last executing test programs:

8m13.802576342s ago: executing program 32 (id=631):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f0000000100)=0x2, 0x4)
getsockopt$inet6_buf(r1, 0x29, 0x6, 0xfffffffffffffffd, &(0x7f00000000c0)=0xa4)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0xb, 0x0, &(0x7f0000fd7ff0)={0x77359400}, 0x0, 0xfffffffd)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000180)={0xfffffe}, 0x10)
write(r2, &(0x7f0000000000)="240000001a005f1114f9f407000901000000000000000003000000000800040001000000", 0x24)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
accept4(r5, &(0x7f0000000280)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, &(0x7f0000000000)=0x80, 0x81000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_clone(0xddc15fcdf84d30f8, &(0x7f00000001c0), 0x0, &(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)="87ec92fe864ad154ceefc75ecd5c64d38aa746822802aa")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
r7 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000c80)=@mangle={'mangle\x00', 0x64, 0x6, 0x568, 0xe8, 0xe8, 0xe8, 0xe8, 0x1d0, 0x498, 0x498, 0x498, 0x498, 0x498, 0x6, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'dvmrp0\x00', 'veth1_virt_wifi\x00', {0xff}}, 0x0, 0xa8, 0xe8, 0x0, {0x7a00000000000000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x9, {0x4}}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'syzkaller1\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@private0}}}, {{@ipv6={@rand_addr=' \x01\x00', @mcast2, [0xff], [], 'veth1_to_batadv\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@empty}}}, {{@ipv6={@private0, @mcast2, [], [0x0, 0x0, 0x0, 0xff000000], 'veth1_to_team\x00', 'wg1\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@remote}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@local}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5c8)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3, 0x600, 0x100000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2000759, &(0x7f0000000a00)={[{@dioread_nolock}, {@noblock_validity}, {@usrquota}, {@errors_remount}, {@abort, 0x0}, {@noauto_da_alloc}, {@noload}, {@minixdf}, {@mblk_io_submit}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x3}}, {@errors_remount}, {@nolazytime}, {@journal_dev={'journal_dev', 0x3d, 0x724}}, {@norecovery}, {@nouser_xattr}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@sysvgroups}], [{@audit}, {@measure}], 0x2c}, 0x6, 0x4fc, &(0x7f0000001a40)="$eJzs3EtvVGUfAPD/mU5p+wJv+/J64aaMorHRSGm5LlwA0YSNiYnG4LK2hSAFDK0JkEaKMZC40PAJvOxM/ASudGPUuNC4lbg1JsR0A7owx5yZM3Xa6fTGTCelv18yw3Nu8zz/c87DPJc5DWDDKmVvScSWiPglInori3N3KFX+uTczNfLnzNRIEmn66h9Jeb+7M1Mj1V2rx23OF/oLEYX3k9hVn23XxJWr54bHx8cu5SsGJgt56vzwmbEzYxeGjh49eKDnyOGhQ02JMyvT3Z3vXty94+Qbt14eOXXrze++yMqb5ttr46joK79vWnYOHXVrSlGaey5rPL38oq8LW2vSSTF7L7SvMCxbdtdml6uzXP97o6O8VNEbL73X1sIBLZWmadpVt3b2u2w6rZUklQPS9HoKPACSaHcJgPaoftHfncl6qlMj9f3gB9ud41HuAWVx38tflS3Fcg+21FfpG3W2KP+HIuLU9F8fZ69YcBwCAKC5vjoecfNEFLN2R/VV2VKIR2r2+28+N9QXEf+LiG0R8f+8/fJwRHnfRyNie80xW5cxC1Cat1zf/vmpJ0/UNlebJmv/vZDPbc1t/82WvK8jX9pajr8zOX12fGx/fk76o7MrWx6s/+jZYbWvX/z5o0b5l2raf9kry7/aFszL8Xtx3gDd6PDk8P3GXXXnevnEXquPP4liUk1F7IiInav4/OycnX32892Nts+JP4uzLv4PG394cRUFmif9NOKZyvWfjnnxRz7/l5TnJ8+/PTBx5erzZ2vnJwePHB46NNAd42P7B6p3Rb3vf7zxSp6s60Yscv2rVaOlE2nZ9f/Pgvf/7MxlX5aana+dWHkeN27fbNinWe39vyl5rZyuzs9eHp6cvDQYsSmZrl8/9O+xl4d75uyfxd+/d+H6vy3i70/y43ZFRHYTPxYRj0fEnrzsT0TEkxGxd5H4vz3x1FuNupBLx99aWfyjK7r+jRLHfohYeFPHuW++rMv4g1Jd/J3R6PofLKf68zWjw5PdS8W1WElrE/d9AgEAAGAd2BMRWyIp7MsHmrZEobBvX8Tm2RGUicnnTl9858Jo5RmBvugsVEe6emvGQwfzseFsOTtqqGY5236gPG6cpmnaky1n/ffx7e0NHTa8zQ3qf+a3+kdagAfNiubRGj3RBqxL8+v/7WUf2fwfZABrqwm/owHWKfUfNq5l1/9WPQUHtM1C9f9axL02FAVYYwvV/9fr1hxbk7IAa0v/Hzau1dd/PwaA9c73P2xIy3pIfhWJbScX2ScptibTxolCLP5XAPoiqmuqbZrFP/DXQkRzStjR1Eh75lzTwoL7dEcz8orCkvsUV/CHGFqR6G6Ye6Et5WmQ6IqIJe7e2ZvtWjVxtdUFK1eCz9r7vxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD9+ycAAP//NjnTNQ==")
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext3\x00', &(0x7f0000003040)='./file0\x00', 0x120c480, &(0x7f0000000c80), 0x3, 0x512, &(0x7f0000001f40)="$eJzs3V9rZGcZAPDnnGS2yW5qUvWiFmwXrWSL7kzS2G3woo0gelWw1vsYk0kImWRCZtJuQpEUP4Ag/kOvvPJG8AMIUvALiFjQeymiFN2uoILryJmcycZkJpk1yUw28/vBm/Oev8/zzmTemXfOYU4AA+tmRMxFxFBEvBAR4/nyNC+xt1+y7T689/ZiVpJoNN74axJJvqx1rCSf3sh3G4mIr30l4pvJ8bi1nd21hUqlvJXPl+rrm6Xazu7t1fWFlfJKeWNuZvrO7MuzL81OtUv7X43/o62vfOlPP/jOz778yq8+99Yf5/9y61tZWmP5usPt6MZel9vtN73QfCxa/tGI2HqUYJdY9n8z3GwhAACPg+wz/kcj4lMRcf/HXe82fKFJAQAAAOeq8epY/DuJaAAAAABXVtq8BjZJi/m1AGORpsXi/jW8H4/raaVaq392ubq9sbR/rexEFNLl1Up5Kr9WeCIKSTY/3aw/nH/xyPxMRDwVEd8bH23OFxerlaV+f/kBAAAAA+LGkfH/38f3x/8AAADAFTNxfNGDfuQBAAAAXJw2438AAADgiuk4/k/8zj8AAABcAV997bWsNFr3v156c2d7rfrm7aVyba24vr1YXKxubRZXqtWV5m/2rZ92vEq1uvn52Ni+W6qXa/VSbWd3fr26vVGfb97Xe77sPtEAAADQe0899+4fkojY+8Jos2Su5etOH6sPXXB2wEVKu9jmTnJQTS40GaCnHukd/NcXlwfQe4cv8H3u2NrRfHqtZ/kAveN8PHDKwP77zb+vHsx387UBAABwyUx+4izn/50PhMeZgTwMLlfwweDaP/8/2u80gD5w/h8G3BOnbzLSacVvOu+T+HoQAAAulbFmSdJifi5wLNK0WIx4snlbgEKyvFopT0XERyLi9+OFJ7L56X4nDQAAAAAAAAAAAAAAAAAAAAAAAACPmUYjibkGAAAAcJVFpH9O8hv5T44/P3b0+4FryT/Hm9OIeOsnb/zw7kK9vjWdLf/bwfL6j/LlLx7slkTsHTnSsUMDAAAAZ9Xhht2tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5+nDe28vtkov437wxYiYaBd/OEaa05EoRMT1+0kMH9oviYihc4i/905EPN0ufpKlFRN5FkfjpxEx2uf4N84hPgyyd7P+Z67d6y+Nm81p+9ffcF7O6oObnfq/9KD/G4rfHdsv6/+e7DLGM+/9otQx/jsRzwy3739a8ZMz9r/f+Prubqd1jZ9GTLZ9/0n+J1apvr5Zqu3s3l5dX1gpr5Q3Zmam78y+PPvS7FRpebVSzv+2jfHdT/7yPye1//rR+IU46H9Pav/zXbb/wXt3730s4v1Ch/i3Pt3++X+6Gah9/Oyx/0z+PpCtn2zV9/brhz37898+e1L7lzo8/qc9/7e6bP8Lr3/7/S43BQB6oLazu7ZQqZS3BrmSxqVIQ6W3lezz8iVI48RKetbjvJ6/0B959z53TAAAwLl7+KG/7eok6XlGAAAAAAAAAAAAAAAAAAAAMHh68Rtmh+ON9K+pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn+m8AAAD//zEy1h8=")
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)

