534489a6050950b17efda694289b7fe41b603d30a5135630bf02fed3831b91ef7a419926b1c9a68789e1eabf840e106aa2a00ff66db8f7c2f65a67ad7aeb063a69871f06e31ff3a28ddfebfb77595e87b58f357cb43bbf0d47917b8ded16c2fa0a11620fc325b9d3015966d7be036703c880b306fddc0ecb75ab655c760f3823d3b5a7ae7b3ef80cf455f46dbebd3af89dc855a808ca522e6f8335aeba9925386fcce54e85fb095752dbe0f674ad1846be259cabeff550ac4590b35aaf767773006e10594865215cd8e428fde5b401235f45058d9eae10f3810195aa64e85f731c03cefb5fd35d736ed00ea69b094f2e4cd29e5677ffc06ff6fff4cfad1e2f3a248bd649653483d380c1ca59958e393923dd0977c6e20b7ed62ed20f39ead513ff7210163a68fc740ee3ffa0baeba61b2ed46252270ea6c71525feab8a25836cdfd8431fb7687e7021657d1c88b52b6600a58f18a6018bc10d5c2c5bcd324582b6abb850a561963417da779475d1fe6e33c16af6f12d8a832c64c1d3a61f2e3390df31602ee69fcda6bac1d4706f23b67c069aa3e5acae554d1894e4d3393ee7eeecabf370d9dd4a7ad6dd187063a9f0659a7672c96fa3d6e10fbf9efb88c0d4c52b0aada257511c7bf05e928247c672403b07338e1d5981d9941a4fed63f9a272dbdcac770900a25d832466d202ce9e17a006d07d3dba8986a9ac9be09b0910667faa3a4d614892271a5ebb568629cb083517403c173c274776d8040612b66f8f1f95f49baeb1b3ad60b80710b1babd288dc3511bb1b677c0a732ca0d65a26408b6197c8dd1fa7cf2fa4616fb44e031a0872b6483505cb0c900449163ec637faa894b9521f6b20abfb4f054f64d1761e3f4db5e64fc91563716aefab007c079afcce81bc097b51364172445e1b789d1d3a0d59f1925a896270d683cc076aa8c3e9c0c7dc3d94e3b3438140b3e31c1f4762468602f2fe624dbf663ca2e335db401c8a939988243a42f47e77da1628c885479320789b122c6c7e04dd5a2ba6b9a27e7ea8272862a4ed7cd02d90d275c966bc783e476c93770259332de00f83a3d6afcee8bcb86940d6566a02048f9e2c736022a99309e0d8e23da750e32cefa2939188e60a65d74140c7073bdb8083516b494ac34a2aba132b5420a1cef6f25d7c0f788232478242548cf4dced45d93ef37a60d917b4d40f17ce6c9f3352a7f04bd77d090980624dc71945ada1f9d25865db30112772d74883992c32a3ecb6116d3f40b16c760709f3a36b668e65622ef4e121f0f2a675eca3863c2ae6b652368a917c08c079795cafca42af0f1ecddaa31cdb4b27e4e9b5c986194e23e84b4779f2f750ec1c664feff538bd99c2da190766cbf9a6722066f09f11a8d9cd0951d6886da60ee287ec88089b5be44c671e7a0c18bcf2e20dc77676cb2d5124c0f4a8217bbf3bd5314b24603aba342a9e8a0d8e16fb7fb6f5c761c24059ba908cea8f340afccf181ba887e816df755f8403b64414b1d7effde4da926bf6020b2aaa8f19040233da34effb6d9a8dd1fbe0d3c77c7c70560de02aacff46a2e6add6dfa6ee1e15af3c4e0670bdba1207a5ef5873ad5b70ca8d52e6c53499860ecd50cb5a5f3a89dc129e021e9f199d3dbf9898aa3974526c77ed731466c01c3ce89bb2aa5688eace124e351c57e7abdf34b97c4efd57b43dd64485fca40368edd546c88347d62d6a931595b1089b58b3055e5976c7a8ed90a531d9b14ae4e3be05da6515d5e877f321c366b862d37fc4526a169bd3d25f38696bfa6d6e9c57535ef52b083ac3f4ea97d5c10b07b77f007d440866feb77eb23a478f0a8a9cedad79f5eea69811b073a3f148cbd03a2a7fe359123222548397e14478169cc5710b2c19368224ec3bda4a94db61aacffcd887c49166f7474b7ed75137492e8b8a8d55afc78386553938bf5ec67116f14b2284ca5a3fd987b11f80052034281e9d4ee74872f9fc9355d6a1cea3adcc607516822ecc04952274a49635c9664f30e894201d049822bba699feca32000943bd5206278f3d1b3f909f921165f388e72afe77250543bc06614490241b9f3251a552b03dac93b3590da041dba92edd4b4f456916cb98b779055397bf357d2cb163492034cf5637c6eb2e791e76fce49dba262698f4b807dc92d8b1c60bb4b01d9b762129a847d385fbe9d44d9f471445eb675bb4ce0b5e4f938b188a3784333836a077930d556281c822a40ae1d7dd8913e779352f9a9fc863661fcddc80b1f8a9bd624a8332aae1df2de8020b522cd82121997c7cc2d2a68320b01275a773e8bfa52befad459a71d4e03e86b088c170abebbf6f598e3ad656d93b289d085b0783fcc2fb0eb70ebe7b45d486994619c26270313cadd518a7664ee976212700cd12d47503d47104a311a48a19772146ac3a5b38e5ce6d5b30deccdd989223bdaafec0eddf98a2af2cd0eea776e94038c85062b38b980bce4d25103e43fa38487a890ede01c1050d19e58d311ac3ac4d38ee5bd4e2ef25df2284fd7cae2aced4807ceedf92d7e21fcc0a791d37c2bfc818fb70bce9bce02e00f08eff7a0ea7e27cf8e0c5a53b85a43bd038cce23b826926f63c7aeca8d33dea84e9f61ab354ab4d4d66519fd1036cfef0ccc21a2b3b1d095bf8b29d42ce069fdc7703a91d0309abe89e75a1e36b7a4158bd784f1cf044619629ab1a8635574af578e1775290c2ebe09f34d1917be2be6e381da34f39ddcc02b005f97d33934a88b5dabfe84406169afa44c2a3952c54263d9010bf5fa28b5a68744c975ad63ddbc103409a9e2291debf25831597f50c405ed20dccca324ae9d61950c99545f50372ad4b24a5a0addee2817f802d3e42e1cb55f7ba3969210eb91be2a9e3c0a3a3d457731acceffa9af473641ffa557fc2271ed2a1a3b60f8ee403d4e693f87100aa9d38d6f5017d7bbbbe697d70492ba1326a98a8ebf321b26207913df2feb99f67f7f26f6833dc6026614a32e09a1908fe086d07a7f2657363ff4657d8e00fc7b292dddedb58b87f7d225ad526540279b0b4a2f02158f503345333ad31bb1ddc7137afd350387b020dbca86ff8b72f7da973c35f2019e6d369c4546c314446248e05ea23f132778974fa993c1815726860b7e602151c27483466b185764baf84d65015b8334862308658118231ccab2e1a57b3d95c0ece7d9e2e7f11506e5bd57b877f0627d1c647acd11817d843b14ad80936813e78132e102f2f54a8d49491db31771ebb067c0583bce063ae86d2582dfddea451792a45c3ea41d16b2b244cafbfb0f65f5ea4c07cc3ac8785c0c96fa82176790fcd51d02f3746754bbd7e4bef8654c0e1567c309063c8964b0ce436c072bb9eaca122384509506002032f1685ac232bec286f4442f6d73867a4fa88e4ea558d96f454293c56df4af3275481692ac34ae29e41d5d8e99eb9517d8b56996373324c773ea78cea658badd34c1963b42727fa7d574d24f9a567d9304512f698212530fa8e703c023d6742b7f1e96c19c4e91bb0f4c5bde64a2d0fc7a46cfd257d15fc94de9bdb90ee56e98cc2140f81aa549c37ff6da26fcffaf40ecc83f32ec6b8e3e3d4765da64e4bbb12dc671597f18a9755130d72d2c2c470fd0ad221ebf0d6c13660e479c0443b39ec62a35b6e886cc6e357d96b46ffd9c6777b831ead8c7b28aa387ae9dd9d41dd8ac44c1cf3462c29bd9c4461aec773a39e9f3991d7409e3a1255254c730dbc56eeb0b89e338d888ea73c16aba9294ac571d54625585dd6d1ebb7535827ed6b20e8a595261db15a8f04600fd795d44f842ed896ec01c3af4e0450b3ed6a2791b80b1cf34e9bc2eb6618e75518d72d4625c6ec3a11c0bbcf2a6fe0cb4c7b518e47e907f7a5c4670c7de979fba296d763cb4521a2ae0f19f64200b43928e1838bd81da42594acf8cd4e77a6ec588400d71e08fa6b97d2d0da6e830b593206dbf13f3a334a89dd42c7eb5b6d4960f6e266613d7b4d2efb9a0696ce9d5774346849101081e12247a4341f3376e74c9b527607e51a7cfb1f47e47b9560e607ea584048125cf71a9db3a44ceef1e55c01e565858ec5ac45538484a43cebbc6390f3604838206a7b18f5fba4b617e8e22cd6bc333946deb66cd7ef01a8fd0ff0ed8a9475e9be7505d65ead2576ac241704bf632bfa585db6ac96c117e0e48f472e1b2ffcf27ab82d40d2b4f5ca34e117a60062aeac41dd75fa2a7f8c88412c6e69372f5944dd61e644eca7f789b433c223a3b9233271ecd20b420df0c212a65281d1da9b1fd69add6159fc9483e69d12c7aae50963643d8917df35348d1f33d6be0faeaa5a125e2fcf0adb47c5d03052d76eb531745d29e2baf283b269db995bae5e351e6316e756f3e4a5b79b945b3dce616800c47d8f069f5da0d8fdcf42882af23c02ca092a0e9563e42c7af30355c7d55c5f14a64015e156979821654f9b9a5da07861f5db3436de1bd9b74a6e9f2665746d531a52566befc73205aa91b9366810a8a5dc924d4ed9aed259825856f0c7411bf17cdd12924177576df19601a4568cedf03665510cc8b07eb435563e1e91bebe9c2c0c9f6def0cc75aef8164256267515f64e0110382a916c8aefcd587b3fca12e9af2ca341bbe83beed1c6baf8ed4a1d8d7980a9355d11260d1fa4c36d1560963b6b29c9110a7f0e537c4074a5962f01656a2d95bf3455e1bd2380af40435659694342eeb9e353b38811caba455b6ae396c02ee59c7607d3c658e302312297a4005c4f660fa26b67bd4bd3cc15a3985a4ea123bff6cac188fda17d689020044fd35910cef6fd26737c4251a31c"}, 0x1010)

1m3.175991132s ago: executing program 4 (id=1099):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000000)={@remote, @dev, <r1=>0x0}, &(0x7f0000000280)=0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ad00000000f844f10340f30000000c00", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000480)='ext4_update_sb\x00', r2, 0x0, 0x10000000fb9}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x8004587d, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffff65})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r7], 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000700)={&(0x7f0000000780)={0x44, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x81}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008001}, 0x41)
sendmsg$nl_route(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@ipv6_newrule={0x44, 0x20, 0x1, 0x0, 0x3, {0xa, 0x10, 0x80, 0x0, 0x0, 0x0, 0x0, 0x3, 0x10017}, [@FRA_SRC={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @FRA_DST={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x44}}, 0x40000)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x11, &(0x7f0000000bc0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x72}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r9}, 0x10)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2440, 0x0)
fcntl$setlease(r10, 0x400, 0x0)
utime(&(0x7f0000000080)='./file0\x00', 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="000000000055e080aa935ca26868780109ae7807158acc25ab6ac9130000003c0012800b000100697036746e6c00002c000280140003002001000000000000000200fc0200"/82], 0x5c}}, 0x0)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001500)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r14, @ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x4040001}, 0x8000)
sendmsg$AUDIT_USER_TTY(r10, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000540)={0x8c, 0x464, 0x604, 0x70bd28, 0x25dfdbfb, "98125a8a3ef7682a0b344f435a9cdaddf5dbb388b8292c1a6b75b1f785ca6e0c2b7f7b54ff0f217ea122d5689825f107e14e6214cd2224bfd0879b3b36934a656b152082954796943c9ad77fd66d3b90b413a1229a63ae22c7c8aa1516b5638c15d7af6725e56d4f049f65ef30748e758561ebb64c18798aa9", [""]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000001}, 0x28000005)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r12, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000940)=ANY=[@ANYBLOB="68020000", @ANYRES16=r14, @ANYBLOB="000227bd7000ffdbdf25880000000a00060008021100000100003c003300c0a40800080211000000080211000000080211000000a7b50e0045c012008c18a808ebbf957244648110e060cfcd3a9778b33202d94ab27329003300b0b80b00080211000000ffffffffffff50505050505021000c004980010002002d0010013f00000034003300a0949f00ffffffffffff080211000001ffffffffffff5a00020005c11e008c10b90517b91faf211f41e78b22736d03c2a001330018050400080211000000080211000001ffffffffffff6500080211000000080211000001ad00d12d7b5554a108abef8fda035b4913ceaa395274150aba60983ebbcf6347e7c51891eb0a600fc2b0d70cd1d63a7e859fdea6f8c4b98b07a6b638b0136249933eba5e86be8c00c850a45227a4b4d2c5eea9bd4ae07086330234a4bcc9daf59bc84ae184e353731977f2b2fb9253edf115a012960ed20a50cbe00a6d6e9aa6e66022dd294ece2f9b099a58c49f0558fe773a8bd80eaf62297eb064d23a5baeb364909d0774deb2b493b632a0c07c00080211000000080211000001b7000fee85c5f856c763c1672f4a94674c5b2ed022d44d2586050000008d4c83284ad3bec419cfd281df081a37c7fffed0e3fe99c1c4b40d20633d6823864c5741fa9fec749dc50653ce176d41ba221176d3014ee18fac872dc620ce777f1d17e9447eaa5137d6812de115dd796a2e3ab59b4a1b2368185e118968c612955d1a4c0cfcee58f6b6f5c365ff63b1b83449f3e17aaf66ef71e54c77234ebee6dae7fbb0c417d3a94b963b9408d035678554d6cf098c181908ffe70000000a0006000802110000000000"], 0x268}, 0x1, 0x0, 0x0, 0x40080}, 0x80)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r11, 0x400454d9, &(0x7f0000000040)={'bridge0\x00', 0x400})
close(r11)

1m2.860577687s ago: executing program 4 (id=1110):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x3, 0x0, 0x7ffc1ffb}]})
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100), 0x780, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f00000002c0)={0x6, 0x0, 0x6})
syz_mount_image$iso9660(&(0x7f0000001440), &(0x7f0000001480)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="636865636b3d2600000000000000c3e8bc9495fe"], 0x1, 0x1430, &(0x7f0000002940)="$eJzs3XlwnOV9wPHfu5ZsIRMwYIwhBDY2pI7jGEkGExfaRugwSmyLsewOTP4IDhaMBmFncNomtJ2hM5meoTmbNElP2qRumgRSmjZ3yH3fBwk5yEnuRLnJ6c6z+8gSYB0GyXL8fD4eWavVs/s+r1fWd9/Vap/gN9mBAwcabw/w450vO5KT5ehzSe9dN996U3r7sxtjcSyKC6rXRLRFRD2iJSJWRrT29G4f3DrDFV0bcWVE3B5RRcSSaL6flSujemYcP/Hx7VG9OG2X+XeAoi301x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByNqp7ejo7OKrYMbNt5eX1qjSXAp/n8+PVdVkt/1y6bcbsRVXqLtrbxpb5XHn9wxfDqhPT3qljeOKda3liQPNrihqUrll10Sktt/PLTTOiI2Pe0G67dNTo6fP1CT2SBbO7bNjA0OLC1e3NffWBosL5p48aO8y7tH6r3D2zpG7piaEff1nrP9r7uHYPb62t6Hlnv3LRpQ71v/RWDO7dt7u3e0jd+5oWP7uro2Fh/3PrL+rq3Dw1uO+9x64d6Lh3YsmVg2+bGmPTpNObC9IX4+IEd9R193Vvr9atHRoc3zDTJNKhzNoO6ZhrU1dHV1dnZ1dW58YJNF1zY0dFyvzM67iPuN2Lhv2hZWPPyfRweiFruf2yJgdgWO+PyqB/yT0/0xvYYjK1TfD4b7/+55/VNu93J/T+zedaZyyb6f3I0+r+i2f8VU/V/irkcuT/74mlxQ1wbu2I0RmM4rl/wGR3ZP5ujL7bFQAzFYAzE1uhunFPP59RjU2yMjdERT4xLoz+Goh79MRBboi+G4ooYih3R1/iK6ont0RfdsSMGY3vUY030xCOjHp2xKTbFhqhHX6yPK2Iwdsa22By90d24lqtjpPHvvmGaOR4c1DmbQV3TDNJ/Hrz5+lYOh+3AeP8BgHJc0tet/wBQmG1D2zu69B8AirLD8T8AAAAAAAAAAAAAAAAAAAAAAAAAAADMtSpq8e2IeF7vWDV5Zcq2xoL/U15scdW4ZC2q5lq+0bZxw4U9/Z39vR0dHR2dF5w//eq/c+6kGBza0V3v2Xvdk68f3rdveHd9556Rq/buHp71NTzYyx+mi5fdvWTpimUXbUofrL1meM/Ivr0j1+26Zt42CACTtEQt7o6Is28Zqx6eWx5rd/b217f8fn1gz9V7J42tjS8T8CBbOcN9i/m2+IhuTdsBOAq1Ri2ui4jLFo1Vq1Lj832A2qMaCwMu9PSm1HjcoYp4bWgsAByuxVGLwYjYfdIrq9URsSiOgeP7tnSfoLETO3v7GzsyOrJrz1Oi8RjGouaoZfe90PhjH0f5fYllEY9Nc11szUYAHrglUYtXRcR1J7bFOY2fBwAAx7q2qEXzeX9j1bkLPRkAAAAAAAAAAAAAAAAAAAAAAAAAAAA4RlRRixdExLO/NFZ1TDr/Qa7//5j+IzL7g6z/DwCHoSVq8ZO8/n+n9f/nnrYDcBRqjVr8aV7/v8v6/wBQhMVRiyfm9f83WP//6L8vYf1/AObAkqjFW/L6/+db/x8AitAWtWg+72+sumChJwMAAAAAAAAAAAAAAAAAAAAAAAAAAADHiOOiFu+IiJdf/oeNdWUmr0s/eYWZ42dYbiZ9en0+PZs1+VrzWoO1Kv2Zwx0CAGbUFrW4uHFqrOpe6MkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR7Va1OKDEVHdMVZFFRE3RtSj+b5joScHAMyPqhZfjYiHfXws1T8uXnb3kqUrll20KSIWxaLGXYJq8vjBoR3d9Z691z35+uF9+4Z313fuGblq7+7h2W6urad3++DW+diRWVk8z/Nf/KBn2Jbuk02ytjHhnb39jUmPjuza85R0dq1a9KA3BUC52qIWv2ycGquqhZ4MAHBEtFa1eEhEPOln+w8ed7Y0j/lbmh911A5kL1k+cWzalu8sjN9nGH/c4JRpTh/y/sXaa4b3jOzbO3LdrmtmOghvy9t15AsAD05V1eLdEbH5SSsbXa2i/f6PQedx34uIC59dz+OiPY0bf8B7SSPubVePjA6vv2rv6O40/jkR8Z6XnpnH1xan8flORbROjO9IY2+JiDtePT42GmOX5LFtE2M709gLI2LXbfce25bHHjcxtiuNXRURo8+999jj8tj2ibEb5vdfGQCOLun4/48i4gXr9h9s83TH/+PH8Dvy+/k+/m+ddKG2vN3Wudp5AChUOkZ+bz7+b53h+P+jEXHLr8/M45rH0u3580snHc8f+b0AAA5HOv6/LPX8hfsPPpafj//zYfbE8f/Tl00cw+/O7+f7+H/JfY7/03ZPm6udB4BCpf5fEhFdV+w/+PP22fR//Lh/vvvfdp/+p+2unKudB4BCpf4/ISKGLtt/8Dl0s+n/mtX58vnj+er/cffpf9ru6XO29wBQptT/Z0TEH1++/+Dz4o+m/rcfov9nzdneA0CZUv+7I+LOV+w/+Jj+bPp/Rv7tgPl+/H/pffqftrt6zvYeAMpUxfKqWebWOLVxqn9gS5+n8AMAAMCxpLG+z/Lxh/urU6Ny/A8AAADHmipW5J//t8dpzVNXx0iMxrDl/wEAAOBY0fj5/4rmcn4R1WlROf4HAACAY82qxu//N34HoPHyv21xQ+PlelpqjccGqmrmEdW6WNkcsTKvCrQ7j2g+vlC19w9s6VvfM7jlos54RONVBhq/aXDIa2tt/PrB2ji9Oer0/JpE7fe+xrY0qnP9RZ2xNs5ojjyj+YqEq9ccYmRXc+TZzZFnTzNyQxoJAMe6VTP0eDb9XxvnNEec03xVwJYzDlHWDmUFgKPFqsbz/xvPAZiy/zOMqM6f4fj/5INPKVgfV8XeGI3dsa7x2waNZxwc8lrbJz0NYd0MjwZMjO2MdTM8HjAxtivWzfCIwMTYDUf8dgGA+bRqhg7Ppv/rZjj+b/eUQgA4qux72g3X7hodHb5+Hk8s9D4CAPem0gAAAAAAAAAAAAAAAAAAAAAAAAAAADD3jsTr/zvhhBO/aScW+jsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAsaGKWHSo82sRSyKiIyLOO/Kzmj83LvQEFlh1T9wTT40TFnoeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHmvz6/7Vovl/aPCtaahHnRsSVEfGEhZ7jXLpnoSewwCa9/n+6zeNAFS3Nmz2q1p7e7YNb083fWPuhdtfNt96U3h7IdtIVpC3ca3GJvIWpL3VS41LtvcP7rn3K3ifXey9pTPKSHf1berdu3v7YiYErqtsi6tF8Gzc+3z85903POsSe35b2dHbb7W9st/f+2z3tUJeefrvTGRkd7kpb2tF3+Y4/2DPy1EmfOrk6PWL1mog1997SNeltij08PVqn21o1Vv15dUI8P65s3P7pX6M6UKWb6MTG/h939cjo8Pqr9o7unmJOy6q0/7sj2mY/p9Ma308OqfFVV2tNW+1oDEp/LZ/++qY36Ro7p9iHk6qVEdF+WPuwcup9iFn8u+cZbZhiRqdUZx32LX3WDFs89DzHqjurS+OT8fRJ63/U0u1/bszmf2ca0xg56StlypG15sjGnndNe51T/q9kHjwjnhSPOXj71yZ9/8+31ZH5fjRpi0fo/0WjSMvvU6T83Weqy+R5Lm+OmmKep1arI1rOOKzvKKun/44yb///X1StiR/Ejdb/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjn5VxKJDnV+LODcilkXEienjesSBudherb2ai6t5wG5c0K0vvOqeuCeeGics9DwAAAAAAAAAmBuX9N518603pbfGz+MXxTnVayLamj/pb4mIZdXzWnt6tw9uneGKWiOujIjbH8Ac0uXi+ImPb08frXwAVwQAzEotavEXEVHdMVa9tmo+Ma4ezfcdCz05AGBepP7/Ze7/6/QfAIqQ+v9Xuf+v138AKELq/1/n/r9B/wGgCKn/f5P7/0b9B4AipP4/I/f/TfoPAEVI/b8p9//N+g8ARUj9/9vc/9v1HwCKkPr/zNz/t+g/ABQh9f9Zuf9v1X8AKELq/7Nz/9+m/wBQhNT/5+T+v13/AaAIqf/Pzf1/h/4DQBFS/5+X+/9O/QeAIqT+/13u/7v0HwCKkPr//Nz/d+s/ABQh9f8Fuf/v0X8AKELq/9/n/r9X/wGgCKn/L8z9f5/+A0ARUv9flPv/fv0HgCKk/r849/8D+g8ARUj9/4fc/w/qPwAUIfX/H3P/P6T/AFCE1P9/yv3/sP4DQBFS//859/8j+g8ARUj9/5fc/4/qPwAUIfX/X3P/P6b/AFCE1P+bc/8/rv8AUITU/3/L/f+E/gNAEVL//z33/5P6DwBFSP1/Se7/HfoPAEVI/X9p7v+n9B8AipD6/x+5/5/WfwAoQur//tz/O/UfAIqQ+v+fuf+f0X8AKELq/8ty/z+r/wBQhNT//8r9/5z+A0ARUv9fnvv/ef0HgCKk/r8i9/8u/QeAIqT+vzL3/wv6DwBFSP2/Jff/i/oPAEVI/b819/9L+g8ARUj9f1Xu/5f1HwCKkPr/37n/X9F/AChC6v9tuf9f1X8AKELq///k/t+t/wBQhNT/V+f+f03/AaAIqf//m/v/df0HgCKk/v9f7v839B8AipD6/5rc/2/qPwAUIfX/tbn/39J/AChC6v/rcv+/rf8AUITU/9fn/n9H/wGgCKn/b8j9/67+A0ARUv/fmPv/Pf0HgCKk/r8p939M/wGgCKn/b879/77+A0ARUv9vz/3/gf4DQBFS/9+S+/9D/QeAIqT+vzX3/0f6DwBFSP1/W+7/j/UfAIqQ+v/23P+f6D8AFCH1/x25/z/VfwAoQur/O3P/79F/AChC6v+7cv9/pv8AUITU/3fn/v9c/wGgCKn/78n9/4X+A0ARUv/fm/v/S/0HgCKk/r8v9/9X+g8ARUj9f3/u/6/1HwCKkPr/gdz/A/oPAEVI/f9Q7n/U9B8ASpD6/+Hc/0r/AaAIqf8fyf2v6T8AFCH1/6O5/4v0HwCKkPr/sdz/Fv0HgCKk/n88979V/wGgCKn/n8j9X6z/AFCE1P9P5v4v0X8AKELq/x25/236DwBFSP3/VO7/cfoPAEVI/f907n+7/gNAEVL/78z9X6r/AFCE1P/P5P4fr/8AUITU/8/m/j9E/wGgCKn/n8v9P0H/AaAIqf+fz/0/Uf8BoAip/3fl/i/TfwAoQur/F3L/T9J/AChC6v8Xc/9P1n8AKELq/5dy/0/RfwAoQur/l3P/l+s/ABQh9f8ruf+n6j8AFCH1/6u5/yv0HwCKkPp/d+7/afoPAEVI/f9a7v9K/QeAIqT+fz33/3T9B4AipP5/I/f/DP0HgCKk/n8z9/+h+g8ARUj9/1bu/5n6DwBFSP3/du7/w/QfAIqQ+v+d3P+z9B8AipD6/93c/7P1HwCKkPr/vdz/uv4DQBFS/8dy/x+u/wBQhNT/7+f+r9J/AChC6v8Pcv9X6z8AFCH1/4e5/+foPwAUIfX/R7n/5+o/ABQh9f/Huf+P0H8AKELq/09y/39L/wGgCKn/P839X6P/AFCE1P97cv8fqf8AUITU/5/l/q/VfwAoQur/z3P/H6X/AFCE1P9f5P6v038AKELq/y9z/x+t/wBQhNT/X+X+r9d/AChC6v+vc//P038AKELq/4Hc/w79B4AipP5H7n+n/gNAEVL/q9z/Lv0HgCLU8iMAqf8b9B8AipDqvyj3/3z9B4AipP635P5foP8AUITU/9bc/436DwBFSP1fnPt/of4DQBFS/5fk/j9G/wGgCKn/bbn/m/QfAIqQ+n9c7v9v6z8AFCH1vz33/yL9B4AipP4vzf2/WP8BoAip/8fn/v+O/gNAEVL/H5L7/7v6DwBFSP0/Iff/9/QfAIqQ+n9i7v9j9R8AipD6vyz3v1v/AaAIqf8n5f5fov8AUITU/5Nz/3v0HwCKkPp/Su5/r/4DQBFS/5fn/vfpPwAUIfX/1Nz/fv0HgCKk/q/I/d+s/wBQhNT/03L/L9V/AChC6v/K3P8B/QeAIqT+n577/zj9B4AipP6fkfv/eP0HgCKk/j8093+L/gNAEVL/z8z936r/AFCE1P+H5f5v038AKELq/1m5/4P6DwBF+P8AAAD///2ccz4=")
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a3100000000e8010000030a01020000000000000000010000000900030073797a3200000000280004800800024000000000080001400000000514000300626174616476300000000000000000000900010073797a31000000000900010073797a3100000000340008800c00024000000000000080010c00024000000000000000040c00014000000000000000000c00014000000000000000014c000480080002404c82f47c080001400000000008000140000000010800014000000003080002404f32945f080001400000000308000140000000020800024019885f270800014000000003fd000c00a03ac330bf11a2145946e6d945deece8485ee69dbc29a8dd5dbce127f829a3adf5c4171b4bedbbc9b913a67b9ee679020f0200000064419faae0136b893d91d95b1174f115798a1abfdc06983fb83f2116a85a00dd35cdf9d8f81683e5e2ebcca132a712e0be44c12c02ac92fbbb86ed717ce0cbd6a0134f899e23ca6d2f063d26be86555cc0e9c7a25d77e6c0f4217794be96b5d797e3116d874c3adfb096e0567ec28bd1e4d8d6713109695f1f3a877d89d20e19304501aeb851d14c4f9b2d769d554fe5308810d19bb040c1977bce50b894f2c45a1f0e80c8256b6dcb072f9d91d94a67bba9f62eb2f192fa4b3786d9a774b99aa332dfbb000000080007006e6174"], 0x25c}}, 0x0)