6m47.087017464s ago: executing program 33 (id=2096):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000280), 0x1, 0x76a, &(0x7f0000001b00)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@id={0x2, 0x0, @b}})

6m40.877560269s ago: executing program 34 (id=2237):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002000)=@newtaction={0x474, 0x30, 0x2, 0x70bd2d, 0x25dfdbff, {}, [{0x460, 0x1, [@m_skbedit={0xec, 0x18, 0x0, 0x0, {{0xc}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x7}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xb}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x5}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0xfffffff8}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xc, 0xffe0}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x4}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x69d}]}, {0x85, 0x6, "de616dd9ce3b892bb6fafca061bed3e644dcf9151f4527045657b89def02bb9cad6c62f8293cff1e7df3eb0803889f2fd92b151ed17ab9f17c47463bf4e7afe47ab1d24292b0103cbbc15977a51c0ae02a168eca666c86a6321ae76cba859e771aa7894ab8f8d473fc2af5fc18fb9399fdbb44bce22ac4c64feea69890f61ef4f4"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_sample={0x30, 0xf, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_sample={0x16c, 0x1e, 0x0, 0x0, {{0xb}, {0x6c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x80}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xffffffff, 0x8, 0x20000000, 0x80, 0x7}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x5}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x3}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x91, 0x0, 0x2, 0x3, 0x1}}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0xfd}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x7}]}, {0xd5, 0x6, "4d11ef01da7337625695ddc3d5012aa6f3638794346943b9ee757a1a4ac5f8ce5f6016d63b9db431952a32c8ea295bd8bea222698ce859490fd8784037c47670d89010426411cce59038883b69db801c8d08e1d6ea90e03c637d4dc6a17cefee6540c36dba3573d039f7b6e9fb810ecdc039c3105f3423c721e04c7b057f85097c23a753a9cfb0eba5c78b15b4a0e5f89bc641b2235362854abfebfb5725960a2d4ac208b14257ac5234ed0cee70172bdb4d08621defbfe90852cbcdaca1774f816472bcbe64df69fe72148dc5d94245cb"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ctinfo={0xb0, 0x13, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x5}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x8}, @TCA_CTINFO_ACT={0x18, 0x3, {0x1, 0x0, 0x20000000, 0x5, 0xa0}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x9}]}, {0x51, 0x6, "d85d43b7ea4d845296355f3471752799af01297afd6813bd04b7bb5071ef36fddfcc5033243031cd5319c20f6766f3d2d6051219b06ff3d56189745c3370e1a4b4879e3b2dc212a69a32820b53"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_connmark={0x124, 0x0, 0x0, 0x0, {{0xd}, {0x58, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffffa, 0x1, 0x2, 0x7, 0xfffffffd}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xeca, 0x7ff, 0x4, 0x5, 0x2}, 0x5}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xffff0000, 0x4, 0x5, 0x0, 0xcdb0}, 0xfff}}]}, {0x9d, 0x6, "b1dd69649d43efaad1efe50a15a7bc2ae427985474a91309265bd7c0b7a15643d1aaadc04b7f2c647668c235c1a04b97d025123adfb96726571deb653d54ec973b2f3a9657c1d1763cb90c04e4b11efb65c22486347da6e423c53617e70ee63adb0f8ca73f5f5e410b00a490b99949f844ec442e1a73b494408f301efc464b2098fc1baea2229183fb9b376f08a52b16b060c2c829a42fc636"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x474}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

6m28.691407222s ago: executing program 35 (id=2532):
socket$kcm(0x10, 0x2, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x6, 0x6}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x2}}, './file0\x00'})