1m2.860398547s ago: executing program 32 (id=1110):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x3, 0x0, 0x7ffc1ffb}]})
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100), 0x780, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f00000002c0)={0x6, 0x0, 0x6})
syz_mount_image$iso9660(&(0x7f0000001440), &(0x7f0000001480)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="636865636b3d2600000000000000c3e8bc9495fe"], 0x1, 0x1430, &(0x7f0000002940)="$eJzs3XlwnOV9wPHfu5ZsIRMwYIwhBDY2pI7jGEkGExfaRugwSmyLsewOTP4IDhaMBmFncNomtJ2hM5meoTmbNElP2qRumgRSmjZ3yH3fBwk5yEnuRLnJ6c6z+8gSYB0GyXL8fD4eWavVs/s+r1fWd9/Vap/gN9mBAwcabw/w450vO5KT5ehzSe9dN996U3r7sxtjcSyKC6rXRLRFRD2iJSJWRrT29G4f3DrDFV0bcWVE3B5RRcSSaL6flSujemYcP/Hx7VG9OG2X+XeAoi301x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByNqp7ejo7OKrYMbNt5eX1qjSXAp/n8+PVdVkt/1y6bcbsRVXqLtrbxpb5XHn9wxfDqhPT3qljeOKda3liQPNrihqUrll10Sktt/PLTTOiI2Pe0G67dNTo6fP1CT2SBbO7bNjA0OLC1e3NffWBosL5p48aO8y7tH6r3D2zpG7piaEff1nrP9r7uHYPb62t6Hlnv3LRpQ71v/RWDO7dt7u3e0jd+5oWP7uro2Fh/3PrL+rq3Dw1uO+9x64d6Lh3YsmVg2+bGmPTpNObC9IX4+IEd9R193Vvr9atHRoc3zDTJNKhzNoO6ZhrU1dHV1dnZ1dW58YJNF1zY0dFyvzM67iPuN2Lhv2hZWPPyfRweiFruf2yJgdgWO+PyqB/yT0/0xvYYjK1TfD4b7/+55/VNu93J/T+zedaZyyb6f3I0+r+i2f8VU/V/irkcuT/74mlxQ1wbu2I0RmM4rl/wGR3ZP5ujL7bFQAzFYAzE1uhunFPP59RjU2yMjdERT4xLoz+Goh79MRBboi+G4ooYih3R1/iK6ont0RfdsSMGY3vUY030xCOjHp2xKTbFhqhHX6yPK2Iwdsa22By90d24lqtjpPHvvmGaOR4c1DmbQV3TDNJ/Hrz5+lYOh+3AeP8BgHJc0tet/wBQmG1D2zu69B8AirLD8T8AAAAAAAAAAAAAAAAAAAAAAAAAAADMtSpq8e2IeF7vWDV5Zcq2xoL/U15scdW4ZC2q5lq+0bZxw4U9/Z39vR0dHR2dF5w//eq/c+6kGBza0V3v2Xvdk68f3rdveHd9556Rq/buHp71NTzYyx+mi5fdvWTpimUXbUofrL1meM/Ivr0j1+26Zt42CACTtEQt7o6Is28Zqx6eWx5rd/b217f8fn1gz9V7J42tjS8T8CBbOcN9i/m2+IhuTdsBOAq1Ri2ui4jLFo1Vq1Lj832A2qMaCwMu9PSm1HjcoYp4bWgsAByuxVGLwYjYfdIrq9URsSiOgeP7tnSfoLETO3v7GzsyOrJrz1Oi8RjGouaoZfe90PhjH0f5fYllEY9Nc11szUYAHrglUYtXRcR1J7bFOY2fBwAAx7q2qEXzeX9j1bkLPRkAAAAAAAAAAAAAAAAAAAAAAAAAAAA4RlRRixdExLO/NFZ1TDr/Qa7//5j+IzL7g6z/DwCHoSVq8ZO8/n+n9f/nnrYDcBRqjVr8aV7/v8v6/wBQhMVRiyfm9f83WP//6L8vYf1/AObAkqjFW/L6/+db/x8AitAWtWg+72+sumChJwMAAAAAAAAAAAAAAAAAAAAAAAAAAADHiOOiFu+IiJdf/oeNdWUmr0s/eYWZ42dYbiZ9en0+PZs1+VrzWoO1Kv2Zwx0CAGbUFrW4uHFqrOpe6MkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR7Va1OKDEVHdMVZFFRE3RtSj+b5joScHAMyPqhZfjYiHfXws1T8uXnb3kqUrll20KSIWxaLGXYJq8vjBoR3d9Z691z35+uF9+4Z313fuGblq7+7h2W6urad3++DW+diRWVk8z/Nf/KBn2Jbuk02ytjHhnb39jUmPjuza85R0dq1a9KA3BUC52qIWv2ycGquqhZ4MAHBEtFa1eEhEPOln+w8ed7Y0j/lbmh911A5kL1k+cWzalu8sjN9nGH/c4JRpTh/y/sXaa4b3jOzbO3LdrmtmOghvy9t15AsAD05V1eLdEbH5SSsbXa2i/f6PQedx34uIC59dz+OiPY0bf8B7SSPubVePjA6vv2rv6O40/jkR8Z6XnpnH1xan8flORbROjO9IY2+JiDtePT42GmOX5LFtE2M709gLI2LXbfce25bHHjcxtiuNXRURo8+999jj8tj2ibEb5vdfGQCOLun4/48i4gXr9h9s83TH/+PH8Dvy+/k+/m+ddKG2vN3Wudp5AChUOkZ+bz7+b53h+P+jEXHLr8/M45rH0u3580snHc8f+b0AAA5HOv6/LPX8hfsPPpafj//zYfbE8f/Tl00cw+/O7+f7+H/JfY7/03ZPm6udB4BCpf5fEhFdV+w/+PP22fR//Lh/vvvfdp/+p+2unKudB4BCpf4/ISKGLtt/8Dl0s+n/mtX58vnj+er/cffpf9ru6XO29wBQptT/Z0TEH1++/+Dz4o+m/rcfov9nzdneA0CZUv+7I+LOV+w/+Jj+bPp/Rv7tgPl+/H/pffqftrt6zvYeAMpUxfKqWebWOLVxqn9gS5+n8AMAAMCxpLG+z/Lxh/urU6Ny/A8AAADHmipW5J//t8dpzVNXx0iMxrDl/wEAAOBY0fj5/4rmcn4R1WlROf4HAACAY82qxu//N34HoPHyv21xQ+PlelpqjccGqmrmEdW6WNkcsTKvCrQ7j2g+vlC19w9s6VvfM7jlos54RONVBhq/aXDIa2tt/PrB2ji9Oer0/JpE7fe+xrY0qnP9RZ2xNs5ojjyj+YqEq9ccYmRXc+TZzZFnTzNyQxoJAMe6VTP0eDb9XxvnNEec03xVwJYzDlHWDmUFgKPFqsbz/xvPAZiy/zOMqM6f4fj/5INPKVgfV8XeGI3dsa7x2waNZxwc8lrbJz0NYd0MjwZMjO2MdTM8HjAxtivWzfCIwMTYDUf8dgGA+bRqhg7Ppv/rZjj+b/eUQgA4qux72g3X7hodHb5+Hk8s9D4CAPem0gAAAAAAAAAAAAAAAAAAAAAAAAAAADD3jsTr/zvhhBO/aScW+jsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAsaGKWHSo82sRSyKiIyLOO/Kzmj83LvQEFlh1T9wTT40TFnoeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHmvz6/7Vovl/aPCtaahHnRsSVEfGEhZ7jXLpnoSewwCa9/n+6zeNAFS3Nmz2q1p7e7YNb083fWPuhdtfNt96U3h7IdtIVpC3ca3GJvIWpL3VS41LtvcP7rn3K3ifXey9pTPKSHf1berdu3v7YiYErqtsi6tF8Gzc+3z85903POsSe35b2dHbb7W9st/f+2z3tUJeefrvTGRkd7kpb2tF3+Y4/2DPy1EmfOrk6PWL1mog1997SNeltij08PVqn21o1Vv15dUI8P65s3P7pX6M6UKWb6MTG/h939cjo8Pqr9o7unmJOy6q0/7sj2mY/p9Ma308OqfFVV2tNW+1oDEp/LZ/++qY36Ro7p9iHk6qVEdF+WPuwcup9iFn8u+cZbZhiRqdUZx32LX3WDFs89DzHqjurS+OT8fRJ63/U0u1/bszmf2ca0xg56StlypG15sjGnndNe51T/q9kHjwjnhSPOXj71yZ9/8+31ZH5fjRpi0fo/0WjSMvvU6T83Weqy+R5Lm+OmmKep1arI1rOOKzvKKun/44yb///X1StiR/Ejdb/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjn5VxKJDnV+LODcilkXEienjesSBudherb2ai6t5wG5c0K0vvOqeuCeeGics9DwAAAAAAAAAmBuX9N518603pbfGz+MXxTnVayLamj/pb4mIZdXzWnt6tw9uneGKWiOujIjbH8Ac0uXi+ImPb08frXwAVwQAzEotavEXEVHdMVa9tmo+Ma4ezfcdCz05AGBepP7/Ze7/6/QfAIqQ+v9Xuf+v138AKELq/1/n/r9B/wGgCKn/f5P7/0b9B4AipP4/I/f/TfoPAEVI/b8p9//N+g8ARUj9/9vc/9v1HwCKkPr/zNz/t+g/ABQh9f9Zuf9v1X8AKELq/7Nz/9+m/wBQhNT/5+T+v13/AaAIqf/Pzf1/h/4DQBFS/5+X+/9O/QeAIqT+/13u/7v0HwCKkPr//Nz/d+s/ABQh9f8Fuf/v0X8AKELq/9/n/r9X/wGgCKn/L8z9f5/+A0ARUv9flPv/fv0HgCKk/r849/8D+g8ARUj9/4fc/w/qPwAUIfX/H3P/P6T/AFCE1P9/yv3/sP4DQBFS//859/8j+g8ARUj9/5fc/4/qPwAUIfX/X3P/P6b/AFCE1P+bc/8/rv8AUITU/3/L/f+E/gNAEVL//z33/5P6DwBFSP1/Se7/HfoPAEVI/X9p7v+n9B8AipD6/x+5/5/WfwAoQur//tz/O/UfAIqQ+v+fuf+f0X8AKELq/8ty/z+r/wBQhNT//8r9/5z+A0ARUv9fnvv/ef0HgCKk/r8i9/8u/QeAIqT+vzL3/wv6DwBFSP2/Jff/i/oPAEVI/b819/9L+g8ARUj9f1Xu/5f1HwCKkPr/37n/X9F/AChC6v9tuf9f1X8AKELq///k/t+t/wBQhNT/V+f+f03/AaAIqf//m/v/df0HgCKk/v9f7v839B8AipD6/5rc/2/qPwAUIfX/tbn/39J/AChC6v/rcv+/rf8AUITU/9fn/n9H/wGgCKn/b8j9/67+A0ARUv/fmPv/Pf0HgCKk/r8p939M/wGgCKn/b879/77+A0ARUv9vz/3/gf4DQBFS/9+S+/9D/QeAIqT+vzX3/0f6DwBFSP1/W+7/j/UfAIqQ+v/23P+f6D8AFCH1/x25/z/VfwAoQur/O3P/79F/AChC6v+7cv9/pv8AUITU/3fn/v9c/wGgCKn/78n9/4X+A0ARUv/fm/v/S/0HgCKk/r8v9/9X+g8ARUj9f3/u/6/1HwCKkPr/gdz/A/oPAEVI/f9Q7n/U9B8ASpD6/+Hc/0r/AaAIqf8fyf2v6T8AFCH1/6O5/4v0HwCKkPr/sdz/Fv0HgCKk/n88979V/wGgCKn/n8j9X6z/AFCE1P9P5v4v0X8AKELq/x25/236DwBFSP3/VO7/cfoPAEVI/f907n+7/gNAEVL/78z9X6r/AFCE1P/P5P4fr/8AUITU/8/m/j9E/wGgCKn/n8v9P0H/AaAIqf+fz/0/Uf8BoAip/3fl/i/TfwAoQur/F3L/T9J/AChC6v8Xc/9P1n8AKELq/5dy/0/RfwAoQur/l3P/l+s/ABQh9f8ruf+n6j8AFCH1/6u5/yv0HwCKkPp/d+7/afoPAEVI/f9a7v9K/QeAIqT+fz33/3T9B4AipP5/I/f/DP0HgCKk/n8z9/+h+g8ARUj9/1bu/5n6DwBFSP3/du7/w/QfAIqQ+v+d3P+z9B8AipD6/93c/7P1HwCKkPr/vdz/uv4DQBFS/8dy/x+u/wBQhNT/7+f+r9J/AChC6v8Pcv9X6z8AFCH1/4e5/+foPwAUIfX/R7n/5+o/ABQh9f/Huf+P0H8AKELq/09y/39L/wGgCKn/P839X6P/AFCE1P97cv8fqf8AUITU/5/l/q/VfwAoQur/z3P/H6X/AFCE1P9f5P6v038AKELq/y9z/x+t/wBQhNT/X+X+r9d/AChC6v+vc//P038AKELq/4Hc/w79B4AipP5H7n+n/gNAEVL/q9z/Lv0HgCLU8iMAqf8b9B8AipDqvyj3/3z9B4AipP635P5foP8AUITU/9bc/436DwBFSP1fnPt/of4DQBFS/5fk/j9G/wGgCKn/bbn/m/QfAIqQ+n9c7v9v6z8AFCH1vz33/yL9B4AipP4vzf2/WP8BoAip/8fn/v+O/gNAEVL/H5L7/7v6DwBFSP0/Iff/9/QfAIqQ+n9i7v9j9R8AipD6vyz3v1v/AaAIqf8n5f5fov8AUITU/5Nz/3v0HwCKkPp/Su5/r/4DQBFS/5fn/vfpPwAUIfX/1Nz/fv0HgCKk/q/I/d+s/wBQhNT/03L/L9V/AChC6v/K3P8B/QeAIqT+n577/zj9B4AipP6fkfv/eP0HgCKk/j8093+L/gNAEVL/z8z936r/AFCE1P+H5f5v038AKELq/1m5/4P6DwBF+P8AAAD///2ccz4=")
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a3100000000e8010000030a01020000000000000000010000000900030073797a3200000000280004800800024000000000080001400000000514000300626174616476300000000000000000000900010073797a31000000000900010073797a3100000000340008800c00024000000000000080010c00024000000000000000040c00014000000000000000000c00014000000000000000014c000480080002404c82f47c080001400000000008000140000000010800014000000003080002404f32945f080001400000000308000140000000020800024019885f270800014000000003fd000c00a03ac330bf11a2145946e6d945deece8485ee69dbc29a8dd5dbce127f829a3adf5c4171b4bedbbc9b913a67b9ee679020f0200000064419faae0136b893d91d95b1174f115798a1abfdc06983fb83f2116a85a00dd35cdf9d8f81683e5e2ebcca132a712e0be44c12c02ac92fbbb86ed717ce0cbd6a0134f899e23ca6d2f063d26be86555cc0e9c7a25d77e6c0f4217794be96b5d797e3116d874c3adfb096e0567ec28bd1e4d8d6713109695f1f3a877d89d20e19304501aeb851d14c4f9b2d769d554fe5308810d19bb040c1977bce50b894f2c45a1f0e80c8256b6dcb072f9d91d94a67bba9f62eb2f192fa4b3786d9a774b99aa332dfbb000000080007006e6174"], 0x25c}}, 0x0)

4.105566692s ago: executing program 5 (id=2150):
gettid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
timerfd_create(0x8, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000100000028"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4, 0x0, 0x800000000000000}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x100007, 0x4, 0x25, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000002c0)={r5, &(0x7f00000001c0), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x183001, 0x0)
r7 = epoll_create1(0x80000)
epoll_pwait(r7, &(0x7f0000000100)=[{}], 0x1, 0xfffffffe, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000)={0x90000000})
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r8}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r8], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x572, &(0x7f0000001600)="$eJzs3d9rU+cbAPDnpKm/v99WENnGGAUv5nCmtt0PB7twl2OTCdu9C2ks0tRIk4rthOnFvNnNkMEYE8but3svZf/A/gphCjKkbBe76TjpSW1t0jbamur5fCDyvnlP+p7nvOd5fU9OQgLIrZH0n0LEqxHxXRIxFBFJ1laMrHFkebvFR9cq6SOJpaXP/0pa26X19t9qv+5gVnklIn7/JuJEYX2/jfmF6XKtVp3N6qPNmcujjfmFkxdnylPVqeql8YmJ0+9OjH/w/nvbFutb5/758bO7H5/+9tjiD789OHwriTNxKGtbHcem9nVtub66MhIj2TEZjDNPbDjWy46/AJJ+7wBPZSDL88FI54ChGMiyHnj5fR0RS0BOJfIfcqq9Dmhf2/d0HfwSePjR8gXQ+viLy++NxL7WtdGBxWTNlVF6vTu8Df2nfdy5f/tW+ohe34cAeAbXb0TEqWJx/fyXZPPf0zu1hW2e7MP8B8/P3XT983an9U9hZf0THdY/Bzvk7tPYPP8LD7ahm67S9d+HHde/Kzethgey2v9aa77B5MLFWjWd2/4fEcdjcG9a3+h+zunFe0vd2lav/+6kh/rRtUp7LZjtx4Pi3rWvmSw3y88S82oPb0S81nH9m6yMf9Jh/NPjcW6LfRyt3n6jW9ua+O/fvrW4Lv6dtfRLxJsdx//xHa1k4/uTo63zYbR9Vqz3982jf3Trv9/xp+N/YOP4h5PV92sbvffx875/q93a1sQfneLvfP7vSb5olfdkz10tN5uzYxF7kk/XPz/++LXtenv7NP7jxzae/zqd//sj4sstxn/zyK+vbyn+Po3/ZE/j33vh3idf/dSt/83jT8f/nVbpePZMNv8NbRTXVnfwWY8fAAAAAAAA7CaFiDgUSaG0Ui4USqXlz3cciQOFWr3RPHGhPndpMlrflR2OwUL7TvfQqs9DjGWfh23Xx5+oT0TE4Yj4fmB/q16q1GuT/Q4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/pzoN97B+w4P/kN+bVp/m/HLz0Bu5L//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+rc2bPpY2nx0bVKWp+8Mj83Xb9ycrLamC7NzFVKlfrs5dJUvT5Vq5Yq9ZnN/l6tXr88Nh5zV0eb1UZztDG/cH6mPnepef7iTHmqer46+FyiAgAAAAAAAAAAAAAAAAAAgBdLY35hulyrVWd3qpDsfBcK/SwUd8du5KdQjOfSV79nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB47L8AAAD//84fMw8=")
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x1)
fallocate(r9, 0x0, 0x0, 0x8000c62)
r10 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r10, r10, 0x0, 0x100000800000009)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000feffffff0000000000000000850000002a00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.12207737s ago: executing program 5 (id=2166):
r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x3a200, 0x0)
waitid$P_PIDFD(0x3, r0, &(0x7f00000003c0), 0x1000000, &(0x7f0000000780))
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xb}]})
fadvise64(r1, 0x9, 0x0, 0x1)
close(r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x100, 0x2000, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20)
symlinkat(0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)

2.294345437s ago: executing program 3 (id=2180):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
r0 = epoll_create(0x3ff)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0000000})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000280)={0x2000000})

2.246481771s ago: executing program 3 (id=2181):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000014007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x9, 0x6}, 0x8d14, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getresuid(&(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000500))
shmat(0x0, &(0x7f0000ff2000/0xb000)=nil, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)

1.936055516s ago: executing program 5 (id=2182):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x58, &(0x7f00000001c0)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r3, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
write(r0, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e21}, 0x6e)

1.88142791s ago: executing program 3 (id=2183):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x58, &(0x7f00000001c0)=<r2=>0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r3, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
write(r0, 0x0, 0x0)
recvmmsg$unix(r0, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x180, 0x0)
connect$unix(r1, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e21}, 0x6e)

1.87911201s ago: executing program 0 (id=2184):
syz_emit_ethernet(0x42, &(0x7f0000000340)={@broadcast, @random="0000060000ff", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0xc, 0x11, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, {[], {0x4e21, 0x4e21, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x3800480, &(0x7f0000000680), 0x45, 0x792, &(0x7f0000001740)="$eJzs3c9rXNUeAPDvnfxO+17y4MF7dRUQNFA6MTW2Ci4qLkSwUNC1bZhMQ80kUzKT0oSALSK4EVRcCHbTtT/qzq0/tvpfuJCWqmmx4kIidzKTTJqZdNJmZmr7+cDNnHPPnTnne8/9cTL3MjeAx9ZY+icTcSgiPkgiRqrzk4joq6R6I05sLHdnbTWXTkmsr7/+a1JZ5vbaai7q3pM6UM38PyK+ezficGZnvaXllbnpQiG/WM1PlOfPT5SWV46cm5+ezc/mF45NTk0dPf7c8WP7F+vvP64cvPHhK09/eeLPd/537f3vkzgRB6tl9XHsl7EYq66TvnQVbvPyflfWZcnuxQ22AB4Gacf0bOzlcShGoqeSamKoky0DANrl7YhYb6anaQkA8I+WND//AwCPpNr3ALfXVnO1qbvfSHTWzZciYnAj/tr1zY2S3uo1u8HKddDh28m2KyNJRIzuQ/1jEXHl6zc/T6do03VIgEYuXY6IM6NjO4//yY57Fra5khm812c/00L9Y3flHf+gc75Jxz/PNxr/ZTbHP9Fg/DPQYN+9H/fe/zPX96GaptLx34t197bdqYu/arSnmvtXZczXl5w9V8inx7Z/R8R49A2k+cld6hi/9detZmX147/fPnrrs7T+9HVricz13oHt75mZLk8/SMz1bl6OeKK3UfzJZv8nTca/p1qs49UX3vu0WVkafxpvbdoZf3utX414qmH/b93Rlux6f+JEZXOYqG0UDXz10yfDzeqv7/90Suuv/S/QCWn/DzeKv29zkdGk/n7N0t7r+OHqyLfNyu4df+Ptvz95o5Lur867OF0uL05G9Cev7Zx/dOu9tXxt+TT+8Scb7/+7bf/p6jnTYvy9N3754v7jb680/pndt/+7+n/viWt35nqa1d9a/09VUuPVOa0c/1pt4IOsOwAAAAAAAAAAAAAAAAAAAAAAAABoVSYiDkaSyW6mM5lsduMZ3v+N4UyhWCofPltcWpiJyrOyR6MvU/upy5G630OdrP4efi1/9K78sxHxn4j4eGCoks/mioWZbgcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFUHmjz/P/XzQLdbBwC0zWBPt1sAAHTaYG+3WwAAdNrgnpYeals7AIDO2dv5HwB4FDj/A8Djx/kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANjt18mQ6rf+xtppL8zMXlpfmiheOzORLc9n5pVw2V1w8n50tFmcL+WyuON/0gy5tvBSKxfNTsbB0caKcL5UnSssrp+eLSwvl0+fmp2fzp/N9HYsMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFpXWl6Zmy4U8osSEhJ7TsSljf3oYWnP/iWif+soMdS14xMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAw+7vAAAA///CgSeR")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r4=>r2, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000000906010200000c0000000000020000000900020073797a310000000005000100070000002c0007801800018014000240fe8000000000000000000000000000bb060004404e1f0000050007"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[@ANYRES16, @ANYRES8=r4], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
syz_mount_image$iso9660(&(0x7f0000000780), &(0x7f0000000000)='./file0\x00', 0x21488b, &(0x7f0000001f80)=ANY=[@ANYBLOB='map=acorn,sbsector=0x0000000000000000,uid=', @ANYRESDEC=0x0, @ANYBLOB="0000b18eb07a9dbec07d91edf772ce16e8f4545927e1e38533740c5b1da10b839e7f00a468d364205a63adda5262cda8e690d1049c884d79e243210c733da8adfb6db6f3b3464a433ae5d7129bf0e9b1ca805a08f3cacf9bce83fd7888eb1f09a8a7f55959926a7fd5ac27fd519bccdcfda872f50365616970a8fac5ebb07daeea094ad02936ccc35cf6c0f3b43e9263745fc3a07da88b7b0ef9147959831d88ee55928323a4039433f66a85be5c2b522cc3af91efef9a6acc76a07f96e988e08e291cac80c01763347ff2447e72872ff1c044651eb34e189378b907d28bba81b06bc579537f9ffc9ac25f988893c3fbb7ec569231d1bc0ae098804f7d08c8edfa2c39d79605ab59a374b4d1f62700"/286, @ANYRES16, @ANYBLOB="48aa122ce7bad1d4005fd66df97f8ec44bbc8f22ca2298ce346671617bb371da3c639abd9ee548b49a9c10009f28579f82efb3cf18d7e4f7d0cda9f6feec4c5df95db277defa1414ccf2075e6fd144cdc7881f843f1574502ce415c27f3cec8893fe5950104e7d7b43440fd107294cf00fe8000000000000", @ANYRESOCT], 0x1, 0x65b, &(0x7f00000007c0)="$eJzs3V1rG+n5x/HfyLKs+A/hT1uWEPJwJ+mCQ1NFkjcOIoV2OhrZs5U0YkZubSgs6cZeQuRsm6TQ+GTJSR9g+wb2bE+W0hdR6HHfRQ8LS3tW6MmUebJsS7LkRLF3t9+PiefWzDVzX/eMMhdjSSMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABZTrNarVlqe93NLTOZ0wz8zgnL060t6nbauD2mqy+O9CtZ8T+Vy7qUzrr0neHid+JfN3UlfXRF5XhS1v7/vfP/D75dLOTrn5DQ61AkzbDNUpakMc9f7j95OBjsPJtzIl8BKswQtO52vdD3Ova6a7zQN421terdjVZoWl5J4XbYdzvGCdxC3w/MinPb1BqNVeNWtv3N7nrTbrv5zPvfr1era+b9pWzP3n2/EjobXrvtddeTmHhxHHPffPrzNMS1O8bsPh7srE5LMg6qzRJUnxZUr9brtVq9Xlu717h3v1otjsyoHqORiLk/afE1M7+TN/CGCnH9/7sltVVWV5vakhn746ipQL46E5Zn8vr/7l33xH4P1/+8yl8aLr6spP5fSx9dm1T/J+RiZJIVxi2xJsx/vZ/neql9PdFDDTTQjp7NZ7vX55fh2/1Zl4qSp1C+PHVka12uTDbHqKE1ramqD7ShlkIZteSpLVehthWqL1ed5JgEcmUnrdiKHN2WUU0NNbQqI1cVbcvXprpaV1O2/h1F0a4eJ/t99YQclQfVZgmqnxA0qf7/4pM066n13xL1/xstP3/NEgOcuyi7/j+l628nGwAAAAAA8DZYyV/freS1+6uSIrW8tls977QAAAAAAMAcJa/8X4kni3HrqqwJ1//R2ecGAAAAAADmw0o+Y2dJWk7e1G8NPwk1y5sAFs4gRQAAAAAA8IaS1/+vlaQouffadVmnuv4HAAAAAABfA78/dI/9Yn6P3Sh/Wb8gKewtWX/555KCRetVb+u71p4dL7H3spiRdwD0W5eti9mNepNJSVLyyHGvWFfToOwmmFa++pe70+71bwXHEigt5H++mJbAWjF7pE91I425UU6nj/YLSpakvSy3vLZbcfz2g5ps+2Kh7271f/308W+k4GCcu48HO5UPPx48SnJ5Fc96tRfn8cmRdArTcnmhbF9cHTviC2rlXf6h21m2kn6r+fgXZO8VDnc02/h/q5tpzM3ldLq8r2xPJOMvx+OvVZJDNhx9PKrP/jQcfe34yMcdiAlZlJMsbqUxt1ZupZM8vyyL7y1I9crxY1CKn4LDfVE/nMX0fWH9a2RfTMki3hercRZ/jTc0fCYcyWL1dFmMHBEAOC+7wyqU3MR89B77x+vu65zlplf3Hx3t5cVnUfqBwwWpmL02cWIvZcVn9JVk2yopObEWLx+cZfdu5Gf0alZXyppwRq++QXWL+/rz8DuQsrRH6sp/oih6UEv6/eNBv2lV/Txe4fOJ/Ybt+kI8wrsv9n6Z3AA/9tHORztP6/XVtep71eq9uhaTYWQTag8AYIzp37EzNcJ67+Cq+tE/3k1bRyretw7eUlDRh/pYAz3SnfwrBK6P3+ryobch3Bm9ao1jL0jHY2u6M/GqLqmlaezPtks/TIOS34vKVzlaqYfbXX2rxwAAgLN2s5E1JtThWer/neS6W9LK5UPX3QfX7Mdq+fFvCJ5Uc2tntg8AAPhf4wZfWsv931lB4PU+qDUaNbu/4ZrAd35iAq+57hqv23cDZ8PurrumF/h93/HbphdoyWu6oQk3ez0/6JuWH5ieH3pbpuW1XZN99Xvoduxu33PCXtu1Q9c4frdvO33T9ELH9DZ/3PbCDTdIVg57ruO1PMfue37XhP5m4LgVY0LXPRToNd1u32t5cbNreoHXsYNt81O/vdlxTdMNncDr9f10g3lfXrflB51ksxVFp/6iQwAAvomev9x/8nAw2Hk2qZFc0U+JGTZK4zaY98UrzgAAfDWMVumJymeSEAAAAAAAAAAAAAAAAAAAAAAAGDH9I32nbCyO+7CgdDDnVxdn2o6leSd2mkbh9Vf/2wkxFw7m5Lv/cMyrcxip0kZx/lu+cJqPjc6h8YPddI9OjIkXjl20dHAsivP/7xA3nn4xYVEURdHJqy8d3YelkwZ4tFGU9Kz0BofgfM5HAM7OfwMAAP//3JZAiA==")
mount$9p_fd(0x0, &(0x7f0000000fc0)='./file2\x00', 0x0, 0xc000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r1, 0x0, 0x400000000}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0x81, 0x88, &(0x7f0000000040)="74b9aa4ab530fc66bd98e61a50181a40b33648ea6ba919aa3b00bc097bc01f8d07bd981fa5891f388ff822aacae336bec40efd1ebc5d3b6ed60087cb98cca1c82700a3ee2e7cf4f160b3919f75bf0691e1ca3404d8f4ec69bbc0d292eb4ea2f5b56945c064889c6b3ddc5815c888a76d88dae0516c5a506749c2686ac3d10fddae", &(0x7f0000000100)=""/136, 0x2, 0x0, 0x48, 0x6b, &(0x7f00000001c0)="bb90d982e168cdaeea6d2d8861e295b774a461fdced100f3d8cc647cc721f580b84fff0bc7386372fafb779cc1a3943ea8a7053e1b6d707098d83bd4debae6f5ec9b400eb45ac23d", &(0x7f0000000240)="5c92057a56a96959c4a0f47045f7b958933a7d1bac4906b8ff92e7ee8736c6704a968b79401e24ed389756d0899f06aa5d86acf563c31ce3333494b117fd3c8d7b5248ef1a65ae18baf2172441cf9ce87cd93248e782a084c669a9458081c123389399c2223ccd517e13ea", 0x6, 0x0, 0xfff}, 0x50)
write$cgroup_int(r0, &(0x7f0000000000), 0xfffffd26)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x401c5820, &(0x7f00000001c0)=0x8)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r7}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000006000000040000000000000e0400000000000000000000000100000d040000000400010004000000000000000000000401000000000000000000000a03000000000000006145f8da0847eae667aeae2cb67f68f9f1322c9098df0832"], 0x0, 0x5a, 0x0, 0x8, 0x80080004}, 0x28)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
vmsplice(r9, 0x0, 0x0, 0x1)

1.839166963s ago: executing program 5 (id=2185):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xe}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r1)
sendmsg$NFC_CMD_DEP_LINK_UP(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x6000040}, 0x804)

1.725965752s ago: executing program 3 (id=2187):
gettid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
timerfd_create(0x8, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000100000028"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4, 0x0, 0x800000000000000}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x100007, 0x4, 0x25, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000002c0)={r5, &(0x7f00000001c0), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x183001, 0x0)
r7 = epoll_create1(0x80000)
epoll_pwait(r7, &(0x7f0000000100)=[{}], 0x1, 0xfffffffe, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000)={0x90000000})
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x572, &(0x7f0000001600)="$eJzs3d9rU+cbAPDnpKm/v99WENnGGAUv5nCmtt0PB7twl2OTCdu9C2ks0tRIk4rthOnFvNnNkMEYE8but3svZf/A/gphCjKkbBe76TjpSW1t0jbamur5fCDyvnlP+p7nvOd5fU9OQgLIrZH0n0LEqxHxXRIxFBFJ1laMrHFkebvFR9cq6SOJpaXP/0pa26X19t9qv+5gVnklIn7/JuJEYX2/jfmF6XKtVp3N6qPNmcujjfmFkxdnylPVqeql8YmJ0+9OjH/w/nvbFutb5/758bO7H5/+9tjiD789OHwriTNxKGtbHcem9nVtub66MhIj2TEZjDNPbDjWy46/AJJ+7wBPZSDL88FI54ChGMiyHnj5fR0RS0BOJfIfcqq9Dmhf2/d0HfwSePjR8gXQ+viLy++NxL7WtdGBxWTNlVF6vTu8Df2nfdy5f/tW+ohe34cAeAbXb0TEqWJx/fyXZPPf0zu1hW2e7MP8B8/P3XT983an9U9hZf0THdY/Bzvk7tPYPP8LD7ahm67S9d+HHde/Kzethgey2v9aa77B5MLFWjWd2/4fEcdjcG9a3+h+zunFe0vd2lav/+6kh/rRtUp7LZjtx4Pi3rWvmSw3y88S82oPb0S81nH9m6yMf9Jh/NPjcW6LfRyt3n6jW9ua+O/fvrW4Lv6dtfRLxJsdx//xHa1k4/uTo63zYbR9Vqz3982jf3Trv9/xp+N/YOP4h5PV92sbvffx875/q93a1sQfneLvfP7vSb5olfdkz10tN5uzYxF7kk/XPz/++LXtenv7NP7jxzae/zqd//sj4sstxn/zyK+vbyn+Po3/ZE/j33vh3idf/dSt/83jT8f/nVbpePZMNv8NbRTXVnfwWY8fAAAAAAAA7CaFiDgUSaG0Ui4USqXlz3cciQOFWr3RPHGhPndpMlrflR2OwUL7TvfQqs9DjGWfh23Xx5+oT0TE4Yj4fmB/q16q1GuT/Q4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/pzoN97B+w4P/kN+bVp/m/HLz0Bu5L//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+rc2bPpY2nx0bVKWp+8Mj83Xb9ycrLamC7NzFVKlfrs5dJUvT5Vq5Yq9ZnN/l6tXr88Nh5zV0eb1UZztDG/cH6mPnepef7iTHmqer46+FyiAgAAAAAAAAAAAAAAAAAAgBdLY35hulyrVWd3qpDsfBcK/SwUd8du5KdQjOfSV79nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB47L8AAAD//84fMw8=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x1)
fallocate(r8, 0x0, 0x0, 0x8000c62)
r9 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r9, r9, 0x0, 0x100000800000009)

1.515947379s ago: executing program 5 (id=2189):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000040)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000380)={0x3, &(0x7f0000000340)=[{0x1, 0x8, 0xfb, 0x5}, {0x84, 0x6, 0xa8, 0x4}, {0x6, 0x9, 0x4, 0x1}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = io_uring_setup(0x7be6, &(0x7f00000001c0)={0x0, 0xe23e, 0x2, 0x1, 0x253})
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000400)={0x10, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)=""/179, 0xb3}], &(0x7f00000003c0)=[0x4], 0x1}, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r3}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x9c)
stat(&(0x7f0000000cc0)='./file0\x00', &(0x7f0000001c80))
r4 = msgget$private(0x0, 0x480)
msgsnd(r4, &(0x7f0000000040)={0x2}, 0x8, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00'], 0x20}}, 0x4000000)
r5 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r5, 0x47bc, 0x0, 0x0, 0x0, 0x0)

1.37411129s ago: executing program 0 (id=2191):
r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x3a200, 0x0)
waitid$P_PIDFD(0x3, r0, &(0x7f00000003c0), 0x1000000, &(0x7f0000000780))
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0xb}]})
fadvise64(r1, 0x9, 0x0, 0x1)
close(r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r3 = perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x100, 0x2000, 0x0, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a0000000100000008000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="180200000000000000000000cfffffff850000001700000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'dummy0\x00', <r8=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r6, r8, 0x25, 0x4, @val=@tracing={0x0, 0x100000000}}, 0x20)

873.73555ms ago: executing program 3 (id=2197):
gettid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
timerfd_create(0x8, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000100000028"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4, 0x0, 0x800000000000000}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x100007, 0x4, 0x25, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000002c0)={r5, &(0x7f00000001c0), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x183001, 0x0)
r7 = epoll_create1(0x80000)
epoll_pwait(r7, &(0x7f0000000100)=[{}], 0x1, 0xfffffffe, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000)={0x90000000})
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r8}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r8], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x572, &(0x7f0000001600)="$eJzs3d9rU+cbAPDnpKm/v99WENnGGAUv5nCmtt0PB7twl2OTCdu9C2ks0tRIk4rthOnFvNnNkMEYE8but3svZf/A/gphCjKkbBe76TjpSW1t0jbamur5fCDyvnlP+p7nvOd5fU9OQgLIrZH0n0LEqxHxXRIxFBFJ1laMrHFkebvFR9cq6SOJpaXP/0pa26X19t9qv+5gVnklIn7/JuJEYX2/jfmF6XKtVp3N6qPNmcujjfmFkxdnylPVqeql8YmJ0+9OjH/w/nvbFutb5/758bO7H5/+9tjiD789OHwriTNxKGtbHcem9nVtub66MhIj2TEZjDNPbDjWy46/AJJ+7wBPZSDL88FI54ChGMiyHnj5fR0RS0BOJfIfcqq9Dmhf2/d0HfwSePjR8gXQ+viLy++NxL7WtdGBxWTNlVF6vTu8Df2nfdy5f/tW+ohe34cAeAbXb0TEqWJx/fyXZPPf0zu1hW2e7MP8B8/P3XT983an9U9hZf0THdY/Bzvk7tPYPP8LD7ahm67S9d+HHde/Kzethgey2v9aa77B5MLFWjWd2/4fEcdjcG9a3+h+zunFe0vd2lav/+6kh/rRtUp7LZjtx4Pi3rWvmSw3y88S82oPb0S81nH9m6yMf9Jh/NPjcW6LfRyt3n6jW9ua+O/fvrW4Lv6dtfRLxJsdx//xHa1k4/uTo63zYbR9Vqz3982jf3Trv9/xp+N/YOP4h5PV92sbvffx875/q93a1sQfneLvfP7vSb5olfdkz10tN5uzYxF7kk/XPz/++LXtenv7NP7jxzae/zqd//sj4sstxn/zyK+vbyn+Po3/ZE/j33vh3idf/dSt/83jT8f/nVbpePZMNv8NbRTXVnfwWY8fAAAAAAAA7CaFiDgUSaG0Ui4USqXlz3cciQOFWr3RPHGhPndpMlrflR2OwUL7TvfQqs9DjGWfh23Xx5+oT0TE4Yj4fmB/q16q1GuT/Q4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/pzoN97B+w4P/kN+bVp/m/HLz0Bu5L//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+rc2bPpY2nx0bVKWp+8Mj83Xb9ycrLamC7NzFVKlfrs5dJUvT5Vq5Yq9ZnN/l6tXr88Nh5zV0eb1UZztDG/cH6mPnepef7iTHmqer46+FyiAgAAAAAAAAAAAAAAAAAAgBdLY35hulyrVWd3qpDsfBcK/SwUd8du5KdQjOfSV79nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB47L8AAAD//84fMw8=")
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x1)
fallocate(r9, 0x0, 0x0, 0x8000c62)
r10 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r10, r10, 0x0, 0x100000800000009)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000feffffff0000000000000000850000002a00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

656.544138ms ago: executing program 1 (id=2201):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'vlan0\x00'})
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xf, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4}, 0x50)