6m25.250311619s ago: executing program 36 (id=2569):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/12], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f0000000100)=0x2, 0x4)
getsockopt$inet6_buf(r1, 0x29, 0x6, 0xfffffffffffffffd, &(0x7f00000000c0)=0xa4)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0xb, 0x0, &(0x7f0000fd7ff0)={0x77359400}, 0x0, 0xfffffffd)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000180)={0xfffffe}, 0x10)
write(r2, &(0x7f0000000000)="240000001a005f1114f9f407000901000000000000000003000000000800040001000000", 0x24)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
accept4(r5, &(0x7f0000000280)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, &(0x7f0000000000)=0x80, 0x81000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_clone(0xddc15fcdf84d30f8, &(0x7f00000001c0), 0x0, &(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)="87ec92fe864ad154ceefc75ecd5c64d38aa746822802aa")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
r7 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000c80)=@mangle={'mangle\x00', 0x64, 0x6, 0x568, 0xe8, 0xe8, 0xe8, 0xe8, 0x1d0, 0x498, 0x498, 0x498, 0x498, 0x498, 0x6, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'dvmrp0\x00', 'veth1_virt_wifi\x00', {0xff}}, 0x0, 0xa8, 0xe8, 0x0, {0x7a00000000000000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x0, 0x9, {0x4}}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'syzkaller1\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@private0}}}, {{@ipv6={@rand_addr=' \x01\x00', @mcast2, [0xff], [], 'veth1_to_batadv\x00', 'vlan1\x00'}, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@empty}}}, {{@ipv6={@private0, @mcast2, [], [0x0, 0x0, 0x0, 0xff000000], 'veth1_to_team\x00', 'wg1\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@remote}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@local}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5c8)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3, 0x600, 0x100000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2000759, &(0x7f0000000a00)={[{@dioread_nolock}, {@noblock_validity}, {@usrquota}, {@errors_remount}, {@abort, 0x0}, {@noauto_da_alloc}, {@noload}, {@minixdf}, {@mblk_io_submit}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x3}}, {@errors_remount}, {@nolazytime}, {@journal_dev={'journal_dev', 0x3d, 0x724}}, {@norecovery}, {@nouser_xattr}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@sysvgroups}], [{@audit}, {@measure}], 0x2c}, 0x6, 