656.116158ms ago: executing program 5 (id=2202):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10208}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x2, 0x2, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000040)={0x0, 0xffffffff, 0x1, 0x0, 0x90, "ff00f7000000000000000020af88008300"})
r2 = syz_open_pts(r1, 0x141601)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x8008551d, &(0x7f00000002c0)={0x4dd4, 0x1c, [{0x5}, {0x6}, {0xb, 0x1}, {0xa}, {0xa}, {0x3, 0x1}, {0x1}, {0xc}, {0x9}, {0xc}, {0x3}, {0x8}, {0xe}, {0xa}, {0x7}, {0xe}, {0xe, 0x1}, {0x0, 0x1}, {0x6, 0x1}, {0x3, 0x1}, {0x5}, {0x4}, {0xe, 0x1}, {0x6}, {0xc}, {0xb}, {0x4}, {0x2}]})
write(r2, &(0x7f0000000000)="d5", 0xfffffedf)
ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000080)={0x400008, 0x1ffffffe, 0x0, 0x200007, 0x9, "680c1acfa4a5000000070000faffffff000800"})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

640.451799ms ago: executing program 1 (id=2203):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, &(0x7f00000003c0)='./file0\x00')

625.04384ms ago: executing program 1 (id=2204):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)=r0}, 0x20)
syz_emit_ethernet(0x6e, &(0x7f0000000100)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "202002", 0x38, 0x3a, 0x0, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7d0, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, [@srh={0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2}]}}}}}}}, 0x0)

607.673481ms ago: executing program 1 (id=2206):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001540)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000000000000000000000058cdc82ded7f2eb4d9e7ab18297a01a9fec11d3471d8cfae7da00bcb74c8b7685ebc72279bc27e740a2a7826c48b900504f2dc20494f7db4d93ad25cd0433719fa43403d60a9fb2dce5487d787384756588b430bac863fdf4b97d4de744a3cb0d4bc2526a839ac0e168bff339", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1f, 0x11, &(0x7f0000001600)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000b7080000000000007baaf8ff00000000b5080000040000007b94f0ff00000000bfa100000000000007010000f8ffffffbfa40000000004000704000046fc28701a98054bc04e35bef0de330bda3714d07d00000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b30000009500000000000000"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_procfs(0x0, &(0x7f0000004600)='map_files\x00')
fchdir(r1)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000007feffff720af0fff8ffffff71a4f0ff000000002d030000000000001d400500000000004704000001ed000072030000000000001d44000000000000db0a00fee10000007303000000000000b500f3ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000780)={{r1}, &(0x7f0000000100), &(0x7f0000000740)='%-5lx  \x00'}, 0x20)
getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000a40)={@loopback, @multicast1}, &(0x7f0000000a80)=0xc)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000001480)=ANY=[@ANYBLOB="18000000000000002000000000000000081100000000800000004c8c6bdef1c097658da9c4b3af6a1c16a965fe032e9902ba2a19209e203637bf5cc47ade39a3f74f4769b2380d5f3ce7d569a84069195e030342920b363a3c7a05c0d1aacec15186d55815", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x41}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a2d0000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073f97a310000000008000440080000000900010073797a3000000000080003400000000114000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03f5"], 0x34}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000007000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r8 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xa0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r8, 0x40082406, &(0x7f00000001c0)='c\f\x93\xad\xa8\x02Z[\xea')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)

544.541237ms ago: executing program 2 (id=2207):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000024000000080000000b"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)=r0}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000700)={<r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2, <r4=>0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000380)=r3}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000740)={r4, &(0x7f00000006c0)}, 0x20)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x2, &(0x7f0000000000)=0x16, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYBLOB="1000000000000000280012800b0001"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0x4, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(r5, &(0x7f0000000480)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x3c, r6, 0x800, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x400}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000020}, 0x2004000)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
write(r4, &(0x7f00000001c0)="73f25f22798129b32b99a3b1a5ae05e380c7585dd70fbdaee6a928249e8a5ffb6bf1027415ef1bdb7474e0485490fc3002f187ff38064e3871bf650e1bfe61bc7fdbc5caf08d50320137bc4a6b02613086d80d9990c7bcaec5b500e3d7867eb76c6aa34d9a304c172e6e2eeda149ed36d3e5aba774f246e64ea37b250d85f16ac13eefd51ca99ae8d65d9cd3572e7fcb3a7e891085e517f6ed640f704e83205970", 0xa1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000024000000080000000b"], 0x48) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, &(0x7f0000000340), &(0x7f0000000380)=r0}, 0x20) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000700)) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, &(0x7f0000000140), &(0x7f0000000380)=r3}, 0x20) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000740)={r4, &(0x7f00000006c0)}, 0x20) (async)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x2, &(0x7f0000000000)=0x16, 0x4) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYBLOB="1000000000000000280012800b0001"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0x4, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async)
sendmsg$BATADV_CMD_GET_MESH(r5, &(0x7f0000000480)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x3c, r6, 0x800, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x400}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000020}, 0x2004000) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)
write(r4, &(0x7f00000001c0)="73f25f22798129b32b99a3b1a5ae05e380c7585dd70fbdaee6a928249e8a5ffb6bf1027415ef1bdb7474e0485490fc3002f187ff38064e3871bf650e1bfe61bc7fdbc5caf08d50320137bc4a6b02613086d80d9990c7bcaec5b500e3d7867eb76c6aa34d9a304c172e6e2eeda149ed36d3e5aba774f246e64ea37b250d85f16ac13eefd51ca99ae8d65d9cd3572e7fcb3a7e891085e517f6ed640f704e83205970", 0xa1) (async)

544.047347ms ago: executing program 2 (id=2208):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x58, &(0x7f00000001c0)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r3, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
write(r0, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e21}, 0x6e)

536.387437ms ago: executing program 1 (id=2209):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r3=>0x0})
syz_emit_ethernet(0xb3, &(0x7f00000002c0)={@local, @local, @val={@void, {0x8100, 0x0, 0x0, 0x2}}, {@llc={0x4, {@snap={0x1, 0xab, "5fc9", "8b0545", 0xf7, "3eae0fc7f8864207bd42e7fa01dc0f005cff150af2cdb5505cc266a72961397abfa8a5f73d9d678b0dd8041a5ce978081ce2a1a4423c06cf4f3d2ee67f85096e80ec6f9bc1cd41508a0ca6481737aa6462ab28f15b39575287da2f7c114352009a1348fd984e4a2a777c30dc8af1e9606962a915ae204b95129416306290facfaadc885d368092eb9ba31af5a5107b0ffef4b3e06cf8a586"}}}}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x5}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

523.849098ms ago: executing program 1 (id=2210):
gettid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
timerfd_create(0x8, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000100000028"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4, 0x0, 0x800000000000000}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x100007, 0x4, 0x25, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000002c0)={r5, &(0x7f00000001c0), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x183001, 0x0)
r7 = epoll_create1(0x80000)
epoll_pwait(r7, &(0x7f0000000100)=[{}], 0x1, 0xfffffffe, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000)={0x90000000})
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x572, &(0x7f0000001600)="$eJzs3d9rU+cbAPDnpKm/v99WENnGGAUv5nCmtt0PB7twl2OTCdu9C2ks0tRIk4rthOnFvNnNkMEYE8but3svZf/A/gphCjKkbBe76TjpSW1t0jbamur5fCDyvnlP+p7nvOd5fU9OQgLIrZH0n0LEqxHxXRIxFBFJ1laMrHFkebvFR9cq6SOJpaXP/0pa26X19t9qv+5gVnklIn7/JuJEYX2/jfmF6XKtVp3N6qPNmcujjfmFkxdnylPVqeql8YmJ0+9OjH/w/nvbFutb5/758bO7H5/+9tjiD789OHwriTNxKGtbHcem9nVtub66MhIj2TEZjDNPbDjWy46/AJJ+7wBPZSDL88FI54ChGMiyHnj5fR0RS0BOJfIfcqq9Dmhf2/d0HfwSePjR8gXQ+viLy++NxL7WtdGBxWTNlVF6vTu8Df2nfdy5f/tW+ohe34cAeAbXb0TEqWJx/fyXZPPf0zu1hW2e7MP8B8/P3XT983an9U9hZf0THdY/Bzvk7tPYPP8LD7ahm67S9d+HHde/Kzethgey2v9aa77B5MLFWjWd2/4fEcdjcG9a3+h+zunFe0vd2lav/+6kh/rRtUp7LZjtx4Pi3rWvmSw3y88S82oPb0S81nH9m6yMf9Jh/NPjcW6LfRyt3n6jW9ua+O/fvrW4Lv6dtfRLxJsdx//xHa1k4/uTo63zYbR9Vqz3982jf3Trv9/xp+N/YOP4h5PV92sbvffx875/q93a1sQfneLvfP7vSb5olfdkz10tN5uzYxF7kk/XPz/++LXtenv7NP7jxzae/zqd//sj4sstxn/zyK+vbyn+Po3/ZE/j33vh3idf/dSt/83jT8f/nVbpePZMNv8NbRTXVnfwWY8fAAAAAAAA7CaFiDgUSaG0Ui4USqXlz3cciQOFWr3RPHGhPndpMlrflR2OwUL7TvfQqs9DjGWfh23Xx5+oT0TE4Yj4fmB/q16q1GuT/Q4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/pzoN97B+w4P/kN+bVp/m/HLz0Bu5L//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+rc2bPpY2nx0bVKWp+8Mj83Xb9ycrLamC7NzFVKlfrs5dJUvT5Vq5Yq9ZnN/l6tXr88Nh5zV0eb1UZztDG/cH6mPnepef7iTHmqer46+FyiAgAAAAAAAAAAAAAAAAAAgBdLY35hulyrVWd3qpDsfBcK/SwUd8du5KdQjOfSV79nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB47L8AAAD//84fMw8=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x1)
fallocate(r8, 0x0, 0x0, 0x8000c62)
r9 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r9, r9, 0x0, 0x100000800000009)

462.852743ms ago: executing program 2 (id=2211):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x58, &(0x7f00000001c0)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
write(r0, 0x0, 0x0)
recvmmsg$unix(r0, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x180, 0x0)
connect$unix(r1, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e21}, 0x6e)

449.084704ms ago: executing program 0 (id=2212):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xe}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r3)
sendmsg$NFC_CMD_DEP_LINK_UP(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fbdbdf25040000"], 0x3c}, 0x1, 0x0, 0x0, 0x6000040}, 0x804)

417.060847ms ago: executing program 0 (id=2213):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, &(0x7f00000003c0)='./file0\x00')

415.691387ms ago: executing program 0 (id=2214):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x58, &(0x7f00000001c0)=<r2=>0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r3, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
write(r0, 0x0, 0x0)
recvmmsg$unix(r0, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x180, 0x0)
connect$unix(r1, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e21}, 0x6e)

300.759696ms ago: executing program 2 (id=2215):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, &(0x7f00000003c0)='./file0\x00')

269.283629ms ago: executing program 2 (id=2216):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x58, &(0x7f00000001c0)=<r2=>0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
write(r0, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e21}, 0x6e)

262.385499ms ago: executing program 0 (id=2217):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeef, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
sendmmsg$inet(r2, &(0x7f0000001480)=[{{&(0x7f0000000100)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x2000c044)
socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r4, &(0x7f0000000340)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r6, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0xff, r6}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
r7 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r7, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
r8 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="000000000000000037030000000000008500d8004d000500b700000000000100000000000000000094cb"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r10, 0x0, 0x1}, 0x18)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x13, 0x0, {0x0, 0x0, 0x0, r11, {0x0, 0xb}}}, 0x24}}, 0x0)
r12 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r12, 0xc0182101, 0x0)

156.073548ms ago: executing program 2 (id=2218):
gettid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
timerfd_create(0x8, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000100000028"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4, 0x0, 0x800000000000000}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x100007, 0x4, 0x25, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000002c0)={r5, &(0x7f00000001c0), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x183001, 0x0)
r7 = epoll_create1(0x80000)
epoll_pwait(r7, &(0x7f0000000100)=[{}], 0x1, 0xfffffffe, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000)={0x90000000})
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x572, &(0x7f0000001600)="$eJzs3d9rU+cbAPDnpKm/v99WENnGGAUv5nCmtt0PB7twl2OTCdu9C2ks0tRIk4rthOnFvNnNkMEYE8but3svZf/A/gphCjKkbBe76TjpSW1t0jbamur5fCDyvnlP+p7nvOd5fU9OQgLIrZH0n0LEqxHxXRIxFBFJ1laMrHFkebvFR9cq6SOJpaXP/0pa26X19t9qv+5gVnklIn7/JuJEYX2/jfmF6XKtVp3N6qPNmcujjfmFkxdnylPVqeql8YmJ0+9OjH/w/nvbFutb5/758bO7H5/+9tjiD789OHwriTNxKGtbHcem9nVtub66MhIj2TEZjDNPbDjWy46/AJJ+7wBPZSDL88FI54ChGMiyHnj5fR0RS0BOJfIfcqq9Dmhf2/d0HfwSePjR8gXQ+viLy++NxL7WtdGBxWTNlVF6vTu8Df2nfdy5f/tW+ohe34cAeAbXb0TEqWJx/fyXZPPf0zu1hW2e7MP8B8/P3XT983an9U9hZf0THdY/Bzvk7tPYPP8LD7ahm67S9d+HHde/Kzethgey2v9aa77B5MLFWjWd2/4fEcdjcG9a3+h+zunFe0vd2lav/+6kh/rRtUp7LZjtx4Pi3rWvmSw3y88S82oPb0S81nH9m6yMf9Jh/NPjcW6LfRyt3n6jW9ua+O/fvrW4Lv6dtfRLxJsdx//xHa1k4/uTo63zYbR9Vqz3982jf3Trv9/xp+N/YOP4h5PV92sbvffx875/q93a1sQfneLvfP7vSb5olfdkz10tN5uzYxF7kk/XPz/++LXtenv7NP7jxzae/zqd//sj4sstxn/zyK+vbyn+Po3/ZE/j33vh3idf/dSt/83jT8f/nVbpePZMNv8NbRTXVnfwWY8fAAAAAAAA7CaFiDgUSaG0Ui4USqXlz3cciQOFWr3RPHGhPndpMlrflR2OwUL7TvfQqs9DjGWfh23Xx5+oT0TE4Yj4fmB/q16q1GuT/Q4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/pzoN97B+w4P/kN+bVp/m/HLz0Bu5L//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+rc2bPpY2nx0bVKWp+8Mj83Xb9ycrLamC7NzFVKlfrs5dJUvT5Vq5Yq9ZnN/l6tXr88Nh5zV0eb1UZztDG/cH6mPnepef7iTHmqer46+FyiAgAAAAAAAAAAAAAAAAAAgBdLY35hulyrVWd3qpDsfBcK/SwUd8du5KdQjOfSV79nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB47L8AAAD//84fMw8=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x1)
fallocate(r8, 0x0, 0x0, 0x8000c62)
r9 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r9, r9, 0x0, 0x100000800000009)

0s ago: executing program 3 (id=2219):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000100000008000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400002000000000000080000000000000000000000000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000200000004"], 0xfc}, 0x1, 0x0, 0x0, 0x4008040}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=ANY=[@ANYBLOB="ec000000210001000000000000000000fc0200000000000000000000000000006401010200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c001100ac1414aa0000000000000000000000007f000001000000000000000000000008fe880000000000000000000000000101138100000000000000000000000000aa3c04"], 0xec}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r3], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_switch\x00', r2, 0x0, 0xa}, 0x18)
r6 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r7}, &(0x7f0000000280), &(0x7f00000002c0)=r8}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r9}, 0x10)
setitimer(0x2, 0x0, 0x0)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
close(r6)

kernel console output (not intermixed with test programs):

927 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  108.428297][   T29] audit: type=1326 audit(108.282:6843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  108.451211][   T29] audit: type=1326 audit(108.292:6844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  108.473858][   T29] audit: type=1326 audit(108.292:6845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7927 comm="syz.0.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  108.525172][ T7935] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1329'.
[  108.551964][ T7940] FAULT_INJECTION: forcing a failure.
[  108.551964][ T7940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.565194][ T7940] CPU: 0 UID: 0 PID: 7940 Comm: syz.3.1330 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  108.565219][ T7940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  108.565229][ T7940] Call Trace:
[  108.565264][ T7940]  <TASK>
[  108.565271][ T7940]  __dump_stack+0x1d/0x30
[  108.565291][ T7940]  dump_stack_lvl+0xe8/0x140
[  108.565308][ T7940]  dump_stack+0x15/0x1b
[  108.565324][ T7940]  should_fail_ex+0x265/0x280
[  108.565427][ T7940]  should_fail+0xb/0x20
[  108.565523][ T7940]  should_fail_usercopy+0x1a/0x20
[  108.565545][ T7940]  _copy_from_user+0x1c/0xb0
[  108.565597][ T7940]  ___sys_sendmsg+0xc1/0x1d0
[  108.565627][ T7940]  __x64_sys_sendmsg+0xd4/0x160
[  108.565654][ T7940]  x64_sys_call+0x191e/0x2ff0
[  108.565671][ T7940]  do_syscall_64+0xd2/0x200
[  108.565693][ T7940]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  108.565716][ T7940]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  108.565837][ T7940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.565854][ T7940] RIP: 0033:0x7f2344f6ebe9
[  108.565866][ T7940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.565880][ T7940] RSP: 002b:00007f23439d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.565978][ T7940] RAX: ffffffffffffffda RBX: 00007f23451a5fa0 RCX: 00007f2344f6ebe9
[  108.565991][ T7940] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  108.566003][ T7940] RBP: 00007f23439d7090 R08: 0000000000000000 R09: 0000000000000000
[  108.566015][ T7940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.566027][ T7940] R13: 00007f23451a6038 R14: 00007f23451a5fa0 R15: 00007ffe26e9b858
[  108.566044][ T7940]  </TASK>
[  109.120127][ T7956] loop5: detected capacity change from 0 to 128
[  109.159954][ T7958] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1337'.
[  109.206108][ T7961] bio_check_eod: 26 callbacks suppressed
[  109.206119][ T7961] syz.5.1336: attempt to access beyond end of device
[  109.206119][ T7961] loop5: rw=0, sector=121, nr_sectors = 920 limit=128
[  109.229335][ T7961] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1336'.
[  109.278377][ T7964] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1339'.
[  109.296001][ T7964] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1339'.
[  109.330958][ T7964] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1339'.
[  109.532867][ T7972] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.542099][ T7972] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.884883][ T7989] loop3: detected capacity change from 0 to 1024
[  109.910283][ T7989] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.026450][ T7996] loop5: detected capacity change from 0 to 512
[  110.034786][ T7996] EXT4-fs (loop5): orphan cleanup on readonly fs
[  110.041256][ T7996] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  110.050289][ T7996] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  110.064934][ T7996] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.1350: attempt to clear invalid blocks 2 len 1
[  110.078077][ T7996] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1350: invalid indirect mapped block 1819239214 (level 0)
[  110.094295][ T7996] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.1350: invalid indirect mapped block 1819239214 (level 1)
[  110.115048][ T7996] EXT4-fs (loop5): 1 truncate cleaned up
[  110.121092][ T7996] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  110.143879][ T7996] EXT4-fs (loop5): can't disable delalloc during remount
[  110.164877][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.360362][ T8004] siw: device registration error -23
[  110.539716][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.607061][ T8023] FAULT_INJECTION: forcing a failure.
[  110.607061][ T8023] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  110.620331][ T8023] CPU: 0 UID: 0 PID: 8023 Comm: syz.3.1360 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  110.620359][ T8023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  110.620371][ T8023] Call Trace:
[  110.620378][ T8023]  <TASK>
[  110.620453][ T8023]  __dump_stack+0x1d/0x30
[  110.620474][ T8023]  dump_stack_lvl+0xe8/0x140
[  110.620492][ T8023]  dump_stack+0x15/0x1b
[  110.620508][ T8023]  should_fail_ex+0x265/0x280
[  110.620585][ T8023]  should_fail_alloc_page+0xf2/0x100
[  110.620610][ T8023]  __alloc_frozen_pages_noprof+0xff/0x360
[  110.620651][ T8023]  alloc_pages_mpol+0xb3/0x250
[  110.620759][ T8023]  folio_alloc_noprof+0x97/0x150
[  110.620788][ T8023]  filemap_alloc_folio_noprof+0x66/0x210
[  110.620818][ T8023]  __filemap_get_folio+0x28f/0x6b0
[  110.620846][ T8023]  ? __kmalloc_noprof+0x364/0x3e0
[  110.620907][ T8023]  ? aio_setup_ring+0x1e8/0x760
[  110.620932][ T8023]  aio_setup_ring+0x26c/0x760
[  110.621070][ T8023]  ioctx_alloc+0x2c4/0x4e0
[  110.621092][ T8023]  ? fput+0x8f/0xc0
[  110.621170][ T8023]  __se_sys_io_setup+0x6b/0x1b0
[  110.621192][ T8023]  __x64_sys_io_setup+0x31/0x40
[  110.621213][ T8023]  x64_sys_call+0x2eff/0x2ff0
[  110.621235][ T8023]  do_syscall_64+0xd2/0x200
[  110.621365][ T8023]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.621457][ T8023]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  110.621541][ T8023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.621562][ T8023] RIP: 0033:0x7f2344f6ebe9
[  110.621578][ T8023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.621594][ T8023] RSP: 002b:00007f23439d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  110.621625][ T8023] RAX: ffffffffffffffda RBX: 00007f23451a5fa0 RCX: 00007f2344f6ebe9
[  110.621639][ T8023] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004
[  110.621701][ T8023] RBP: 00007f23439d7090 R08: 0000000000000000 R09: 0000000000000000
[  110.621713][ T8023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  110.621726][ T8023] R13: 00007f23451a6038 R14: 00007f23451a5fa0 R15: 00007ffe26e9b858
[  110.621744][ T8023]  </TASK>
[  110.877041][ T8027] can0: slcan on ttyS3.
[  111.018944][ T8026] can0 (unregistered): slcan off ttyS3.
[  111.148946][ T8064] netlink: 'syz.0.1371': attribute type 298 has an invalid length.
[  111.224267][ T8073] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1373'.
[  111.486548][ T8151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1377'.
[  111.543355][ T8150] sctp: [Deprecated]: syz.2.1363 (pid 8150) Use of int in maxseg socket option.
[  111.543355][ T8150] Use struct sctp_assoc_value instead
[  111.890821][ T8158] can0: slcan on ttyS3.
[  111.981229][ T8157] can0 (unregistered): slcan off ttyS3.
[  112.130633][ T8175] loop5: detected capacity change from 0 to 512
[  112.145965][ T8175] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  112.175648][ T8175] EXT4-fs (loop5): 1 truncate cleaned up
[  112.186622][ T8175] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.209107][ T8175] EXT4-fs error (device loop5): __ext4_iget:5464: inode #12: block 2: comm syz.5.1385: invalid block
[  112.270558][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.280270][ T8183] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1388'.
[  112.380143][ T8195] loop3: detected capacity change from 0 to 8192
[  112.565916][ T8208] loop3: detected capacity change from 0 to 8192
[  112.578551][ T8208] loop9: detected capacity change from 0 to 7
[  112.585240][ T8208] Buffer I/O error on dev loop9, logical block 0, async page read
[  112.593254][ T8208] Buffer I/O error on dev loop9, logical block 0, async page read
[  112.601110][ T8208]  loop9: unable to read partition table
[  112.607351][ T8208] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  112.607351][ T8208] 
) failed (rc=-5)
[  112.608381][ T3480] Buffer I/O error on dev loop9, logical block 0, async page read
[  112.634416][ T3480] Buffer I/O error on dev loop9, logical block 0, async page read
[  112.642511][ T3480] Buffer I/O error on dev loop9, logical block 0, async page read
[  112.651101][ T3480] Buffer I/O error on dev loop9, logical block 0, async page read
[  112.659074][ T3480] Buffer I/O error on dev loop9, logical block 0, async page read
[  112.766509][ T8222] loop5: detected capacity change from 0 to 128
[  112.821160][ T8224] __nla_validate_parse: 2 callbacks suppressed
[  112.821183][ T8224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1402'.
[  112.836632][ T8224] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.890067][ T8224] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.902029][ T8226] serio: Serial port ptm0
[  112.960335][ T8227] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  113.255613][   T29] kauditd_printk_skb: 800 callbacks suppressed
[  113.255625][   T29] audit: type=1326 audit(114.239:7646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8234 comm="syz.1.1407" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  113.372870][   T29] audit: type=1326 audit(114.359:7647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8242 comm="syz.1.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  113.395759][   T29] audit: type=1326 audit(114.359:7648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8242 comm="syz.1.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  113.468675][   T29] audit: type=1326 audit(114.409:7649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8242 comm="syz.1.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  113.491506][   T29] audit: type=1326 audit(114.409:7650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8242 comm="syz.1.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  113.514362][   T29] audit: type=1326 audit(114.409:7651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8242 comm="syz.1.1410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  113.741187][   T29] audit: type=1400 audit(114.729:7652): avc:  denied  { ioctl } for  pid=8250 comm="syz.2.1412" path="socket:[18780]" dev="sockfs" ino=18780 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  113.787803][   T29] audit: type=1400 audit(114.759:7653): avc:  denied  { unmount } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  113.807334][   T29] audit: type=1326 audit(114.769:7654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8252 comm="syz.3.1413" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2344f6ebe9 code=0x0
[  113.868070][   T29] audit: type=1326 audit(114.849:7655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8259 comm="syz.5.1416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  113.902458][ T8260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.912704][ T8260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.927777][ T8260] loop5: detected capacity change from 0 to 512
[  113.944537][ T8260] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  113.965413][ T8260] EXT4-fs (loop5): 1 truncate cleaned up
[  113.973070][ T8260] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.496992][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.635799][ T8334] FAULT_INJECTION: forcing a failure.
[  114.635799][ T8334] name failslab, interval 1, probability 0, space 0, times 0
[  114.648488][ T8334] CPU: 0 UID: 0 PID: 8334 Comm: syz.1.1442 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  114.648570][ T8334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  114.648580][ T8334] Call Trace:
[  114.648586][ T8334]  <TASK>
[  114.648592][ T8334]  __dump_stack+0x1d/0x30
[  114.648610][ T8334]  dump_stack_lvl+0xe8/0x140
[  114.648642][ T8334]  dump_stack+0x15/0x1b
[  114.648657][ T8334]  should_fail_ex+0x265/0x280
[  114.648677][ T8334]  should_failslab+0x8c/0xb0
[  114.648766][ T8334]  kmem_cache_alloc_noprof+0x50/0x310
[  114.648788][ T8334]  ? alloc_empty_file+0x76/0x200
[  114.648817][ T8334]  alloc_empty_file+0x76/0x200
[  114.648845][ T8334]  alloc_file_pseudo+0xc6/0x160
[  114.648898][ T8334]  hugetlb_file_setup+0x2a6/0x3d0
[  114.648918][ T8334]  ksys_mmap_pgoff+0x157/0x310
[  114.648995][ T8334]  x64_sys_call+0x14a3/0x2ff0
[  114.649016][ T8334]  do_syscall_64+0xd2/0x200
[  114.649042][ T8334]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  114.649133][ T8334]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  114.649159][ T8334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.649180][ T8334] RIP: 0033:0x7f73d404ebe9
[  114.649195][ T8334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.649221][ T8334] RSP: 002b:00007f73d2ab7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  114.649237][ T8334] RAX: ffffffffffffffda RBX: 00007f73d4285fa0 RCX: 00007f73d404ebe9
[  114.649250][ T8334] RDX: 0000000000000003 RSI: 0000000000ff5000 RDI: 0000200000000000
[  114.649263][ T8334] RBP: 00007f73d2ab7090 R08: ffffffffffffffff R09: 0000000000000000
[  114.649273][ T8334] R10: 000200000005c832 R11: 0000000000000246 R12: 0000000000000001
[  114.649284][ T8334] R13: 00007f73d4286038 R14: 00007f73d4285fa0 R15: 00007ffcd2ef0a38
[  114.649334][ T8334]  </TASK>
[  114.878885][ T8338] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1443'.
[  114.887767][ T8338] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1443'.
[  114.947218][ T8341] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1444'.
[  115.036667][ T8345] random: crng reseeded on system resumption
[  115.066605][ T8348] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma?
[  115.135211][ T8352] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1449'.
[  115.366174][ T8368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1453'.
[  115.375082][ T8368] netlink: 'syz.0.1453': attribute type 15 has an invalid length.
[  115.450364][ T8368] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1453'.
[  115.499440][ T8381] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1457'.
[  115.637479][ T8386] loop5: detected capacity change from 0 to 1024
[  115.683640][ T8386] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.696118][ T8387] loop3: detected capacity change from 0 to 1024
[  115.721087][ T8387] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.752803][ T8387] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1458: Allocating blocks 385-513 which overlap fs metadata
[  115.771722][ T8387] EXT4-fs (loop3): pa ffff888107266850: logic 16, phys. 129, len 24
[  115.779878][ T8387] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  115.842025][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.872063][ T8393] can0: slcan on ttyS3.
[  115.948816][ T8392] can0 (unregistered): slcan off ttyS3.
[  116.044843][ T8423] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1461'.
[  116.048022][ T8426] FAULT_INJECTION: forcing a failure.
[  116.048022][ T8426] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.066899][ T8426] CPU: 0 UID: 0 PID: 8426 Comm: syz.1.1462 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  116.066993][ T8426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  116.067032][ T8426] Call Trace:
[  116.067037][ T8426]  <TASK>
[  116.067046][ T8426]  __dump_stack+0x1d/0x30
[  116.067068][ T8426]  dump_stack_lvl+0xe8/0x140
[  116.067084][ T8426]  dump_stack+0x15/0x1b
[  116.067101][ T8426]  should_fail_ex+0x265/0x280
[  116.067156][ T8426]  should_fail+0xb/0x20
[  116.067174][ T8426]  should_fail_usercopy+0x1a/0x20
[  116.067196][ T8426]  _copy_from_user+0x1c/0xb0
[  116.067223][ T8426]  __sys_connect+0xd0/0x2b0
[  116.067242][ T8426]  __x64_sys_connect+0x3f/0x50
[  116.067275][ T8426]  x64_sys_call+0x2c08/0x2ff0
[  116.067295][ T8426]  do_syscall_64+0xd2/0x200
[  116.067337][ T8426]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.067366][ T8426]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  116.067387][ T8426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.067407][ T8426] RIP: 0033:0x7f73d404ebe9
[  116.067419][ T8426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.067512][ T8426] RSP: 002b:00007f73d2ab7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  116.067528][ T8426] RAX: ffffffffffffffda RBX: 00007f73d4285fa0 RCX: 00007f73d404ebe9
[  116.067539][ T8426] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000006
[  116.067549][ T8426] RBP: 00007f73d2ab7090 R08: 0000000000000000 R09: 0000000000000000
[  116.067559][ T8426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.067594][ T8426] R13: 00007f73d4286038 R14: 00007f73d4285fa0 R15: 00007ffcd2ef0a38
[  116.067617][ T8426]  </TASK>
[  116.279238][ T8434] tipc: Started in network mode
[  116.284137][ T8434] tipc: Node identity 7e5f3739d356, cluster identity 4711
[  116.291521][ T8434] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  116.301487][ T8434] syzkaller0: entered promiscuous mode
[  116.306973][ T8434] syzkaller0: entered allmulticast mode
[  116.336889][ T8434] tipc: Resetting bearer <eth:syzkaller0>
[  116.404954][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.559169][ T8433] tipc: Resetting bearer <eth:syzkaller0>
[  116.586330][ T8433] tipc: Disabling bearer <eth:syzkaller0>
[  116.656830][ T8467] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1474'.
[  116.763579][ T8462] siw: device registration error -23
[  116.790857][ T8485] netlink: 'syz.1.1475': attribute type 15 has an invalid length.
[  116.879765][ T8504] loop3: detected capacity change from 0 to 128
[  116.924104][ T8508] FAULT_INJECTION: forcing a failure.
[  116.924104][ T8508] name failslab, interval 1, probability 0, space 0, times 0
[  116.936820][ T8508] CPU: 1 UID: 0 PID: 8508 Comm: syz.2.1482 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  116.936847][ T8508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  116.936858][ T8508] Call Trace:
[  116.936865][ T8508]  <TASK>
[  116.936879][ T8508]  __dump_stack+0x1d/0x30
[  116.936979][ T8508]  dump_stack_lvl+0xe8/0x140
[  116.937025][ T8508]  dump_stack+0x15/0x1b
[  116.937042][ T8508]  should_fail_ex+0x265/0x280
[  116.937063][ T8508]  should_failslab+0x8c/0xb0
[  116.937086][ T8508]  kmem_cache_alloc_noprof+0x50/0x310
[  116.937182][ T8508]  ? alloc_empty_file+0x76/0x200
[  116.937288][ T8508]  ? mntput+0x4b/0x80
[  116.937317][ T8508]  alloc_empty_file+0x76/0x200
[  116.937344][ T8508]  path_openat+0x68/0x2170
[  116.937363][ T8508]  ? _parse_integer_limit+0x170/0x190
[  116.937407][ T8508]  ? kstrtoull+0x111/0x140
[  116.937427][ T8508]  ? kstrtouint+0x76/0xc0
[  116.937492][ T8508]  do_filp_open+0x109/0x230
[  116.937518][ T8508]  do_sys_openat2+0xa6/0x110
[  116.937548][ T8508]  __x64_sys_openat+0xf2/0x120
[  116.937596][ T8508]  x64_sys_call+0x2e9c/0x2ff0
[  116.937615][ T8508]  do_syscall_64+0xd2/0x200
[  116.937637][ T8508]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  116.937657][ T8508]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  116.937753][ T8508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.937853][ T8508] RIP: 0033:0x7f349cdfebe9
[  116.937869][ T8508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.937884][ T8508] RSP: 002b:00007f349b85f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  116.937902][ T8508] RAX: ffffffffffffffda RBX: 00007f349d035fa0 RCX: 00007f349cdfebe9
[  116.937914][ T8508] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  116.938001][ T8508] RBP: 00007f349b85f090 R08: 0000000000000000 R09: 0000000000000000
[  116.938013][ T8508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.938026][ T8508] R13: 00007f349d036038 R14: 00007f349d035fa0 R15: 00007ffe6606f3b8
[  116.938119][ T8508]  </TASK>
[  117.214941][ T8530] loop5: detected capacity change from 0 to 512
[  117.242194][ T8530] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.262096][ T8536] netlink: 'syz.2.1490': attribute type 13 has an invalid length.
[  117.272091][ T8528] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #12: comm syz.5.1489: corrupted xattr block 6: invalid header
[  117.306401][ T8528] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=12
[  117.316025][ T8528] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #12: comm syz.5.1489: corrupted xattr block 6: invalid header
[  117.330633][ T8528] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=12
[  117.349370][ T8528] EXT4-fs error (device loop5): ext4_xattr_block_find:1869: inode #12: comm syz.5.1489: corrupted xattr block 6: invalid header
[  117.387876][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.530358][ T8556] siw: device registration error -23
[  117.592943][ T8565] loop5: detected capacity change from 0 to 128
[  118.270457][ T8552] 9pnet_fd: p9_fd_create_tcp (8552): problem connecting socket to 127.0.0.1
[  118.279819][   T29] kauditd_printk_skb: 507 callbacks suppressed
[  118.279833][   T29] audit: type=1326 audit(119.259:8163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  118.308810][   T29] audit: type=1326 audit(119.259:8164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  118.331901][   T29] audit: type=1326 audit(119.259:8165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  118.354757][   T29] audit: type=1326 audit(119.259:8166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8580 comm="syz.0.1505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  118.381608][   T29] audit: type=1326 audit(119.319:8167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.3.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2344f6ebe9 code=0x7ffc0000
[  118.404447][   T29] audit: type=1326 audit(119.319:8168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.3.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2344f6ebe9 code=0x7ffc0000
[  118.427229][   T29] audit: type=1326 audit(119.329:8169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.3.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2344f6ebe9 code=0x7ffc0000
[  118.450027][   T29] audit: type=1326 audit(119.329:8170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.3.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2344f6ebe9 code=0x7ffc0000
[  118.472822][   T29] audit: type=1326 audit(119.329:8171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.3.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2344f6ebe9 code=0x7ffc0000
[  118.495632][   T29] audit: type=1326 audit(119.329:8172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8582 comm="syz.3.1506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2344f6ebe9 code=0x7ffc0000
[  118.520706][ T8583] loop3: detected capacity change from 0 to 512
[  118.541508][ T8583] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.563415][ T8585] siw: device registration error -23
[  118.596500][ T8595] __nla_validate_parse: 3 callbacks suppressed
[  118.596515][ T8595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1509'.
[  118.611716][ T8595] netlink: 'syz.0.1509': attribute type 15 has an invalid length.
[  118.674729][ T8610] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma?
[  118.680048][ T8595] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1509'.
[  118.740647][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.007383][ T8641] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma?
[  119.415987][ T8654] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma?
[  119.636226][ T8670] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma?
[  119.645842][ T8668] loop5: detected capacity change from 0 to 8192
[  119.739720][ T8677] GUP no longer grows the stack in syz.3.1539 (8677): 200000004000-20000000a000 (200000002000)
[  119.750179][ T8677] CPU: 0 UID: 0 PID: 8677 Comm: syz.3.1539 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  119.750268][ T8677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  119.750280][ T8677] Call Trace:
[  119.750287][ T8677]  <TASK>
[  119.750294][ T8677]  __dump_stack+0x1d/0x30
[  119.750313][ T8677]  dump_stack_lvl+0xe8/0x140
[  119.750332][ T8677]  dump_stack+0x15/0x1b
[  119.750346][ T8677]  __get_user_pages+0x198d/0x1fa0
[  119.750377][ T8677]  ? __rcu_read_unlock+0x4f/0x70
[  119.750441][ T8677]  get_user_pages_remote+0x1d5/0x6d0
[  119.750482][ T8677]  __access_remote_vm+0x15c/0x590
[  119.750504][ T8677]  access_remote_vm+0x32/0x40
[  119.750593][ T8677]  proc_pid_cmdline_read+0x32b/0x6c0
[  119.750615][ T8677]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  119.750637][ T8677]  vfs_readv+0x3fb/0x690
[  119.750671][ T8677]  __x64_sys_preadv+0xfd/0x1c0
[  119.750773][ T8677]  x64_sys_call+0x282a/0x2ff0
[  119.750801][ T8677]  do_syscall_64+0xd2/0x200
[  119.750829][ T8677]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.750869][ T8677]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  119.750891][ T8677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.750909][ T8677] RIP: 0033:0x7f2344f6ebe9
[  119.750921][ T8677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.750946][ T8677] RSP: 002b:00007f23439d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  119.750967][ T8677] RAX: ffffffffffffffda RBX: 00007f23451a5fa0 RCX: 00007f2344f6ebe9
[  119.750980][ T8677] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000006
[  119.750992][ T8677] RBP: 00007f2344ff1e19 R08: 0000000000000000 R09: 0000000000000000
[  119.751005][ T8677] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  119.751018][ T8677] R13: 00007f23451a6038 R14: 00007f23451a5fa0 R15: 00007ffe26e9b858
[  119.751037][ T8677]  </TASK>
[  119.947560][ T8677] netlink: 'syz.3.1539': attribute type 21 has an invalid length.
[  119.968407][ T8677] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1539'.
[  119.977481][ T8677] netlink: 'syz.3.1539': attribute type 1 has an invalid length.
[  120.000471][ T8682] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1542'.
[  120.047713][ T8677] lo speed is unknown, defaulting to 1000
[  120.163408][ T8696] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1546'.
[  120.213919][ T8698] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1557'.
[  120.266067][ T8700] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1547'.
[  120.442806][ T8711] loop5: detected capacity change from 0 to 1024
[  120.503918][ T8714] siw: device registration error -23
[  120.587400][ T8711] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.651463][ T8722] netlink: 'syz.3.1554': attribute type 4 has an invalid length.
[  120.701537][ T8722] netlink: 'syz.3.1554': attribute type 4 has an invalid length.
[  121.161686][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.195865][ T8756] loop5: detected capacity change from 0 to 128
[  121.291854][ T8761] netlink: 664 bytes leftover after parsing attributes in process `syz.1.1570'.
[  121.322329][ T8769] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1574'.
[  121.389504][ T8772] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.435032][ T8772] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.469224][ T8777] FAULT_INJECTION: forcing a failure.
[  121.469224][ T8777] name failslab, interval 1, probability 0, space 0, times 0
[  121.481866][ T8777] CPU: 1 UID: 0 PID: 8777 Comm: syz.5.1575 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  121.481987][ T8777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  121.481996][ T8777] Call Trace:
[  121.482001][ T8777]  <TASK>
[  121.482007][ T8777]  __dump_stack+0x1d/0x30
[  121.482025][ T8777]  dump_stack_lvl+0xe8/0x140
[  121.482040][ T8777]  dump_stack+0x15/0x1b
[  121.482053][ T8777]  should_fail_ex+0x265/0x280
[  121.482075][ T8777]  should_failslab+0x8c/0xb0