0x4fc, &(0x7f0000001a40)="$eJzs3EtvVGUfAPD/mU5p+wJv+/J64aaMorHRSGm5LlwA0YSNiYnG4LK2hSAFDK0JkEaKMZC40PAJvOxM/ASudGPUuNC4lbg1JsR0A7owx5yZM3Xa6fTGTCelv18yw3Nu8zz/c87DPJc5DWDDKmVvScSWiPglInori3N3KFX+uTczNfLnzNRIEmn66h9Jeb+7M1Mj1V2rx23OF/oLEYX3k9hVn23XxJWr54bHx8cu5SsGJgt56vzwmbEzYxeGjh49eKDnyOGhQ02JMyvT3Z3vXty94+Qbt14eOXXrze++yMqb5ttr46joK79vWnYOHXVrSlGaey5rPL38oq8LW2vSSTF7L7SvMCxbdtdml6uzXP97o6O8VNEbL73X1sIBLZWmadpVt3b2u2w6rZUklQPS9HoKPACSaHcJgPaoftHfncl6qlMj9f3gB9ud41HuAWVx38tflS3Fcg+21FfpG3W2KP+HIuLU9F8fZ69YcBwCAKC5vjoecfNEFLN2R/VV2VKIR2r2+28+N9QXEf+LiG0R8f+8/fJwRHnfRyNie80xW5cxC1Cat1zf/vmpJ0/UNlebJmv/vZDPbc1t/82WvK8jX9pajr8zOX12fGx/fk76o7MrWx6s/+jZYbWvX/z5o0b5l2raf9kry7/aFszL8Xtx3gDd6PDk8P3GXXXnevnEXquPP4liUk1F7IiInav4/OycnX32892Nts+JP4uzLv4PG394cRUFmif9NOKZyvWfjnnxRz7/l5TnJ8+/PTBx5erzZ2vnJwePHB46NNAd42P7B6p3Rb3vf7zxSp6s60Yscv2rVaOlE2nZ9f/Pgvf/7MxlX5aana+dWHkeN27fbNinWe39vyl5rZyuzs9eHp6cvDQYsSmZrl8/9O+xl4d75uyfxd+/d+H6vy3i70/y43ZFRHYTPxYRj0fEnrzsT0TEkxGxd5H4vz3x1FuNupBLx99aWfyjK7r+jRLHfohYeFPHuW++rMv4g1Jd/J3R6PofLKf68zWjw5PdS8W1WElrE/d9AgEAAGAd2BMRWyIp7MsHmrZEobBvX8Tm2RGUicnnTl9858Jo5RmBvugsVEe6emvGQwfzseFsOTtqqGY5236gPG6cpmnaky1n/ffx7e0NHTa8zQ3qf+a3+kdagAfNiubRGj3RBqxL8+v/7WUf2fwfZABrqwm/owHWKfUfNq5l1/9WPQUHtM1C9f9axL02FAVYYwvV/9fr1hxbk7IAa0v/Hzau1dd/PwaA9c73P2xIy3pIfhWJbScX2ScptibTxolCLP5XAPoiqmuqbZrFP/DXQkRzStjR1Eh75lzTwoL7dEcz8orCkvsUV/CHGFqR6G6Ye6Et5WmQ6IqIJe7e2ZvtWjVxtdUFK1eCz9r7vxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD9+ycAAP//NjnTNQ==")
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext3\x00', &(0x7f0000003040)='./file0\x00', 0x120c480, &(0x7f0000000c80), 0x3, 0x512, &(0x7f0000001f40)="$eJzs3V9rZGcZAPDnnGS2yW5qUvWiFmwXrWSL7kzS2G3woo0gelWw1vsYk0kImWRCZtJuQpEUP4Ag/kOvvPJG8AMIUvALiFjQeymiFN2uoILryJmcycZkJpk1yUw28/vBm/Oev8/zzmTemXfOYU4AA+tmRMxFxFBEvBAR4/nyNC+xt1+y7T689/ZiVpJoNN74axJJvqx1rCSf3sh3G4mIr30l4pvJ8bi1nd21hUqlvJXPl+rrm6Xazu7t1fWFlfJKeWNuZvrO7MuzL81OtUv7X43/o62vfOlPP/jOz778yq8+99Yf5/9y61tZWmP5usPt6MZel9vtN73QfCxa/tGI2HqUYJdY9n8z3GwhAACPg+wz/kcj4lMRcf/HXe82fKFJAQAAAOeq8epY/DuJaAAAAABXVtq8BjZJi/m1AGORpsXi/jW8H4/raaVaq392ubq9sbR/rexEFNLl1Up5Kr9WeCIKSTY/3aw/nH/xyPxMRDwVEd8bH23OFxerlaV+f/kBAAAAA+LGkfH/38f3x/8AAADAFTNxfNGDfuQBAAAAXJw2438AAADgiuk4/k/8zj8AAABcAV997bWsNFr3v156c2d7rfrm7aVyba24vr1YXKxubRZXqtWV5m/2rZ92vEq1uvn52Ni+W6qXa/VSbWd3fr26vVGfb97Xe77sPtEAAADQe0899+4fkojY+8Jos2Su5etOH6sPXXB2wEVKu9jmTnJQTS40GaCnHukd/NcXlwfQe4cv8H3u2NrRfHqtZ/kAveN8PHDKwP77zb+vHsx387UBAABwyUx+4izn/50PhMeZgTwMLlfwweDaP/8/2u80gD5w/h8G3BOnbzLSacVvOu+T+HoQAAAulbFmSdJifi5wLNK0WIx4snlbgEKyvFopT0XERyLi9+OFJ7L56X4nDQAAAAAAAAAAAAAAAAAAAAAAAACPmUYjibkGAAAAcJVFpH9O8hv5T44/P3b0+4FryT/Hm9OIeOsnb/zw7kK9vjWdLf/bwfL6j/LlLx7slkTsHTnSsUMDAAAAZ9Xhht2tcXprHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5+nDe28vtkov437wxYiYaBd/OEaa05EoRMT1+0kMH9oviYihc4i/905EPN0ufpKlFRN5FkfjpxEx2uf4N84hPgyyd7P+Z67d6y+Nm81p+9ffcF7O6oObnfq/9KD/G4rfHdsv6/+e7DLGM+/9otQx/jsRzwy3739a8ZMz9r/f+Prubqd1jZ9GTLZ9/0n+J1apvr5Zqu3s3l5dX1gpr5Q3Zmam78y+PPvS7FRpebVSzv+2jfHdT/7yPye1//rR+IU46H9Pav/zXbb/wXt3730s4v1Ch/i3Pt3++X+6Gah9/Oyx/0z+PpCtn2zV9/brhz37898+e1L7lzo8/qc9/7e6bP8Lr3/7/S43BQB6oLazu7ZQqZS3BrmSxqVIQ6W3lezz8iVI48RKetbjvJ6/0B959z53TAAAwLl7+KG/7eok6XlGAAAAAAAAAAAAAAAAAAAAMHh68Rtmh+ON9K+pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn+m8AAAD//zEy1h8=")
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