[  121.482095][ T8777]  kmem_cache_alloc_noprof+0x50/0x310
[  121.482116][ T8777]  ? fib_table_insert+0x1ab/0xeb0
[  121.482142][ T8777]  fib_table_insert+0x1ab/0xeb0
[  121.482165][ T8777]  ? fib_new_table+0xad/0x1c0
[  121.482192][ T8777]  ip_rt_ioctl+0x38d/0x950
[  121.482211][ T8777]  inet_ioctl+0x33f/0x3a0
[  121.482232][ T8777]  sock_do_ioctl+0x73/0x220
[  121.482255][ T8777]  sock_ioctl+0x41b/0x610
[  121.482356][ T8777]  ? __pfx_sock_ioctl+0x10/0x10
[  121.482376][ T8777]  __se_sys_ioctl+0xce/0x140
[  121.482391][ T8777]  __x64_sys_ioctl+0x43/0x50
[  121.482415][ T8777]  x64_sys_call+0x1816/0x2ff0
[  121.482462][ T8777]  do_syscall_64+0xd2/0x200
[  121.482484][ T8777]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  121.482579][ T8777]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  121.482599][ T8777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.482616][ T8777] RIP: 0033:0x7fb4f0f5ebe9
[  121.482628][ T8777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.482642][ T8777] RSP: 002b:00007fb4ef9a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  121.482658][ T8777] RAX: ffffffffffffffda RBX: 00007fb4f1196090 RCX: 00007fb4f0f5ebe9
[  121.482750][ T8777] RDX: 00002000000001c0 RSI: 000000000000890b RDI: 0000000000000005
[  121.482761][ T8777] RBP: 00007fb4ef9a6090 R08: 0000000000000000 R09: 0000000000000000
[  121.482770][ T8777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.482818][ T8777] R13: 00007fb4f1196128 R14: 00007fb4f1196090 R15: 00007ffd3ba0d668
[  121.482833][ T8777]  </TASK>
[  121.714449][ T8772] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.743960][ T8779] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1577'.
[  121.772744][ T8772] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.863450][ T8112] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.889730][ T8112] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.145269][ T8112] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.153643][ T8112] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.300289][ T8796] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma?
[  123.636541][   T29] kauditd_printk_skb: 492 callbacks suppressed
[  123.636553][   T29] audit: type=1326 audit(124.619:8665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8824 comm="syz.5.1593" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x0
[  123.750696][   T29] audit: type=1326 audit(124.739:8666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.0.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  123.778830][   T29] audit: type=1326 audit(124.739:8667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.0.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  123.801747][   T29] audit: type=1326 audit(124.739:8668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.0.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  123.824626][   T29] audit: type=1326 audit(124.739:8669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.0.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  123.847578][   T29] audit: type=1326 audit(124.739:8670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.0.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  123.870418][   T29] audit: type=1326 audit(124.739:8671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.0.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  123.893253][   T29] audit: type=1326 audit(124.739:8672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.0.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  123.916034][   T29] audit: type=1326 audit(124.739:8673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.0.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  123.938810][   T29] audit: type=1326 audit(124.739:8674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.0.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  124.125929][ T8845] siw: device registration error -23
[  124.225550][ T8865] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1607'.
[  124.401475][ T8876] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1612'.
[  124.490837][ T8881] RDS: rds_bind could not find a transport for fe80::28, load rds_tcp or rds_rdma?
[  124.507345][ T8881] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.515568][ T8881] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.527673][ T8881] bridge0: entered allmulticast mode
[  124.619266][ T8885] loop5: detected capacity change from 0 to 8192
[  124.676853][ T8887] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1617'.
[  124.772873][ T8891] loop3: detected capacity change from 0 to 128
[  124.781808][ T8891] EXT4-fs warning (device loop3): ext4_init_metadata_csum:4627: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  124.795382][ T8891] EXT4-fs (loop3): Couldn't mount because of unsupported optional features (fffc1829)
[  124.795582][ T8889] loop5: detected capacity change from 0 to 8192
[  124.889748][ T8897] sch_tbf: burst 1821 is lower than device lo mtu (11337746) !
[  124.898452][ T8899] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1623'.
[  124.926984][ T8901] FAULT_INJECTION: forcing a failure.
[  124.926984][ T8901] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  124.940317][ T8901] CPU: 0 UID: 0 PID: 8901 Comm: syz.1.1624 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  124.940341][ T8901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  124.940375][ T8901] Call Trace:
[  124.940382][ T8901]  <TASK>
[  124.940388][ T8901]  __dump_stack+0x1d/0x30
[  124.940509][ T8901]  dump_stack_lvl+0xe8/0x140
[  124.940524][ T8901]  dump_stack+0x15/0x1b
[  124.940536][ T8901]  should_fail_ex+0x265/0x280
[  124.940552][ T8901]  should_fail_alloc_page+0xf2/0x100
[  124.940572][ T8901]  __alloc_frozen_pages_noprof+0xff/0x360
[  124.940660][ T8901]  alloc_pages_mpol+0xb3/0x250
[  124.940682][ T8901]  alloc_pages_noprof+0x90/0x130
[  124.940782][ T8901]  kimage_alloc_control_pages+0x2ec/0x7d0
[  124.940878][ T8901]  do_kexec_load+0x2c0/0x500
[  124.940913][ T8901]  __se_sys_kexec_load+0x134/0x160
[  124.940928][ T8901]  __x64_sys_kexec_load+0x55/0x70
[  124.941009][ T8901]  x64_sys_call+0x2898/0x2ff0
[  124.941025][ T8901]  do_syscall_64+0xd2/0x200
[  124.941107][ T8901]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  124.941125][ T8901]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  124.941187][ T8901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.941203][ T8901] RIP: 0033:0x7f73d404ebe9
[  124.941215][ T8901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.941287][ T8901] RSP: 002b:00007f73d2ab7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  124.941302][ T8901] RAX: ffffffffffffffda RBX: 00007f73d4285fa0 RCX: 00007f73d404ebe9
[  124.941312][ T8901] RDX: 0000200000000140 RSI: 0000000000000001 RDI: 0000000000000000
[  124.941322][ T8901] RBP: 00007f73d2ab7090 R08: 0000000000000000 R09: 0000000000000000
[  124.941332][ T8901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  124.941341][ T8901] R13: 00007f73d4286038 R14: 00007f73d4285fa0 R15: 00007ffcd2ef0a38
[  124.941356][ T8901]  </TASK>
[  124.941369][ T8901] kexec: Could not allocate control_code_buffer
[  125.038129][ T8904] loop3: detected capacity change from 0 to 1024
[  125.162892][ T8904] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.184544][ T8904] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1625: Allocating blocks 385-513 which overlap fs metadata
[  125.720515][ T8948] loop5: detected capacity change from 0 to 512
[  125.728074][ T8948] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  125.740389][ T8948] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.1638: invalid indirect mapped block 4294967295 (level 0)
[  125.754704][ T8948] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.1638: invalid indirect mapped block 4294967295 (level 1)
[  125.766855][ T8902] EXT4-fs (loop3): pa ffff888107161310: logic 16, phys. 129, len 24
[  125.776630][ T8902] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  125.779580][ T8948] EXT4-fs (loop5): 1 orphan inode deleted
[  125.792420][ T8948] EXT4-fs (loop5): 1 truncate cleaned up
[  125.799212][ T8948] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.815878][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.816059][ T8948] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.1638: iget: bad extra_isize 46 (inode size 256)
[  126.074769][ T8959] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1640'.
[  126.113326][ T8962] team0: Device vxcan3 is of different type
[  126.545419][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.564141][ T8982] FAULT_INJECTION: forcing a failure.
[  126.564141][ T8982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.577287][ T8982] CPU: 1 UID: 0 PID: 8982 Comm: syz.5.1648 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  126.577352][ T8982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  126.577359][ T8982] Call Trace:
[  126.577362][ T8982]  <TASK>
[  126.577366][ T8982]  __dump_stack+0x1d/0x30
[  126.577379][ T8982]  dump_stack_lvl+0xe8/0x140
[  126.577389][ T8982]  dump_stack+0x15/0x1b
[  126.577397][ T8982]  should_fail_ex+0x265/0x280
[  126.577409][ T8982]  should_fail+0xb/0x20
[  126.577456][ T8982]  should_fail_usercopy+0x1a/0x20
[  126.577468][ T8982]  _copy_from_user+0x1c/0xb0
[  126.577488][ T8982]  ip6_tnl_siocdevprivate+0x132/0x920
[  126.577507][ T8982]  dev_ifsioc+0x8f8/0xaa0
[  126.577521][ T8982]  dev_ioctl+0x78d/0x960
[  126.577567][ T8982]  sock_ioctl+0x593/0x610
[  126.577582][ T8982]  ? __pfx_sock_ioctl+0x10/0x10
[  126.577682][ T8982]  __se_sys_ioctl+0xce/0x140
[  126.577701][ T8982]  __x64_sys_ioctl+0x43/0x50
[  126.577730][ T8982]  x64_sys_call+0x1816/0x2ff0
[  126.577743][ T8982]  do_syscall_64+0xd2/0x200
[  126.577804][ T8982]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  126.577817][ T8982]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  126.577837][ T8982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.577899][ T8982] RIP: 0033:0x7fb4f0f5ebe9
[  126.577908][ T8982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.577917][ T8982] RSP: 002b:00007fb4ef9c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  126.577929][ T8982] RAX: ffffffffffffffda RBX: 00007fb4f1195fa0 RCX: 00007fb4f0f5ebe9
[  126.577936][ T8982] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000007
[  126.577942][ T8982] RBP: 00007fb4ef9c7090 R08: 0000000000000000 R09: 0000000000000000
[  126.577949][ T8982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.577982][ T8982] R13: 00007fb4f1196038 R14: 00007fb4f1195fa0 R15: 00007ffd3ba0d668
[  126.578016][ T8982]  </TASK>
[  127.062057][ T9009] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1658'.
[  127.124198][ T9010] loop3: detected capacity change from 0 to 1024
[  127.178580][ T9010] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.287975][ T9018] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  127.346060][ T9018] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.730616][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.756141][ T9023] FAULT_INJECTION: forcing a failure.
[  127.756141][ T9023] name failslab, interval 1, probability 0, space 0, times 0
[  127.768908][ T9023] CPU: 1 UID: 0 PID: 9023 Comm: syz.5.1662 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  127.768935][ T9023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  127.768999][ T9023] Call Trace:
[  127.769006][ T9023]  <TASK>
[  127.769014][ T9023]  __dump_stack+0x1d/0x30
[  127.769034][ T9023]  dump_stack_lvl+0xe8/0x140
[  127.769053][ T9023]  dump_stack+0x15/0x1b
[  127.769071][ T9023]  should_fail_ex+0x265/0x280
[  127.769090][ T9023]  ? proc_do_submiturb+0x83d/0x1d20
[  127.769237][ T9023]  should_failslab+0x8c/0xb0
[  127.769261][ T9023]  __kmalloc_cache_noprof+0x4c/0x320
[  127.769313][ T9023]  proc_do_submiturb+0x83d/0x1d20
[  127.769345][ T9023]  ? proc_do_submiturb+0x151/0x1d20
[  127.769398][ T9023]  ? should_fail_ex+0xdb/0x280
[  127.769420][ T9023]  proc_submiturb+0x7b/0xa0
[  127.769443][ T9023]  usbdev_ioctl+0xcc2/0x1710
[  127.769532][ T9023]  ? __pfx_usbdev_ioctl+0x10/0x10
[  127.769577][ T9023]  __se_sys_ioctl+0xce/0x140
[  127.769593][ T9023]  __x64_sys_ioctl+0x43/0x50
[  127.769621][ T9023]  x64_sys_call+0x1816/0x2ff0
[  127.769718][ T9023]  do_syscall_64+0xd2/0x200
[  127.769786][ T9023]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  127.769810][ T9023]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  127.769857][ T9023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.769876][ T9023] RIP: 0033:0x7fb4f0f5ebe9
[  127.769892][ T9023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.769910][ T9023] RSP: 002b:00007fb4ef9c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  127.769930][ T9023] RAX: ffffffffffffffda RBX: 00007fb4f1195fa0 RCX: 00007fb4f0f5ebe9
[  127.769975][ T9023] RDX: 0000200000000140 RSI: 000000008038550a RDI: 0000000000000005
[  127.769986][ T9023] RBP: 00007fb4ef9c7090 R08: 0000000000000000 R09: 0000000000000000
[  127.769996][ T9023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.770012][ T9023] R13: 00007fb4f1196038 R14: 00007fb4f1195fa0 R15: 00007ffd3ba0d668
[  127.770029][ T9023]  </TASK>
[  128.003870][ T9031] loop5: detected capacity change from 0 to 512
[  128.031873][ T9034] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1667'.
[  128.041939][ T9031] EXT4-fs (loop5): too many log groups per flexible block group
[  128.049741][ T9031] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  128.054744][ T9032] openvswitch: netlink: Message has 6 unknown bytes.
[  128.056865][ T9031] EXT4-fs (loop5): mount failed
[  128.115406][ T9047] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1671'.
[  128.685583][   T29] kauditd_printk_skb: 357 callbacks suppressed
[  128.685640][   T29] audit: type=1326 audit(129.669:9032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9070 comm="syz.1.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  128.742448][ T9066] loop3: detected capacity change from 0 to 8192
[  128.786733][   T29] audit: type=1326 audit(129.699:9033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9070 comm="syz.1.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  128.809566][   T29] audit: type=1326 audit(129.699:9034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9070 comm="syz.1.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  128.832467][   T29] audit: type=1326 audit(129.699:9035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9070 comm="syz.1.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  128.855244][   T29] audit: type=1326 audit(129.699:9036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9070 comm="syz.1.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  128.878098][   T29] audit: type=1326 audit(129.699:9037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9070 comm="syz.1.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  128.900963][   T29] audit: type=1326 audit(129.699:9038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9070 comm="syz.1.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  128.923836][   T29] audit: type=1326 audit(129.699:9039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9070 comm="syz.1.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  128.946741][   T29] audit: type=1326 audit(129.709:9040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9070 comm="syz.1.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  128.969628][   T29] audit: type=1326 audit(129.709:9041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9070 comm="syz.1.1679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f73d404ebe9 code=0x7ffc0000
[  129.050569][ T9076] FAULT_INJECTION: forcing a failure.
[  129.050569][ T9076] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.063728][ T9076] CPU: 0 UID: 0 PID: 9076 Comm: syz.2.1680 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  129.063752][ T9076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  129.063763][ T9076] Call Trace:
[  129.063768][ T9076]  <TASK>
[  129.063775][ T9076]  __dump_stack+0x1d/0x30
[  129.063823][ T9076]  dump_stack_lvl+0xe8/0x140
[  129.063841][ T9076]  dump_stack+0x15/0x1b
[  129.063857][ T9076]  should_fail_ex+0x265/0x280
[  129.063874][ T9076]  should_fail+0xb/0x20
[  129.063946][ T9076]  should_fail_usercopy+0x1a/0x20
[  129.063964][ T9076]  _copy_to_iter+0xd2/0xe70
[  129.063982][ T9076]  ? should_fail_ex+0x30/0x280
[  129.063998][ T9076]  ? __rcu_read_unlock+0x4f/0x70
[  129.064016][ T9076]  ? avc_has_perm_noaudit+0x1b1/0x200
[  129.064045][ T9076]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  129.064065][ T9076]  __skb_datagram_iter+0xc6/0x690
[  129.064087][ T9076]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  129.064165][ T9076]  skb_copy_datagram_iter+0x3d/0x110
[  129.064189][ T9076]  tipc_recvmsg+0x4cc/0x9d0
[  129.064213][ T9076]  ? __pfx_tipc_recvmsg+0x10/0x10
[  129.064232][ T9076]  sock_recvmsg+0x136/0x170
[  129.064294][ T9076]  ____sys_recvmsg+0xf5/0x280
[  129.064375][ T9076]  ___sys_recvmsg+0x11f/0x370
[  129.064406][ T9076]  __x64_sys_recvmsg+0xd1/0x160
[  129.064429][ T9076]  x64_sys_call+0x2b42/0x2ff0
[  129.064450][ T9076]  do_syscall_64+0xd2/0x200
[  129.064556][ T9076]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.064659][ T9076]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  129.064759][ T9076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.064819][ T9076] RIP: 0033:0x7f349cdfebe9
[  129.064831][ T9076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.064853][ T9076] RSP: 002b:00007f349b85f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  129.064870][ T9076] RAX: ffffffffffffffda RBX: 00007f349d035fa0 RCX: 00007f349cdfebe9
[  129.064936][ T9076] RDX: 0000000000000000 RSI: 0000200000000b00 RDI: 0000000000000005
[  129.064947][ T9076] RBP: 00007f349b85f090 R08: 0000000000000000 R09: 0000000000000000
[  129.064957][ T9076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.064967][ T9076] R13: 00007f349d036038 R14: 00007f349d035fa0 R15: 00007ffe6606f3b8
[  129.065036][ T9076]  </TASK>
[  129.359174][ T9077] FAULT_INJECTION: forcing a failure.
[  129.359174][ T9077] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  129.372356][ T9077] CPU: 0 UID: 0 PID: 9077 Comm: syz.1.1679 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  129.372403][ T9077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  129.372415][ T9077] Call Trace:
[  129.372421][ T9077]  <TASK>
[  129.372429][ T9077]  __dump_stack+0x1d/0x30
[  129.372451][ T9077]  dump_stack_lvl+0xe8/0x140
[  129.372471][ T9077]  dump_stack+0x15/0x1b
[  129.372537][ T9077]  should_fail_ex+0x265/0x280
[  129.372559][ T9077]  should_fail+0xb/0x20
[  129.372642][ T9077]  should_fail_usercopy+0x1a/0x20
[  129.372711][ T9077]  strncpy_from_user+0x25/0x230
[  129.372751][ T9077]  ? kmem_cache_alloc_noprof+0x186/0x310
[  129.372804][ T9077]  ? getname_flags+0x80/0x3b0
[  129.372839][ T9077]  getname_flags+0xae/0x3b0
[  129.372867][ T9077]  user_path_at+0x28/0x130
[  129.372904][ T9077]  __se_sys_name_to_handle_at+0xff/0x630
[  129.372930][ T9077]  ? ksys_write+0x192/0x1a0
[  129.372952][ T9077]  __x64_sys_name_to_handle_at+0x67/0x80
[  129.373031][ T9077]  x64_sys_call+0x1552/0x2ff0
[  129.373052][ T9077]  do_syscall_64+0xd2/0x200
[  129.373079][ T9077]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.373106][ T9077]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  129.373132][ T9077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.373164][ T9077] RIP: 0033:0x7f73d404ebe9
[  129.373212][ T9077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.373244][ T9077] RSP: 002b:00007f73d2a96038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  129.373324][ T9077] RAX: ffffffffffffffda RBX: 00007f73d4286090 RCX: 00007f73d404ebe9
[  129.373338][ T9077] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  129.373426][ T9077] RBP: 00007f73d2a96090 R08: 0000000000000000 R09: 0000000000000000
[  129.373439][ T9077] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  129.373452][ T9077] R13: 00007f73d4286128 R14: 00007f73d4286090 R15: 00007ffcd2ef0a38
[  129.373472][ T9077]  </TASK>
[  129.392863][ T9081] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1682'.
[  129.764546][ T9107] loop5: detected capacity change from 0 to 1024
[  129.791000][ T9107] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.899039][ T9118] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1696'.
[  130.043663][ T9123] loop3: detected capacity change from 0 to 1024
[  130.069805][ T9123] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.086894][ T9123] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1698: Allocating blocks 385-513 which overlap fs metadata
[  130.105501][ T9123] EXT4-fs (loop3): pa ffff888107161380: logic 16, phys. 129, len 24
[  130.113570][ T9123] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  130.184543][ T9127] FAULT_INJECTION: forcing a failure.
[  130.184543][ T9127] name failslab, interval 1, probability 0, space 0, times 0
[  130.197195][ T9127] CPU: 0 UID: 0 PID: 9127 Comm: syz.2.1699 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  130.197284][ T9127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  130.197297][ T9127] Call Trace:
[  130.197303][ T9127]  <TASK>
[  130.197311][ T9127]  __dump_stack+0x1d/0x30
[  130.197332][ T9127]  dump_stack_lvl+0xe8/0x140
[  130.197388][ T9127]  dump_stack+0x15/0x1b
[  130.197405][ T9127]  should_fail_ex+0x265/0x280
[  130.197426][ T9127]  should_failslab+0x8c/0xb0
[  130.197507][ T9127]  kmem_cache_alloc_node_noprof+0x57/0x320
[  130.197566][ T9127]  ? __alloc_skb+0x101/0x320
[  130.197582][ T9127]  __alloc_skb+0x101/0x320
[  130.197596][ T9127]  ? audit_log_start+0x365/0x6c0
[  130.197619][ T9127]  audit_log_start+0x380/0x6c0
[  130.197731][ T9127]  audit_seccomp+0x48/0x100
[  130.197755][ T9127]  ? __seccomp_filter+0x68c/0x10d0
[  130.197778][ T9127]  __seccomp_filter+0x69d/0x10d0
[  130.197800][ T9127]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  130.197863][ T9127]  ? vfs_write+0x7e8/0x960
[  130.197883][ T9127]  ? __rcu_read_unlock+0x4f/0x70
[  130.197947][ T9127]  ? __fget_files+0x184/0x1c0
[  130.197994][ T9127]  __secure_computing+0x82/0x150
[  130.198015][ T9127]  syscall_trace_enter+0xcf/0x1e0
[  130.198038][ T9127]  do_syscall_64+0xac/0x200
[  130.198066][ T9127]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.198114][ T9127]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  130.198139][ T9127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.198161][ T9127] RIP: 0033:0x7f349cdfebe9
[  130.198173][ T9127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.198187][ T9127] RSP: 002b:00007f349b85f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  130.198272][ T9127] RAX: ffffffffffffffda RBX: 00007f349d035fa0 RCX: 00007f349cdfebe9
[  130.198293][ T9127] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  130.198380][ T9127] RBP: 00007f349b85f090 R08: 0000000000000000 R09: 0000000000000000
[  130.198391][ T9127] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000001
[  130.198401][ T9127] R13: 00007f349d036038 R14: 00007f349d035fa0 R15: 00007ffe6606f3b8
[  130.198416][ T9127]  </TASK>
[  130.545239][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.562223][ T9141] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1707'.
[  130.584157][ T9144] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  130.627544][ T9148] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1709'.
[  130.795223][ T9158] 9pnet_fd: Insufficient options for proto=fd
[  130.813042][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.950089][ T9177] loop3: detected capacity change from 0 to 128
[  131.682764][ T9209] loop5: detected capacity change from 0 to 8192
[  131.744544][ T9217] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1734'.
[  131.987409][ T9224] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1736'.
[  132.115892][ T9230] loop5: detected capacity change from 0 to 128
[  132.611736][ T9259] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1750'.
[  132.996298][ T9280] loop5: detected capacity change from 0 to 128
[  133.051831][ T9282] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1751'.
[  133.232994][ T9291] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  133.243545][ T9291] loop5: detected capacity change from 0 to 512
[  133.250257][ T9291] EXT4-fs: Ignoring removed nomblk_io_submit option
[  133.256852][ T9291] EXT4-fs: Ignoring removed bh option
[  133.268587][ T9291] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  133.284292][ T9291] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #11: comm syz.5.1765: corrupted inode contents
[  133.299821][ T9291] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #11: comm syz.5.1765: mark_inode_dirty error
[  133.327024][ T9291] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.1765: invalid indirect mapped block 1 (level 1)
[  133.353421][ T9291] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #11: comm syz.5.1765: corrupted inode contents
[  133.375629][ T9291] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  133.398904][ T9291] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #11: comm syz.5.1765: corrupted inode contents
[  133.425353][ T9291] EXT4-fs error (device loop5): ext4_truncate:4666: inode #11: comm syz.5.1765: mark_inode_dirty error
[  133.444775][ T9291] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  133.474756][ T9291] EXT4-fs (loop5): 1 truncate cleaned up
[  133.485019][ T9291] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.534128][ T9326] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1778'.
[  133.555669][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.666748][ T9339] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  133.691381][   T29] kauditd_printk_skb: 451 callbacks suppressed
[  133.691396][   T29] audit: type=1326 audit(134.679:9491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9328 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  133.720196][   T29] audit: type=1326 audit(134.679:9492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9328 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  133.721416][ T9345] loop5: detected capacity change from 0 to 1024
[  133.742544][   T29] audit: type=1326 audit(134.679:9493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9328 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  133.742570][   T29] audit: type=1326 audit(134.679:9494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9328 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  133.750277][ T9345] EXT4-fs: inline encryption not supported
[  133.771197][   T29] audit: type=1326 audit(134.679:9495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9328 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  133.803147][ T9345] EXT4-fs: test_dummy_encryption option not supported
[  133.821279][   T29] audit: type=1326 audit(134.679:9496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9328 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  133.821304][   T29] audit: type=1326 audit(134.679:9497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9328 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  133.821325][   T29] audit: type=1326 audit(134.679:9498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9328 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  133.821345][   T29] audit: type=1326 audit(134.679:9499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9328 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  133.916873][   T29] audit: type=1326 audit(134.679:9500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9328 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  133.982724][ T9355] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1787'.