6m23.585059472s ago: executing program 37 (id=2581):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e)
r1 = dup(r0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2], 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
recvmsg(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0), 0x1, 0x0, 0x5}, 0x40000103)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
writev(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
arch_prctl$ARCH_GET_XCOMP_SUPP(0x1021, &(0x7f0000000240))
execve(0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r6, &(0x7f000047b000)={0xa, 0x4e20, 0x4, @loopback}, 0x1c)
listen(r6, 0x20000005)
r7 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r7, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

6m23.20273739s ago: executing program 4 (id=2585):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)

6m22.97954309s ago: executing program 4 (id=2586):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_REMOVE(r0, 0x0, 0x0)

6m22.710510768s ago: executing program 4 (id=2587):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002000)=@newtaction={0x448, 0x30, 0x2, 0x70bd2d, 0x25dfdbff, {}, [{0x434, 0x1, [@m_skbedit={0xec, 0x18, 0x0, 0x0, {{0xc}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x7}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xb}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x5}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0xfffffff8}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xc, 0xffe0}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x4}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x69d}]}, {0x85, 0x6, "de616dd9ce3b892bb6fafca061bed3e644dcf9151f4527045657b89def02bb9cad6c62f8293cff1e7df3eb0803889f2fd92b151ed17ab9f17c47463bf4e7afe47ab1d24292b0103cbbc15977a51c0ae02a168eca666c86a6321ae76cba859e771aa7894ab8f8d473fc2af5fc18fb9399fdbb44bce22ac4c64feea69890f61ef4f4"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x160, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x135, 0x6, "7aadf1ed7fc959bbde930d34bcb2a6f4c38c35df6edf364fc9b40d7033b2c48e005ed0b13236b265dba5cb90755884baaf4271498ba55f551c309d6ff6142ffba91b3c29b1ff763ebebc9d1a4dac98a01966a43b746b12062f036354534a775ef38de0214454d0c055d5f9a9ad14d9100b5f2d5dd1e259b407a5fc55920c31a192e0fb0576fe36024315cb9ccb4c897030acc11b70a808ceac24ad8fd0773708b894f57474eeab57dd4fe23f285c936f0d048dd7b6242cad8db8849a283a5ca1924f0b9bb155b719a18528dcf88d46e3bf60add2ec13e6bffb9cf4c7f1d3fd340686900941f5c8af9c63a85258719a0f1c6f03266f41b6644477d816248c64c2d28fc591525b81705e2ac795adcf966073aca295254a09c6b3bb2f65e9f9357589097c2bf0608b4de0a3155d05e2cbaef2"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x4}}}}, @m_sample={0x30, 0xf, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ctinfo={0xb4, 0x13, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x5}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x8}, @TCA_CTINFO_ACT={0x18, 0x3, {0x1, 0x0, 0x20000000, 0x5, 0xa0}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x9}]}, {0x55, 0x6, "d85d43b7ea4d845296355f3471752799af01297afd6813bd04b7bb5071ef36fddfcc5033243031cd5319c20f6766f3d2d6051219b06ff3d56189745c3370e1a4b4879e3b2dc212a69a32820b53d5f0867e"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_connmark={0x100, 0x0, 0x0, 0x0, {{0xd}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffffa, 0x1, 0x2, 0x7, 0xfffffffd}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xffff0000, 0x4, 0x5, 0x0, 0xcdb0}, 0xfff}}]}, {0x95, 0x6, "b1dd69649d43efaad1efe50a15a7bc2ae427985474a91309265bd7c0b7a15643d1aaadc04b7f2c647668c235c1a04b97d025123adfb96726571deb653d54ec973b2f3a9657c1d1763cb90c04e4b11efb65c22486347da6e423c53617e70ee63adb0f8ca73f5f5e410b00a490b99949f844ec442e1a73b494408f301efc464b2098fc1baea2229183fb9b376f08a52b16b0"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x448}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

6m22.620126908s ago: executing program 4 (id=2588):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

6m22.565031608s ago: executing program 4 (id=2589):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x444, &(0x7f0000000980)="$eJzs3MtvG8UfAPDv2nHS5y/5lfJoaCFQEBGPpEkf9MAFBBIHkJC4FHEKSVqFpg1qgkSrCAKHcESVuCOOSPwFnOCCgBMSV7ijShXKpYWT0dq7qZvYaZw4del+PtLGM96xZr67O/bsjJ0ACmso/ZNE7IuI3yOiv569vcBQ/eHmyuLk3yuLk0lUq2//ldTK3VhZnMyL5q/bW89Uq1m+r0m9y+9GTMzOTl/K8qMLFz4Ynb985YWZCxPnps9NXxw/ffrE8SO9p8ZPdiTONK4bgx/PHT70+jtX35w8c/W9n79N27sv298YR6cM1Y9uU09XOl1bd+1vSCc9XWwIbSlHRHq6KrX+3x/l2L26rz9e+6yrjQN2VLVarTb7fM4sVYH7WBLdbgHQHfkHfXr/m293aehxT7j+cv0GKI37ZrbV9/REKStTWXN/20lDEXFm6Z+v0i12aB4CAKDR9+n45/lm479SPNRQ7n/ZGspARPw/Ig5ExAMRcTAiHoyolX04Ih5ps/61KyTrxz+la1sKbJPS8d9L2drW7eO/fPQXA+Ust78WfyU5OzM7fSw7JsNR6UvzYxvU8cOrv33Ral/j+C/d0vrzsWDWjms9aybopiYWJrYTc6Prn0YM9jSLP4l8GSeJiEMRMbjFOmae/eZwq313jn8DHVhnqn4d8Uz9/C/FmvhzScv1ybEXT42fHN0Vs9PHRvOrYr1ffl1+q1X924q/A9Lzv6fp9b8a/0CyK2L+8pXztfXa+fbrWP7j85b3NFu7/mdWG9ebPX40sbBwaSyiN3lj/fPjt16b5/PyafzDR5v3/wNx60g8GhHpRXwkIh6LiMeztj8REU9GxNEN4v/plafebz/+DWblOyiNf+pO5z8az3/7ifL5H79rP/5cev5P1FLD2TObef/bbAO3c+wAAADgv6JU+w58UhpZTZdKIyP17/AfjD1LMTe/8NzZuQ8vTtW/Kz8QlVI+09XfMB86ls0N5/nxNfnj2bzxl+XdtfzI5NzsVLeDh4Lb26L/p/4sd7t1wI7zey0oLv0fikv/h+LS/6G49H8ormb9/5MutAO4+3z+Q3Hp/1Bc+j8Ul/4PhdTyt/Glbf3kf7uJpBuVSrSTiNI90Yz7P9Gz6X9mscVEX9Nd3X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Ix/AwAA//+UFuN0")
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r0, 0x2007ffb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000000)=ANY=[])

6m22.445861308s ago: executing program 4 (id=2590):
r0 = syz_io_uring_setup(0x110, &(0x7f0000000680)={0x0, 0xcfb6, 0x10, 0x4, 0xfffffff9}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_LINKAT={0x27, 0x1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x1400, 0x1})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

6m22.438604098s ago: executing program 38 (id=2590):
r0 = syz_io_uring_setup(0x110, &(0x7f0000000680)={0x0, 0xcfb6, 0x10, 0x4, 0xfffffff9}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_LINKAT={0x27, 0x1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x1400, 0x1})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

6m14.664110447s ago: executing program 2 (id=2660):
r0 = socket(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
r3 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4]}}}}]}, 0x88}}, 0x0)

6m14.581153847s ago: executing program 2 (id=2662):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r0}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYRES8, @ANYRES8, @ANYRESOCT=0x0, @ANYRESDEC, @ANYRES64=r0, @ANYRES16=r0, @ANYRESHEX=r0, @ANYRESHEX, @ANYRESOCT=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0a00000002000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2, 0x0, 0x81}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r3)
sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x60}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x4b0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3e0, 0x3d8, 0x3d8, 0x3e0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x200000, 0x0, 0x1, 0x0, 'syz1\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x80, 0x0}, 'virt_wifi0\x00', {0x6dbf}}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x0, 0x4, 0x1}, {0xffffffffffffffff, 0x3, 0x6}, 0x5, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x510)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
semctl$SEM_INFO(0x0, 0x1, 0x13, &(0x7f0000000280)=""/251)