[  134.199097][ T9370] loop3: detected capacity change from 0 to 128
[  134.402896][ T9377] loop3: detected capacity change from 0 to 8192
[  134.597331][ T9396] loop3: detected capacity change from 0 to 1024
[  134.636400][ T9398] loop5: detected capacity change from 0 to 1024
[  134.665836][ T9398] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.990585][ T9396] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.286746][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.383676][ T9420] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  135.391782][ T9423] __nla_validate_parse: 2 callbacks suppressed
[  135.391830][ T9423] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1812'.
[  135.407400][ T9420] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  135.457363][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.466852][ T9420] loop3: detected capacity change from 0 to 512
[  135.477923][ T9420] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  135.504260][ T9420] EXT4-fs (loop3): 1 truncate cleaned up
[  135.510493][ T9420] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.053853][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.150768][ T9473] loop3: detected capacity change from 0 to 128
[  136.594194][ T9484] loop3: detected capacity change from 0 to 8192
[  136.652495][ T9498] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1840'.
[  136.661493][ T9498] netlink: 'syz.2.1840': attribute type 15 has an invalid length.
[  136.763605][ T9498] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1840'.
[  136.798481][ T9505] loop3: detected capacity change from 0 to 128
[  136.917133][ T9516] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1834'.
[  137.065860][ T9534] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1854'.
[  137.136406][ T9537] loop3: detected capacity change from 0 to 8192
[  137.168505][ T9539] loop5: detected capacity change from 0 to 1024
[  137.212266][ T9539] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.431353][ T9548] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1858'.
[  137.440474][ T9546] loop3: detected capacity change from 0 to 8192
[  137.597884][ T9560] FAULT_INJECTION: forcing a failure.
[  137.597884][ T9560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  137.611044][ T9560] CPU: 0 UID: 0 PID: 9560 Comm: syz.3.1861 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  137.611073][ T9560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  137.611087][ T9560] Call Trace:
[  137.611094][ T9560]  <TASK>
[  137.611108][ T9560]  __dump_stack+0x1d/0x30
[  137.611130][ T9560]  dump_stack_lvl+0xe8/0x140
[  137.611150][ T9560]  dump_stack+0x15/0x1b
[  137.611169][ T9560]  should_fail_ex+0x265/0x280
[  137.611190][ T9560]  should_fail+0xb/0x20
[  137.611216][ T9560]  should_fail_usercopy+0x1a/0x20
[  137.611268][ T9560]  _copy_from_user+0x1c/0xb0
[  137.611292][ T9560]  get_timespec64+0x4c/0x100
[  137.611314][ T9560]  __se_sys_io_pgetevents+0x76/0x2d0
[  137.611343][ T9560]  __x64_sys_io_pgetevents+0x78/0x90
[  137.611368][ T9560]  x64_sys_call+0x223e/0x2ff0
[  137.611446][ T9560]  do_syscall_64+0xd2/0x200
[  137.611471][ T9560]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  137.611493][ T9560]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  137.611533][ T9560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.611553][ T9560] RIP: 0033:0x7f2344f6ebe9
[  137.611567][ T9560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.611583][ T9560] RSP: 002b:00007f23439d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000014d
[  137.611600][ T9560] RAX: ffffffffffffffda RBX: 00007f23451a5fa0 RCX: 00007f2344f6ebe9
[  137.611633][ T9560] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 00007f2343866000
[  137.611646][ T9560] RBP: 00007f23439d7090 R08: 00002000000013c0 R09: 0000000000000000
[  137.611659][ T9560] R10: 0000200000001280 R11: 0000000000000246 R12: 0000000000000001
[  137.611670][ T9560] R13: 00007f23451a6038 R14: 00007f23451a5fa0 R15: 00007ffe26e9b858
[  137.611688][ T9560]  </TASK>
[  137.922198][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.144762][ T9603] loop3: detected capacity change from 0 to 1024
[  138.169923][ T9603] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.593670][ T9629] FAULT_INJECTION: forcing a failure.
[  138.593670][ T9629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.606825][ T9629] CPU: 1 UID: 0 PID: 9629 Comm: syz.1.1888 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  138.606850][ T9629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  138.606862][ T9629] Call Trace:
[  138.606869][ T9629]  <TASK>
[  138.606955][ T9629]  __dump_stack+0x1d/0x30
[  138.607020][ T9629]  dump_stack_lvl+0xe8/0x140
[  138.607094][ T9629]  dump_stack+0x15/0x1b
[  138.607111][ T9629]  should_fail_ex+0x265/0x280
[  138.607132][ T9629]  should_fail+0xb/0x20
[  138.607148][ T9629]  should_fail_usercopy+0x1a/0x20
[  138.607170][ T9629]  copy_fpstate_to_sigframe+0x628/0x7d0
[  138.607254][ T9629]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[  138.607284][ T9629]  ? x86_task_fpu+0x36/0x60
[  138.607358][ T9629]  get_sigframe+0x34d/0x490
[  138.607372][ T9629]  ? get_signal+0xdc8/0xf70
[  138.607403][ T9629]  x64_setup_rt_frame+0xa8/0x580
[  138.607494][ T9629]  arch_do_signal_or_restart+0x27c/0x480
[  138.607519][ T9629]  exit_to_user_mode_loop+0x7a/0x100
[  138.607587][ T9629]  do_syscall_64+0x1d6/0x200
[  138.607705][ T9629]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  138.607728][ T9629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.607763][ T9629] RIP: 0033:0x7f73d404d69f
[  138.607820][ T9629] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  138.607834][ T9629] RSP: 002b:00007f73d2ab7030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  138.607851][ T9629] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 00007f73d404d69f
[  138.607871][ T9629] RDX: 0000000000000001 RSI: 00007f73d2ab7090 RDI: 0000000000000003
[  138.607905][ T9629] RBP: 00007f73d2ab7090 R08: 0000000000000000 R09: 00007f73d2ab6df7
[  138.607916][ T9629] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  138.607927][ T9629] R13: 00007f73d4286038 R14: 00007f73d4285fa0 R15: 00007ffcd2ef0a38
[  138.607947][ T9629]  </TASK>
[  138.859441][   T29] kauditd_printk_skb: 695 callbacks suppressed
[  138.859456][   T29] audit: type=1326 audit(139.849:10196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9591 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  138.888682][   T29] audit: type=1326 audit(139.849:10197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9591 comm="syz.5.1877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  138.912319][ T9640] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1891'.
[  138.921222][ T9640] netlink: 'syz.1.1891': attribute type 15 has an invalid length.
[  138.947058][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.974660][ T9640] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1891'.
[  139.105636][ T9655] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1897'.
[  139.277978][   T29] audit: type=1326 audit(140.259:10198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9671 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349cdfebe9 code=0x7ffc0000
[  139.300877][   T29] audit: type=1326 audit(140.259:10199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9671 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349cdfebe9 code=0x7ffc0000
[  139.385467][   T29] audit: type=1326 audit(140.309:10200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9671 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f349cdfebe9 code=0x7ffc0000
[  139.408351][   T29] audit: type=1326 audit(140.309:10201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9671 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349cdfebe9 code=0x7ffc0000
[  139.431264][   T29] audit: type=1326 audit(140.309:10202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9671 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f349cdfebe9 code=0x7ffc0000
[  139.454043][   T29] audit: type=1326 audit(140.309:10203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9671 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349cdfebe9 code=0x7ffc0000
[  139.476966][   T29] audit: type=1326 audit(140.309:10204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9671 comm="syz.2.1904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349cdfebe9 code=0x7ffc0000
[  139.499862][   T29] audit: type=1400 audit(140.309:10205): avc:  denied  { listen } for  pid=9671 comm="syz.2.1904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  139.611341][ T9687] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1909'.
[  139.647459][ T9691] lo speed is unknown, defaulting to 1000
[  139.756990][ T9704] loop3: detected capacity change from 0 to 1024
[  139.810599][ T9704] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.957902][ T9724] FAULT_INJECTION: forcing a failure.
[  139.957902][ T9724] name failslab, interval 1, probability 0, space 0, times 0
[  139.970645][ T9724] CPU: 0 UID: 0 PID: 9724 Comm: syz.5.1920 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  139.970697][ T9724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  139.970707][ T9724] Call Trace:
[  139.970712][ T9724]  <TASK>
[  139.970718][ T9724]  __dump_stack+0x1d/0x30
[  139.970738][ T9724]  dump_stack_lvl+0xe8/0x140
[  139.970773][ T9724]  dump_stack+0x15/0x1b
[  139.970786][ T9724]  should_fail_ex+0x265/0x280
[  139.970803][ T9724]  should_failslab+0x8c/0xb0
[  139.970824][ T9724]  kmem_cache_alloc_noprof+0x50/0x310
[  139.970846][ T9724]  ? alloc_vfsmnt+0x2d/0x300
[  139.970889][ T9724]  alloc_vfsmnt+0x2d/0x300
[  139.970911][ T9724]  clone_mnt+0x46/0x630
[  139.971090][ T9724]  __do_loopback+0x1ff/0x280
[  139.971116][ T9724]  do_loopback+0x1f7/0x2a0
[  139.971218][ T9724]  path_mount+0x3dc/0xb20
[  139.971235][ T9724]  ? user_path_at+0x109/0x130
[  139.971284][ T9724]  __se_sys_mount+0x28f/0x2e0
[  139.971369][ T9724]  ? fput+0x8f/0xc0
[  139.971443][ T9724]  __x64_sys_mount+0x67/0x80
[  139.971465][ T9724]  x64_sys_call+0x2b4d/0x2ff0
[  139.971486][ T9724]  do_syscall_64+0xd2/0x200
[  139.971513][ T9724]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  139.971550][ T9724]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  139.971570][ T9724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.971591][ T9724] RIP: 0033:0x7fb4f0f5ebe9
[  139.971607][ T9724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.971702][ T9724] RSP: 002b:00007fb4ef9c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  139.971722][ T9724] RAX: ffffffffffffffda RBX: 00007fb4f1195fa0 RCX: 00007fb4f0f5ebe9
[  139.971793][ T9724] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000200000000380
[  139.971806][ T9724] RBP: 00007fb4ef9c7090 R08: 0000000000000000 R09: 0000000000000000
[  139.971819][ T9724] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001
[  139.971832][ T9724] R13: 00007fb4f1196038 R14: 00007fb4f1195fa0 R15: 00007ffd3ba0d668
[  139.971861][ T9724]  </TASK>
[  140.223756][ T9727] lo speed is unknown, defaulting to 1000
[  140.290892][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.378918][ T9720] siw: device registration error -23
[  140.397486][ T9743] __nla_validate_parse: 1 callbacks suppressed
[  140.397535][ T9743] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1928'.
[  140.635272][ T9759] loop3: detected capacity change from 0 to 1024
[  140.679571][ T9759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.745549][ T9770] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1938'.
[  140.821808][ T9774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  140.843869][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.855127][ T9774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.969200][ T9778] loop3: detected capacity change from 0 to 512
[  140.979063][ T9778] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  141.010475][ T9778] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  141.018597][ T9778] System zones: 0-2, 18-18, 34-34
[  141.024802][ T9778] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.038997][ T9778] FAULT_INJECTION: forcing a failure.
[  141.038997][ T9778] name failslab, interval 1, probability 0, space 0, times 0
[  141.051690][ T9778] CPU: 0 UID: 0 PID: 9778 Comm: syz.3.1942 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  141.051719][ T9778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  141.051729][ T9778] Call Trace:
[  141.051735][ T9778]  <TASK>
[  141.051742][ T9778]  __dump_stack+0x1d/0x30
[  141.051766][ T9778]  dump_stack_lvl+0xe8/0x140
[  141.051785][ T9778]  dump_stack+0x15/0x1b
[  141.051802][ T9778]  should_fail_ex+0x265/0x280
[  141.051823][ T9778]  should_failslab+0x8c/0xb0
[  141.051922][ T9778]  kmem_cache_alloc_noprof+0x50/0x310
[  141.051945][ T9778]  ? __es_insert_extent+0x508/0xee0
[  141.051987][ T9778]  __es_insert_extent+0x508/0xee0
[  141.052013][ T9778]  ? ttwu_do_activate+0x1d0/0x210
[  141.052036][ T9778]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  141.052076][ T9778]  ? try_to_wake_up+0x3e7/0x630
[  141.052105][ T9778]  ext4_es_cache_extent+0x276/0x370
[  141.052210][ T9778]  ext4_find_extent+0x336/0x7a0
[  141.052234][ T9778]  ext4_ext_map_blocks+0x11f/0x38a0
[  141.052332][ T9778]  ? loop_queue_rq+0x5e3/0x680
[  141.052360][ T9778]  ? blk_mq_request_issue_directly+0x30a/0x380
[  141.052381][ T9778]  ? blk_mq_issue_direct+0x3b5/0x530
[  141.052406][ T9778]  ? __blk_mq_alloc_requests+0xd86/0xe30
[  141.052480][ T9778]  ? bdev_count_inflight+0xf2/0x130
[  141.052504][ T9778]  ? bsearch+0x95/0xc0
[  141.052531][ T9778]  ? __pfx_cmp_ex_search+0x10/0x10
[  141.052621][ T9778]  ? copy_from_kernel_nofault+0x6a/0x200
[  141.052640][ T9778]  ext4_map_query_blocks+0xa8/0x480
[  141.052665][ T9778]  ext4_map_blocks+0x330/0xd00
[  141.052704][ T9778]  ? xas_load+0x413/0x430
[  141.052724][ T9778]  ? xa_load+0xb1/0xe0
[  141.052750][ T9778]  ext4_getblk+0x114/0x510
[  141.052779][ T9778]  ext4_bread_batch+0x5c/0x320
[  141.052806][ T9778]  __ext4_find_entry+0x840/0xf40
[  141.052833][ T9778]  ? __d_lookup_rcu+0x251/0x2a0
[  141.052900][ T9778]  ? d_alloc_parallel+0xba9/0xc60
[  141.052958][ T9778]  ext4_lookup+0xbb/0x390
[  141.053086][ T9778]  __lookup_slow+0x193/0x250
[  141.053175][ T9778]  lookup_slow+0x3c/0x60
[  141.053197][ T9778]  walk_component+0x1ec/0x220
[  141.053220][ T9778]  path_lookupat+0xfe/0x2a0
[  141.053266][ T9778]  filename_lookup+0x147/0x340
[  141.053351][ T9778]  do_linkat+0xd2/0x600
[  141.053371][ T9778]  ? should_fail_usercopy+0x1a/0x20
[  141.053438][ T9778]  ? strncpy_from_user+0x13a/0x230
[  141.053468][ T9778]  __x64_sys_link+0x58/0x70
[  141.053556][ T9778]  x64_sys_call+0x12a7/0x2ff0
[  141.053617][ T9778]  do_syscall_64+0xd2/0x200
[  141.053643][ T9778]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  141.053662][ T9778]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  141.053713][ T9778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.053788][ T9778] RIP: 0033:0x7f2344f6ebe9
[  141.053803][ T9778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.053820][ T9778] RSP: 002b:00007f23439d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  141.053841][ T9778] RAX: ffffffffffffffda RBX: 00007f23451a5fa0 RCX: 00007f2344f6ebe9
[  141.053853][ T9778] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000200000000200
[  141.053866][ T9778] RBP: 00007f23439d7090 R08: 0000000000000000 R09: 0000000000000000
[  141.053952][ T9778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.053962][ T9778] R13: 00007f23451a6038 R14: 00007f23451a5fa0 R15: 00007ffe26e9b858
[  141.053978][ T9778]  </TASK>
[  141.055406][ T9778] EXT4-fs error (device loop3): ext4_find_dest_de:2052: inode #2: block 3: comm syz.3.1942: bad entry in directory: inode out of bounds - offset=24, inode=65527, rec_len=20, size=4096 fake=0
[  141.415284][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.488271][ T9784] loop3: detected capacity change from 0 to 2048
[  141.499622][ T9788] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1947'.
[  141.549737][ T9784] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.627820][ T9799] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.636703][ T9799] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.651339][ T9799] loop5: detected capacity change from 0 to 512
[  141.662361][ T9799] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  141.675253][ T9799] EXT4-fs (loop5): 1 truncate cleaned up
[  141.682547][ T9799] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.824436][ T9812] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1953'.
[  141.833351][ T9812] netlink: 'syz.2.1953': attribute type 15 has an invalid length.
[  141.888339][ T9812] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1953'.
[  141.953206][ T9800] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1945: bg 0: block 234: padding at end of block bitmap is not set
[  141.967893][ T9800] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  141.980331][ T9800] EXT4-fs (loop3): This should not happen!! Data will be lost
[  141.980331][ T9800] 
[  141.989986][ T9800] EXT4-fs (loop3): Total free blocks count 0
[  141.995941][ T9800] EXT4-fs (loop3): Free/Dirty block details
[  142.001906][ T9800] EXT4-fs (loop3): free_blocks=0
[  142.006844][ T9800] EXT4-fs (loop3): dirty_blocks=8208
[  142.012134][ T9800] EXT4-fs (loop3): Block reservation details
[  142.018100][ T9800] EXT4-fs (loop3): i_reserved_data_blocks=513
[  142.054613][ T8121] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  142.142349][ T9837] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1962'.
[  142.204503][ T9845] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  142.238427][ T9848] loop3: detected capacity change from 0 to 1024
[  142.277789][ T9848] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.294452][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.641124][ T9896] capability: warning: `syz.2.1983' uses 32-bit capabilities (legacy support in use)
[  142.766069][ T9919] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1985'.
[  143.007504][ T9952] tmpfs: Bad value for 'mpol'
[  143.013463][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.128405][ T9970] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1999'.
[  143.234994][ T9980] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.244931][ T9980] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.266890][ T9985] loop3: detected capacity change from 0 to 1024
[  143.280512][ T9985] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.296932][ T9985] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2001: Allocating blocks 385-513 which overlap fs metadata
[  143.321695][ T9985] EXT4-fs (loop3): pa ffff8881071613f0: logic 16, phys. 129, len 24
[  143.329858][ T9985] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  143.502027][T10010] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2013'.
[  143.884048][T10030] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2019'.
[  143.935830][T10030] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.945695][T10030] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.972129][   T10] lo speed is unknown, defaulting to 1000
[  143.972615][ T8121] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  143.977867][   T10] syz0: Port: 1 Link DOWN
[  143.991043][ T8121] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  144.000970][ T8121] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  144.009873][ T8121] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  144.018964][ T8121] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  144.027887][ T8121] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  144.036930][ T8121] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  144.045827][ T8121] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  144.055712][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.079078][   T29] kauditd_printk_skb: 456 callbacks suppressed
[  144.079089][   T29] audit: type=1400 audit(145.069:10662): avc:  denied  { create } for  pid=10032 comm="syz.3.2020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  144.133173][   T29] audit: type=1326 audit(145.119:10663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10036 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2344f6ebe9 code=0x7ffc0000
[  144.167931][   T29] audit: type=1326 audit(145.139:10664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10036 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f2344f6ebe9 code=0x7ffc0000
[  144.191037][   T29] audit: type=1326 audit(145.139:10665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10036 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2344f6ebe9 code=0x7ffc0000
[  144.323786][T10056] lo speed is unknown, defaulting to 1000
[  144.361128][   T29] audit: type=1400 audit(145.349:10666): avc:  denied  { mount } for  pid=10055 comm="+}[@" name="/" dev="configfs" ino=2127 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  144.383036][   T29] audit: type=1400 audit(145.349:10667): avc:  denied  { getopt } for  pid=10055 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  144.466576][T10061] loop3: detected capacity change from 0 to 128
[  144.543664][   T29] audit: type=1326 audit(145.529:10668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10063 comm="syz.5.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  144.566687][   T29] audit: type=1326 audit(145.529:10669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10063 comm="syz.5.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  144.599687][   T29] audit: type=1326 audit(145.579:10670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10063 comm="syz.5.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  144.622816][   T29] audit: type=1326 audit(145.579:10671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10063 comm="syz.5.2033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  144.924312][T10079] FAULT_INJECTION: forcing a failure.
[  144.924312][T10079] name failslab, interval 1, probability 0, space 0, times 0
[  144.937408][T10079] CPU: 0 UID: 0 PID: 10079 Comm: syz.3.2037 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  144.937432][T10079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  144.937444][T10079] Call Trace:
[  144.937449][T10079]  <TASK>
[  144.937455][T10079]  __dump_stack+0x1d/0x30
[  144.937475][T10079]  dump_stack_lvl+0xe8/0x140
[  144.937517][T10079]  dump_stack+0x15/0x1b
[  144.937531][T10079]  should_fail_ex+0x265/0x280
[  144.937550][T10079]  should_failslab+0x8c/0xb0
[  144.937617][T10079]  __kvmalloc_node_noprof+0x123/0x4e0
[  144.937644][T10079]  ? page_pool_create_percpu+0x239/0x650
[  144.937728][T10079]  page_pool_create_percpu+0x239/0x650
[  144.937757][T10079]  page_pool_create+0x1a/0x30
[  144.937784][T10079]  bpf_test_run_xdp_live+0x12e/0xfe0
[  144.937846][T10079]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  144.937950][T10079]  ? __pfx_autoremove_wake_function+0x10/0x10
[  144.937981][T10079]  ? 0xffffffffa02054c0
[  144.937999][T10079]  ? synchronize_rcu+0x45/0x320
[  144.938025][T10079]  ? 0xffffffffa02054c0
[  144.938037][T10079]  ? 0xffffffffa02054c0
[  144.938050][T10079]  ? bpf_dispatcher_change_prog+0x6ec/0x7f0
[  144.938077][T10079]  ? 0xffffffffa0207a18
[  144.938125][T10079]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  144.938150][T10079]  bpf_prog_test_run_xdp+0x4f5/0x910
[  144.938190][T10079]  ? __rcu_read_unlock+0x4f/0x70
[  144.938212][T10079]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  144.938231][T10079]  bpf_prog_test_run+0x22a/0x390
[  144.938338][T10079]  __sys_bpf+0x4b9/0x7b0
[  144.938367][T10079]  __x64_sys_bpf+0x41/0x50
[  144.938466][T10079]  x64_sys_call+0x2aea/0x2ff0
[  144.938486][T10079]  do_syscall_64+0xd2/0x200
[  144.938511][T10079]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  144.938533][T10079]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  144.938557][T10079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.938613][T10079] RIP: 0033:0x7f2344f6ebe9
[  144.938639][T10079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.938653][T10079] RSP: 002b:00007f23439b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  144.938671][T10079] RAX: ffffffffffffffda RBX: 00007f23451a6090 RCX: 00007f2344f6ebe9
[  144.938683][T10079] RDX: 0000000000000050 RSI: 0000200000000500 RDI: 000000000000000a
[  144.938695][T10079] RBP: 00007f23439b6090 R08: 0000000000000000 R09: 0000000000000000
[  144.938708][T10079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.938719][T10079] R13: 00007f23451a6128 R14: 00007f23451a6090 R15: 00007ffe26e9b858
[  144.938816][T10079]  </TASK>
[  145.189661][T10079] page_pool_create_percpu() gave up with errno -12
[  145.665155][T10101] loop3: detected capacity change from 0 to 2048
[  145.703193][T10101] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.813459][T10112] IPv6: Can't replace route, no match found
[  145.842398][T10112] loop5: detected capacity change from 0 to 1024
[  145.891289][T10112] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  145.917982][T10112] __nla_validate_parse: 130 callbacks suppressed
[  145.918051][T10112] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2049'.
[  145.945409][T10110] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2045: bg 0: block 234: padding at end of block bitmap is not set
[  145.967466][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  145.967464][T10110] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  145.967491][T10110] EXT4-fs (loop3): This should not happen!! Data will be lost
[  145.967491][T10110] 
[  145.967501][T10110] EXT4-fs (loop3): Total free blocks count 0
[  145.967511][T10110] EXT4-fs (loop3): Free/Dirty block details
[  145.967521][T10110] EXT4-fs (loop3): free_blocks=0
[  145.967531][T10110] EXT4-fs (loop3): dirty_blocks=8208
[  145.967543][T10110] EXT4-fs (loop3): Block reservation details
[  146.026849][T10110] EXT4-fs (loop3): i_reserved_data_blocks=513
[  146.050496][T10117] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2050'.
[  146.090543][ T8121] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  146.146734][T10121] FAULT_INJECTION: forcing a failure.
[  146.146734][T10121] name failslab, interval 1, probability 0, space 0, times 0
[  146.159413][T10121] CPU: 0 UID: 0 PID: 10121 Comm: syz.5.2053 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  146.159436][T10121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  146.159518][T10121] Call Trace:
[  146.159524][T10121]  <TASK>
[  146.159530][T10121]  __dump_stack+0x1d/0x30
[  146.159552][T10121]  dump_stack_lvl+0xe8/0x140
[  146.159571][T10121]  dump_stack+0x15/0x1b
[  146.159585][T10121]  should_fail_ex+0x265/0x280
[  146.159610][T10121]  should_failslab+0x8c/0xb0
[  146.159633][T10121]  kmem_cache_alloc_noprof+0x50/0x310
[  146.159659][T10121]  ? getname_flags+0x80/0x3b0
[  146.159706][T10121]  getname_flags+0x80/0x3b0
[  146.159734][T10121]  user_path_at+0x28/0x130
[  146.159757][T10121]  __x64_sys_umount+0x85/0xe0
[  146.159773][T10121]  x64_sys_call+0xdd2/0x2ff0
[  146.159806][T10121]  do_syscall_64+0xd2/0x200
[  146.159832][T10121]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  146.159853][T10121]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  146.159873][T10121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.159952][T10121] RIP: 0033:0x7fb4f0f5ebe9
[  146.159966][T10121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.159989][T10121] RSP: 002b:00007fb4ef9c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  146.160050][T10121] RAX: ffffffffffffffda RBX: 00007fb4f1195fa0 RCX: 00007fb4f0f5ebe9
[  146.160062][T10121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000002c0