6m9.594597667s ago: executing program 1 (id=2717):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b7030000000000008500000073000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000540)='./file0\x00', 0x204018, &(0x7f0000000140)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c686964652c73657373696f6e3d3078303030303030303030303030303032312c756e686964652c696f636861727365743d63703433372c6f76657272696465726f636b7065726d2c626c6f636b3d3078303030303030303030303030303430302c005fb50aab29cf1d32d24be5ab2a6506aa524c8f1cd5781842ee1c86bee627767fee958f25bb6db8e631262ed8a59d337d730b6698271aeb8c31c1902a7e236e5dd878e6c1352c0c799d8e80d7346f8d2870acebe617c694bbb925d3ab4fb01784c564c03d88c81d2f84f58e8c6ba18548f09fa6"], 0x1, 0x563, &(0x7f0000000f80)="$eJzs3V9v09wdwPGfSwtRJlXTmBCqChzKJhWpBCeBoIgrzzlJDyR2ZDuovWIVTVFFChNl0tqLMW7YJm0vgtu9iL0j9Nw/zwWPbCf9Gyc8Sts8qr6fip4T+8Tnd9zIP9zaxwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMRya7ZdtKRpvM6ayubWAr91+LL/7lML5P6xYkS/Ilb8T3I5uZkuuvn7w9U34m9Lf/57+mpRcnGRk/3f3Pjt0+uzM4P3jwj4Quzu7b/Z6PW676cdyPn58du17JUN7ZnQNy2noZUJfVWtVOyHq/VQ1U1Th+thpFvKDbQT+YFadu+rYrVaVrqw7ne8Rs1p6sHCJw9Ktl1Rzwpt7QSh7z18VgjdVdNsGq+RtIlXx22exB/E5yZSkXZaSm1t97rlcSOIGxW/p1FpXKOSXSoVi6VSsfK4+viJbc+eWmCfIKdaTP9Di+k6w6M3MJmZfv6XphjxpCNrooZ+uVKTQHxpZazvG+T/Pz7UI/s9mv8X00WLNw9XL8TfluR2+up2Vv7PiOXivnZlT/bljWxIT3rSlfdTj+hivxqixRMjofhipCVOskT1lyipSkUqYstLWZW6hKKkLkaaoiWUdQklEp18olwJRIsjkfgSiJJlceW+KClKVapSFiVaCrIuvnTEk4bUxEm2siXbyX4vi7KyYjxoVMwcRn7wuetKacRoyf+Y3Jkev4FJfBvkfwAAAAAAcGlZyW/f4/P/ObmV1Oqmqe1phwUAAAAAAM5Q8pf/xbiYi2u3xOL8HwAAAACAy8ZK7rGzRCQvd9LalljJ7VLDfglwZQohAgAAAACACSV//78dF8kcKHfEOpguhYsAAAAAAAC4JP51MPtu1hy7Yfua9f8fJAjmrE/ttT9YO8ncvM5O/1KAU1cERPUFa76/kaSopMXsrKsXrVza6GASzK/9YmtcHFYQzP30LXUQwD+yA8jJyQCuz8p/5G7a5u5mWm4O1qS95OumqQuu33xaFMeZn4n0WvTXt9t/k2T4//Za81ZOtnvdwqt3vc1kZ3yKt/Jppz+B4ql5FLN2xvVZ+ZDMt5DcczF0xHPJjRj9fvOWbG33unbSp5OOfyZ9+8zxHj/Oj+jzsyylrZb6M97mj48/F/dZLGSNvh9FccKRf5Z7aZt7y/fSYkgUpXFRlI5GMXxfTB5FeVwU5QmjAIBp2RqThawjiT8j7wwqI45y35Xdj/fyS/97kRzRl9M2ywvJgXV2YcgR3R53RLcnzG7/O/UMpKwcG/f73xNZ9Uv8hi+Z/YbNkhXvwisfdv4iN3b39h9s72y87r7uvi2VyhX7kW0/LslcMox+Qe4BAAwx/hk7Y1tYj8acVf/u4JKCgrySd9KTTVlJ7jZIrjgYutX8kcsQVsacteaTNJk+4WVlxFnd1eQuh8F2SyPbHo+hfP4/CAAALtDSmDz8Pfl/Zcx59/FcPvrsOH/kaW0AAOB86OCrlY/+aQWBab8sVqtFJ1rVKvDd5yowtYZWxot04K46XkOrduBHvus348oLU9OhCjvtth9Equ4Hqu2HZi2ZPlD1H/0e6pbjRcYN203thFq5vhc5bqRqJnRVu/OnpglXdZC8OWxr19SN60TG91TodwJXF5QKtT7S0NS0F5m6iaueagem5QQ59cJvdlpa1XToBqYd+ekGB30Zr+4HrWSzhWnvbAAAfiV29/bfbPR63ffnVbk67RECAICTDtP1tCMBAAAAAAAAAAAAAAAAAAAAAABZzv3+v5OV/gMA5EI7pXIGFclcNcPP9PJVxh46Pp7rgQnAufs5AAD//wO1Ul0=")

6m9.383797776s ago: executing program 1 (id=2720):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = inotify_init1(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = inotify_add_watch(r0, 0x0, 0x400)
r4 = dup(r0)
inotify_rm_watch(r4, r3)

6m9.277699526s ago: executing program 1 (id=2722):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x48}}, 0x20050800)

6m9.187260846s ago: executing program 1 (id=2724):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

6m9.068696105s ago: executing program 1 (id=2727):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r1}, 0x18)
r2 = io_uring_setup(0x410f, &(0x7f0000000200)={0x0, 0x0, 0x0, 0xfffffffc})
r3 = eventfd2(0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000000)=r3, 0x1)
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f0000001580)={0x3, 0x0, 0x0, &(0x7f00000014c0)=[{0x0}, {0x0}, {&(0x7f0000000280)=""/4094, 0xffe}], &(0x7f0000001540)=[0x0, 0x0, 0x4]}, 0x20)
read$eventfd(r3, &(0x7f0000000040), 0x8)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0}, {0x0}], 0x0, 0x3}, 0x20)

6m8.785961514s ago: executing program 1 (id=2729):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)

6m8.782806804s ago: executing program 39 (id=2729):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)

6m6.724614906s ago: executing program 2 (id=2663):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x48}}, 0x20050800)

6m6.673420396s ago: executing program 2 (id=2744):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