[  146.160075][T10121] RBP: 00007fb4ef9c7090 R08: 0000000000000000 R09: 0000000000000000
[  146.160161][T10121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.160172][T10121] R13: 00007fb4f1196038 R14: 00007fb4f1195fa0 R15: 00007ffd3ba0d668
[  146.160188][T10121]  </TASK>
[  146.438842][T10131] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2055'.
[  146.447874][T10131] netlink: 'syz.3.2055': attribute type 15 has an invalid length.
[  146.471662][T10131] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2055'.
[  146.985604][T10152] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2061'.
[  146.994710][T10152] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2061'.
[  147.003669][T10152] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2061'.
[  147.019555][T10152] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2061'.
[  147.086844][T10159] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2066'.
[  147.956294][T10203] FAULT_INJECTION: forcing a failure.
[  147.956294][T10203] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.969570][T10203] CPU: 1 UID: 0 PID: 10203 Comm: syz.2.2075 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  147.969669][T10203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  147.969681][T10203] Call Trace:
[  147.969686][T10203]  <TASK>
[  147.969693][T10203]  __dump_stack+0x1d/0x30
[  147.969715][T10203]  dump_stack_lvl+0xe8/0x140
[  147.969845][T10203]  dump_stack+0x15/0x1b
[  147.969862][T10203]  should_fail_ex+0x265/0x280
[  147.969883][T10203]  should_fail+0xb/0x20
[  147.969897][T10203]  should_fail_usercopy+0x1a/0x20
[  147.969969][T10203]  _copy_from_user+0x1c/0xb0
[  147.969996][T10203]  ___sys_sendmsg+0xc1/0x1d0
[  147.970030][T10203]  __x64_sys_sendmsg+0xd4/0x160
[  147.970118][T10203]  x64_sys_call+0x191e/0x2ff0
[  147.970136][T10203]  do_syscall_64+0xd2/0x200
[  147.970162][T10203]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  147.970186][T10203]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  147.970289][T10203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.970306][T10203] RIP: 0033:0x7f349cdfebe9
[  147.970320][T10203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.970337][T10203] RSP: 002b:00007f349b85f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  147.970353][T10203] RAX: ffffffffffffffda RBX: 00007f349d035fa0 RCX: 00007f349cdfebe9
[  147.970392][T10203] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000006
[  147.970405][T10203] RBP: 00007f349b85f090 R08: 0000000000000000 R09: 0000000000000000
[  147.970417][T10203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.970439][T10203] R13: 00007f349d036038 R14: 00007f349d035fa0 R15: 00007ffe6606f3b8
[  147.970458][T10203]  </TASK>
[  148.334340][T10206] siw: device registration error -23
[  148.443126][T10218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.469809][T10218] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.542567][T10218] loop3: detected capacity change from 0 to 512
[  148.583495][T10218] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  148.596373][T10220] loop5: detected capacity change from 0 to 2048
[  148.605118][T10218] EXT4-fs (loop3): 1 truncate cleaned up
[  148.624320][T10218] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.639205][T10220] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.877586][T10231] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2087: bg 0: block 234: padding at end of block bitmap is not set
[  148.892838][T10231] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  148.905387][T10231] EXT4-fs (loop5): This should not happen!! Data will be lost
[  148.905387][T10231] 
[  148.915031][T10231] EXT4-fs (loop5): Total free blocks count 0
[  148.921021][T10231] EXT4-fs (loop5): Free/Dirty block details
[  148.926904][T10231] EXT4-fs (loop5): free_blocks=0
[  148.931840][T10231] EXT4-fs (loop5): dirty_blocks=8208
[  148.937108][T10231] EXT4-fs (loop5): Block reservation details
[  148.943106][T10231] EXT4-fs (loop5): i_reserved_data_blocks=513
[  148.972355][ T8136] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  149.067556][T10236] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2091'.
[  149.097219][   T29] kauditd_printk_skb: 331 callbacks suppressed
[  149.097231][   T29] audit: type=1326 audit(150.079:11003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.5.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  149.128735][   T29] audit: type=1326 audit(150.109:11004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.5.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  149.151719][   T29] audit: type=1326 audit(150.109:11005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.5.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  149.174713][   T29] audit: type=1326 audit(150.109:11006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.5.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  149.197745][   T29] audit: type=1326 audit(150.109:11007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.5.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  149.220747][   T29] audit: type=1326 audit(150.109:11008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.5.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  149.243812][   T29] audit: type=1326 audit(150.109:11009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.5.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  149.266779][   T29] audit: type=1326 audit(150.109:11010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.5.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  149.289738][   T29] audit: type=1326 audit(150.109:11011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.5.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  149.312718][   T29] audit: type=1326 audit(150.109:11012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10237 comm="syz.5.2090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4f0f5ebe9 code=0x7ffc0000
[  149.354656][T10245] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  149.361266][T10245] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  149.368783][T10245] vhci_hcd vhci_hcd.0: Device attached
[  149.376262][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.397435][T10252] FAULT_INJECTION: forcing a failure.
[  149.397435][T10252] name failslab, interval 1, probability 0, space 0, times 0
[  149.410357][T10252] CPU: 1 UID: 0 PID: 10252 Comm: syz.3.2094 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  149.410384][T10252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  149.410474][T10252] Call Trace:
[  149.410480][T10252]  <TASK>
[  149.410488][T10252]  __dump_stack+0x1d/0x30
[  149.410586][T10252]  dump_stack_lvl+0xe8/0x140
[  149.410606][T10252]  dump_stack+0x15/0x1b
[  149.410623][T10252]  should_fail_ex+0x265/0x280
[  149.410644][T10252]  should_failslab+0x8c/0xb0
[  149.410669][T10252]  kmem_cache_alloc_node_noprof+0x57/0x320
[  149.410747][T10252]  ? __alloc_skb+0x101/0x320
[  149.410766][T10252]  ? tcp_chrono_stop+0x19d/0x210
[  149.410788][T10252]  __alloc_skb+0x101/0x320
[  149.410805][T10252]  ? __rcu_read_unlock+0x34/0x70
[  149.410827][T10252]  tcp_stream_alloc_skb+0x2d/0x1d0
[  149.410861][T10252]  tcp_connect+0xce9/0x2290
[  149.410888][T10252]  ? tcp_fastopen_defer_connect+0x69/0x1e0
[  149.410988][T10252]  tcp_v4_connect+0xa0b/0xad0
[  149.411036][T10252]  mptcp_connect+0x586/0x890
[  149.411067][T10252]  __inet_stream_connect+0x169/0x7e0
[  149.411089][T10252]  ? _raw_spin_unlock_bh+0x36/0x40
[  149.411158][T10252]  ? release_sock+0x116/0x150
[  149.411248][T10252]  ? _raw_spin_unlock_bh+0x36/0x40
[  149.411265][T10252]  ? lock_sock_nested+0x112/0x140
[  149.411287][T10252]  ? selinux_netlbl_socket_connect+0x115/0x130
[  149.411385][T10252]  inet_stream_connect+0x44/0x70
[  149.411463][T10252]  ? __pfx_inet_stream_connect+0x10/0x10
[  149.411481][T10252]  __sys_connect+0x1ef/0x2b0
[  149.411499][T10252]  __x64_sys_connect+0x3f/0x50
[  149.411513][T10252]  x64_sys_call+0x2c08/0x2ff0
[  149.411530][T10252]  do_syscall_64+0xd2/0x200
[  149.411578][T10252]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  149.411669][T10252]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  149.411694][T10252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.411734][T10252] RIP: 0033:0x7f2344f6ebe9
[  149.411747][T10252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.411761][T10252] RSP: 002b:00007f23439d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  149.411776][T10252] RAX: ffffffffffffffda RBX: 00007f23451a5fa0 RCX: 00007f2344f6ebe9
[  149.411786][T10252] RDX: 0000000000000010 RSI: 00002000000009c0 RDI: 0000000000000005
[  149.411797][T10252] RBP: 00007f23439d7090 R08: 0000000000000000 R09: 0000000000000000
[  149.411842][T10252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.411852][T10252] R13: 00007f23451a6038 R14: 00007f23451a5fa0 R15: 00007ffe26e9b858
[  149.411867][T10252]  </TASK>
[  149.733526][T10263] netlink: 'syz.0.2096': attribute type 13 has an invalid length.
[  149.766453][T10267] loop3: detected capacity change from 0 to 2048
[  149.783490][T10267] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.798683][ T3395] usb 3-1: new low-speed USB device number 2 using vhci_hcd
[  149.881548][T10246] vhci_hcd: connection reset by peer
[  149.897796][ T8095] vhci_hcd: stop threads
[  149.902098][ T8095] vhci_hcd: release socket
[  149.906497][ T8095] vhci_hcd: disconnect device
[  150.056537][T10273] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2102: bg 0: block 234: padding at end of block bitmap is not set
[  150.073276][T10273] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  150.085754][T10273] EXT4-fs (loop3): This should not happen!! Data will be lost
[  150.085754][T10273] 
[  150.095436][T10273] EXT4-fs (loop3): Total free blocks count 0
[  150.101446][T10273] EXT4-fs (loop3): Free/Dirty block details
[  150.107320][T10273] EXT4-fs (loop3): free_blocks=0
[  150.112288][T10273] EXT4-fs (loop3): dirty_blocks=8208
[  150.117564][T10273] EXT4-fs (loop3): Block reservation details
[  150.123577][T10273] EXT4-fs (loop3): i_reserved_data_blocks=513
[  150.161591][ T8114] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  150.197020][T10283] loop5: detected capacity change from 0 to 512
[  150.219922][T10283] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  150.228052][T10283] System zones: 0-2, 18-18, 34-35
[  150.233954][T10283] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.264482][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.313536][T10291] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  150.320048][T10291] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  150.327648][T10291] vhci_hcd vhci_hcd.0: Device attached
[  150.336408][T10292] vhci_hcd: connection closed
[  150.336453][ T8136] vhci_hcd: stop threads
[  150.345518][ T8136] vhci_hcd: release socket
[  150.349934][ T8136] vhci_hcd: disconnect device
[  150.410827][T10296] FAULT_INJECTION: forcing a failure.
[  150.410827][T10296] name failslab, interval 1, probability 0, space 0, times 0
[  150.423543][T10296] CPU: 1 UID: 0 PID: 10296 Comm: syz.3.2111 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  150.423568][T10296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  150.423580][T10296] Call Trace:
[  150.423587][T10296]  <TASK>
[  150.423595][T10296]  __dump_stack+0x1d/0x30
[  150.423649][T10296]  dump_stack_lvl+0xe8/0x140
[  150.423659][T10296]  dump_stack+0x15/0x1b
[  150.423668][T10296]  should_fail_ex+0x265/0x280
[  150.423689][T10296]  should_failslab+0x8c/0xb0
[  150.423702][T10296]  kmem_cache_alloc_node_noprof+0x57/0x320
[  150.423718][T10296]  ? __alloc_skb+0x101/0x320
[  150.423729][T10296]  __alloc_skb+0x101/0x320
[  150.423811][T10296]  netlink_alloc_large_skb+0xba/0xf0
[  150.423901][T10296]  netlink_sendmsg+0x3cf/0x6b0
[  150.423914][T10296]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.423926][T10296]  __sock_sendmsg+0x145/0x180
[  150.423941][T10296]  ____sys_sendmsg+0x31e/0x4e0
[  150.424022][T10296]  ___sys_sendmsg+0x17b/0x1d0
[  150.424040][T10296]  __x64_sys_sendmsg+0xd4/0x160
[  150.424054][T10296]  x64_sys_call+0x191e/0x2ff0
[  150.424099][T10296]  do_syscall_64+0xd2/0x200
[  150.424114][T10296]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  150.424127][T10296]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  150.424204][T10296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.424216][T10296] RIP: 0033:0x7f2344f6ebe9
[  150.424225][T10296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.424235][T10296] RSP: 002b:00007f23439d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  150.424309][T10296] RAX: ffffffffffffffda RBX: 00007f23451a5fa0 RCX: 00007f2344f6ebe9
[  150.424316][T10296] RDX: 000000000000c000 RSI: 0000200000000080 RDI: 0000000000000003
[  150.424323][T10296] RBP: 00007f23439d7090 R08: 0000000000000000 R09: 0000000000000000
[  150.424329][T10296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.424336][T10296] R13: 00007f23451a6038 R14: 00007f23451a5fa0 R15: 00007ffe26e9b858
[  150.424346][T10296]  </TASK>
[  150.700193][T10309] vxcan1 speed is unknown, defaulting to 1000
[  150.716411][T10309] vxcan1 speed is unknown, defaulting to 1000
[  150.724119][T10309] vxcan1 speed is unknown, defaulting to 1000
[  150.735639][T10313] loop3: detected capacity change from 0 to 128
[  150.765259][T10309] infiniband syz2: set down
[  150.769875][T10309] infiniband syz2: added vxcan1
[  150.778956][ T3392] vxcan1 speed is unknown, defaulting to 1000
[  150.813187][T10309] RDS/IB: syz2: added
[  150.817365][T10309] smc: adding ib device syz2 with port count 1
[  150.823741][T10309] smc:    ib device syz2 port 1 has pnetid 
[  150.829814][   T36] vxcan1 speed is unknown, defaulting to 1000
[  150.835901][T10309] vxcan1 speed is unknown, defaulting to 1000
[  150.881745][T10309] vxcan1 speed is unknown, defaulting to 1000
[  150.938131][T10309] vxcan1 speed is unknown, defaulting to 1000
[  150.971221][T10309] vxcan1 speed is unknown, defaulting to 1000
[  151.005603][T10309] vxcan1 speed is unknown, defaulting to 1000
[  151.065762][T10325] loop3: detected capacity change from 0 to 512
[  151.076283][T10325] EXT4-fs: Ignoring removed mblk_io_submit option
[  151.080429][T10327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.091781][T10325] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  151.093802][T10329] netlink: 'syz.5.2125': attribute type 29 has an invalid length.
[  151.107845][T10327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.147509][T10325] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e002c018, mo2=0002]
[  151.155533][T10325] System zones: 1-12
[  151.174328][T10325] EXT4-fs (loop3): 1 truncate cleaned up
[  151.181717][T10325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.197562][T10325] EXT4-fs (loop3): shut down requested (0)
[  151.205819][T10325] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  151.215226][T10325] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  151.231514][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.304740][T10342] loop5: detected capacity change from 0 to 512
[  151.312142][T10342] EXT4-fs: Ignoring removed mblk_io_submit option
[  151.330070][T10342] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  151.346365][T10342] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e002c018, mo2=0002]
[  151.358064][T10342] System zones: 1-12
[  151.362529][T10342] EXT4-fs (loop5): 1 truncate cleaned up
[  151.368609][T10342] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.497556][T10360] __nla_validate_parse: 4 callbacks suppressed
[  151.497571][T10360] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2136'.
[  151.500609][T10359] loop3: detected capacity change from 0 to 1024
[  151.544859][T10359] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.584758][T10359] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2135: Allocating blocks 385-513 which overlap fs metadata
[  151.621770][T10359] EXT4-fs (loop3): pa ffff888107161380: logic 16, phys. 129, len 24
[  151.629903][T10359] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  151.782089][T10371] FAULT_INJECTION: forcing a failure.
[  151.782089][T10371] name failslab, interval 1, probability 0, space 0, times 0
[  151.794804][T10371] CPU: 1 UID: 0 PID: 10371 Comm: syz.2.2140 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  151.794832][T10371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  151.794842][T10371] Call Trace:
[  151.794848][T10371]  <TASK>
[  151.794889][T10371]  __dump_stack+0x1d/0x30
[  151.794987][T10371]  dump_stack_lvl+0xe8/0x140
[  151.795004][T10371]  dump_stack+0x15/0x1b
[  151.795017][T10371]  should_fail_ex+0x265/0x280
[  151.795035][T10371]  should_failslab+0x8c/0xb0
[  151.795056][T10371]  __kmalloc_noprof+0xa5/0x3e0
[  151.795082][T10371]  ? taskstats_user_cmd+0x2de/0x8a0
[  151.795168][T10371]  taskstats_user_cmd+0x2de/0x8a0
[  151.795190][T10371]  ? genl_family_rcv_msg_attrs_parse+0x13b/0x190
[  151.795226][T10371]  ? genl_family_rcv_msg_attrs_parse+0x184/0x190
[  151.795295][T10371]  genl_family_rcv_msg_doit+0x140/0x1b0
[  151.795328][T10371]  genl_rcv_msg+0x422/0x460
[  151.795392][T10371]  ? __pfx_taskstats_user_cmd+0x10/0x10
[  151.795422][T10371]  netlink_rcv_skb+0x123/0x220
[  151.795441][T10371]  ? __pfx_genl_rcv_msg+0x10/0x10
[  151.795541][T10371]  genl_rcv+0x28/0x40
[  151.795565][T10371]  netlink_unicast+0x5bd/0x690
[  151.795586][T10371]  netlink_sendmsg+0x58b/0x6b0
[  151.795612][T10371]  ? __pfx_netlink_sendmsg+0x10/0x10
[  151.795715][T10371]  __sock_sendmsg+0x145/0x180
[  151.795742][T10371]  ____sys_sendmsg+0x31e/0x4e0
[  151.795762][T10371]  ___sys_sendmsg+0x17b/0x1d0
[  151.795790][T10371]  __x64_sys_sendmsg+0xd4/0x160
[  151.795874][T10371]  x64_sys_call+0x191e/0x2ff0
[  151.795895][T10371]  do_syscall_64+0xd2/0x200
[  151.795919][T10371]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  151.795942][T10371]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  151.795980][T10371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.796001][T10371] RIP: 0033:0x7f349cdfebe9
[  151.796016][T10371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.796091][T10371] RSP: 002b:00007f349b85f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  151.796109][T10371] RAX: ffffffffffffffda RBX: 00007f349d035fa0 RCX: 00007f349cdfebe9
[  151.796119][T10371] RDX: 000000000000c000 RSI: 0000200000000080 RDI: 0000000000000003
[  151.796202][T10371] RBP: 00007f349b85f090 R08: 0000000000000000 R09: 0000000000000000
[  151.796212][T10371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.796223][T10371] R13: 00007f349d036038 R14: 00007f349d035fa0 R15: 00007ffe6606f3b8
[  151.796242][T10371]  </TASK>
[  152.096388][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.268517][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.485394][T10404] loop5: detected capacity change from 0 to 1024
[  152.519471][T10404] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.539958][T10404] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.2150: Allocating blocks 385-513 which overlap fs metadata
[  152.566918][T10404] EXT4-fs (loop5): pa ffff888107266850: logic 16, phys. 129, len 24
[  152.574970][T10404] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  152.764740][T10411] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  152.798798][T10411] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.824512][T10411] loop3: detected capacity change from 0 to 512
[  152.853389][T10411] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  152.888811][T10411] EXT4-fs (loop3): 1 truncate cleaned up
[  152.894880][T10411] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.120034][T10433] FAULT_INJECTION: forcing a failure.
[  153.120034][T10433] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.133250][T10433] CPU: 1 UID: 0 PID: 10433 Comm: syz.2.2164 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  153.133278][T10433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  153.133289][T10433] Call Trace:
[  153.133295][T10433]  <TASK>
[  153.133303][T10433]  __dump_stack+0x1d/0x30
[  153.133369][T10433]  dump_stack_lvl+0xe8/0x140
[  153.133385][T10433]  dump_stack+0x15/0x1b
[  153.133398][T10433]  should_fail_ex+0x265/0x280
[  153.133418][T10433]  should_fail+0xb/0x20
[  153.133448][T10433]  should_fail_usercopy+0x1a/0x20
[  153.133466][T10433]  _copy_to_user+0x20/0xa0
[  153.133488][T10433]  simple_read_from_buffer+0xb5/0x130
[  153.133566][T10433]  proc_fail_nth_read+0x10e/0x150
[  153.133589][T10433]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  153.133610][T10433]  vfs_read+0x1a8/0x770
[  153.133629][T10433]  ? __rcu_read_unlock+0x4f/0x70
[  153.133660][T10433]  ? __fget_files+0x184/0x1c0
[  153.133684][T10433]  ksys_read+0xda/0x1a0
[  153.133730][T10433]  __x64_sys_read+0x40/0x50
[  153.133752][T10433]  x64_sys_call+0x27bc/0x2ff0
[  153.133794][T10433]  do_syscall_64+0xd2/0x200
[  153.133819][T10433]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  153.133838][T10433]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  153.133911][T10433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.133928][T10433] RIP: 0033:0x7f349cdfd5fc
[  153.133976][T10433] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  153.133992][T10433] RSP: 002b:00007f349b85f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  153.134012][T10433] RAX: ffffffffffffffda RBX: 00007f349d035fa0 RCX: 00007f349cdfd5fc
[  153.134025][T10433] RDX: 000000000000000f RSI: 00007f349b85f0a0 RDI: 0000000000000004
[  153.134054][T10433] RBP: 00007f349b85f090 R08: 0000000000000000 R09: 0000000000000000
[  153.134065][T10433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.134075][T10433] R13: 00007f349d036038 R14: 00007f349d035fa0 R15: 00007ffe6606f3b8
[  153.134092][T10433]  </TASK>
[  153.452963][ T7147] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.533431][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.205178][   T29] kauditd_printk_skb: 521 callbacks suppressed
[  154.205209][   T29] audit: type=1400 audit(155.189:11534): avc:  denied  { block_suspend } for  pid=10481 comm="syz.3.2180" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  154.253689][   T29] audit: type=1326 audit(155.219:11535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10474 comm="syz.0.2176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  154.276830][   T29] audit: type=1326 audit(155.219:11536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10474 comm="syz.0.2176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  154.299835][   T29] audit: type=1326 audit(155.219:11537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10474 comm="syz.0.2176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  154.322906][   T29] audit: type=1326 audit(155.219:11538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10474 comm="syz.0.2176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  154.345878][   T29] audit: type=1326 audit(155.219:11539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10474 comm="syz.0.2176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  154.368942][   T29] audit: type=1326 audit(155.219:11540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10474 comm="syz.0.2176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  154.391936][   T29] audit: type=1326 audit(155.219:11541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10474 comm="syz.0.2176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  154.414877][   T29] audit: type=1326 audit(155.219:11542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10474 comm="syz.0.2176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  154.438009][   T29] audit: type=1326 audit(155.219:11543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10474 comm="syz.0.2176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f47c623ebe9 code=0x7ffc0000
[  154.674732][T10499] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2185'.
[  154.844767][ T3395] usb 3-1: enqueue for inactive port 0
[  154.853011][ T3395] usb 3-1: enqueue for inactive port 0
[  154.910479][T10504] loop3: detected capacity change from 0 to 1024
[  154.920753][ T3395] vhci_hcd: vhci_device speed not set
[  154.952101][T10504] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.013967][T10501] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2187: Allocating blocks 385-513 which overlap fs metadata
[  155.131777][T10501] EXT4-fs (loop3): pa ffff888107161460: logic 16, phys. 129, len 24
[  155.139814][T10501] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  155.307651][   T23] hid_parser_main: 22 callbacks suppressed
[  155.307668][   T23] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[  155.317861][T10519] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2192'.
[  155.320978][   T23] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[  155.321002][   T23] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[  155.330404][   T23] hid-generic 0000:0004:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  155.619424][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.734063][T10539] loop3: detected capacity change from 0 to 1024
[  155.752403][T10539] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.771718][T10539] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.2197: Allocating blocks 385-513 which overlap fs metadata
[  155.788487][T10539] EXT4-fs (loop3): pa ffff8881071612a0: logic 16, phys. 129, len 24
[  155.796579][T10539] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  155.895378][T10555] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2206'.
[  155.904994][T10555] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2206'.
[  155.916952][T10558] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2207'.
[  156.300532][T10587] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2217'.
[  156.349202][T10587] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2217'.
[  156.496238][ T3306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.570880][ T3298] ==================================================================
[  156.578979][ T3298] BUG: KCSAN: data-race in __dentry_kill / fast_dput
[  156.585658][ T3298] 
[  156.587970][ T3298] write to 0xffff88811a081850 of 8 bytes by task 2995 on cpu 1:
[  156.595588][ T3298]  __dentry_kill+0x142/0x4b0
[  156.600180][ T3298]  dput+0x5e/0xd0
[  156.603802][ T3298]  step_into+0x5b2/0x820
[  156.608042][ T3298]  walk_component+0x162/0x220
[  156.612720][ T3298]  path_lookupat+0xfe/0x2a0
[  156.617221][ T3298]  filename_lookup+0x2d7/0x340
[  156.621985][ T3298]  do_readlinkat+0x7d/0x320
[  156.626478][ T3298]  __x64_sys_readlink+0x47/0x60
[  156.631329][ T3298]  x64_sys_call+0x28da/0x2ff0
[  156.635998][ T3298]  do_syscall_64+0xd2/0x200
[  156.640496][ T3298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.646380][ T3298] 
[  156.648690][ T3298] read to 0xffff88811a081850 of 8 bytes by task 3298 on cpu 0:
[  156.656215][ T3298]  fast_dput+0x5f/0x2c0
[  156.660370][ T3298]  dput+0x24/0xd0
[  156.663992][ T3298]  do_unlinkat+0x259/0x480
[  156.668404][ T3298]  __x64_sys_unlink+0x2e/0x40
[  156.673072][ T3298]  x64_sys_call+0x2dc0/0x2ff0
[  156.677743][ T3298]  do_syscall_64+0xd2/0x200
[  156.682244][ T3298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.688138][ T3298] 
[  156.690450][ T3298] value changed: 0xffff888237badba8 -> 0x0000000000000000
[  156.697543][ T3298] 
[  156.699865][ T3298] Reported by Kernel Concurrency Sanitizer on:
[  156.706002][ T3298] CPU: 0 UID: 0 PID: 3298 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[  156.715280][ T3298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  156.725341][ T3298] ==================================================================