6m6.612414585s ago: executing program 2 (id=2745):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5, <r6=>0xffffffffffffffff}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r8, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0x0, 0x0, @vifc_lcl_addr=@initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
r11 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x105040, 0x0)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r11, 0x3312, 0xd0a6)
r12 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0xb1)
write$cgroup_int(r12, &(0x7f0000000000)=0xfe8e, 0x12)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000000)={0x0, 'ip6erspan0\x00', {0x4}, 0x9})
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000003800)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {0x0, 0x6}]}, [{0x3}, {}, {}, {}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x10}, {}, {0x0, 0x0, 0x0, 0x2}, {0x0, 0x1000000}, {}, {0x0, 0x0, 0x3}, {0x0, 0x3}, {}, {0x0, 0x0, 0x1}, {}, {}, {0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x2, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {0xfffffffc}, {0xfffffffa, 0xe}, {}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x4, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x2, 0x0, 0xfffffffc}, {}, {}, {}, {}, {0x0, 0xffffffff}, {}, {}, {}, {0xfffffffe, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x100000}, {0x0, 0x10}, {}, {0x0, 0x0, 0x0, 0x100}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x200}, {0x0, 0x0, 0x0, 0xfa8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0x0, 0x0, 0xfffffffd}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x100000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x7}, {}, {0xc0000, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x4}, {0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x0, 0xe10}, {}, {0x0, 0x0, 0xeb3f}, {0x0, 0x0, 0x0, 0x4}, {0x401}, {}, {}, {0xffffffff}, {0x4, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0xffffffff, 0xefa6}, {}, {}, {0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x4}, {}, {0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x400}, {}, {}, {0x0, 0x0, 0x3, 0x0, 0x0, 0xb}, {0x0, 0x0, 0x0, 0x0, 0x7}], [{}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {0x2}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x0, 0x1}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

6m5.528722791s ago: executing program 2 (id=2756):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002000)=@newtaction={0x410, 0x30, 0x2, 0x70bd2d, 0x25dfdbff, {}, [{0x3fc, 0x1, [@m_skbedit={0xec, 0x18, 0x0, 0x0, {{0xc}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x7}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xb}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x5}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0xfffffff8}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xc, 0xffe0}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x4}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x69d}]}, {0x85, 0x6, "de616dd9ce3b892bb6fafca061bed3e644dcf9151f4527045657b89def02bb9cad6c62f8293cff1e7df3eb0803889f2fd92b151ed17ab9f17c47463bf4e7afe47ab1d24292b0103cbbc15977a51c0ae02a168eca666c86a6321ae76cba859e771aa7894ab8f8d473fc2af5fc18fb9399fdbb44bce22ac4c64feea69890f61ef4f4"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x160, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x135, 0x6, "7aadf1ed7fc959bbde930d34bcb2a6f4c38c35df6edf364fc9b40d7033b2c48e005ed0b13236b265dba5cb90755884baaf4271498ba55f551c309d6ff6142ffba91b3c29b1ff763ebebc9d1a4dac98a01966a43b746b12062f036354534a775ef38de0214454d0c055d5f9a9ad14d9100b5f2d5dd1e259b407a5fc55920c31a192e0fb0576fe36024315cb9ccb4c897030acc11b70a808ceac24ad8fd0773708b894f57474eeab57dd4fe23f285c936f0d048dd7b6242cad8db8849a283a5ca1924f0b9bb155b719a18528dcf88d46e3bf60add2ec13e6bffb9cf4c7f1d3fd340686900941f5c8af9c63a85258719a0f1c6f03266f41b6644477d816248c64c2d28fc591525b81705e2ac795adcf966073aca295254a09c6b3bb2f65e9f9357589097c2bf0608b4de0a3155d05e2cbaef2"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x4}}}}, @m_sample={0x30, 0xf, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ctinfo={0xb4, 0x13, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x5}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x8}, @TCA_CTINFO_ACT={0x18, 0x3, {0x1, 0x0, 0x20000000, 0x5, 0xa0}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x9}]}, {0x55, 0x6, "d85d43b7ea4d845296355f3471752799af01297afd6813bd04b7bb5071ef36fddfcc5033243031cd5319c20f6766f3d2d6051219b06ff3d56189745c3370e1a4b4879e3b2dc212a69a32820b53d5f0867e"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_connmark={0xc8, 0x0, 0x0, 0x0, {{0xd}, {0x4}, {0x95, 0x6, "b1dd69649d43efaad1efe50a15a7bc2ae427985474a91309265bd7c0b7a15643d1aaadc04b7f2c647668c235c1a04b97d025123adfb96726571deb653d54ec973b2f3a9657c1d1763cb90c04e4b11efb65c22486347da6e423c53617e70ee63adb0f8ca73f5f5e410b00a490b99949f844ec442e1a73b494408f301efc464b2098fc1baea2229183fb9b376f08a52b16b0"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x410}}, 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

6m5.483364241s ago: executing program 40 (id=2756):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002000)=@newtaction={0x410, 0x30, 0x2, 0x70bd2d, 0x25dfdbff, {}, [{0x3fc, 0x1, [@m_skbedit={0xec, 0x18, 0x0, 0x0, {{0xc}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x7}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xb}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x5}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0xfffffff8}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xc, 0xffe0}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x4}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x69d}]}, {0x85, 0x6, "de616dd9ce3b892bb6fafca061bed3e644dcf9151f4527045657b89def02bb9cad6c62f8293cff1e7df3eb0803889f2fd92b151ed17ab9f17c47463bf4e7afe47ab1d24292b0103cbbc15977a51c0ae02a168eca666c86a6321ae76cba859e771aa7894ab8f8d473fc2af5fc18fb9399fdbb44bce22ac4c64feea69890f61ef4f4"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0x160, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x135, 0x6, "7aadf1ed7fc959bbde930d34bcb2a6f4c38c35df6edf364fc9b40d7033b2c48e005ed0b13236b265dba5cb90755884baaf4271498ba55f551c309d6ff6142ffba91b3c29b1ff763ebebc9d1a4dac98a01966a43b746b12062f036354534a775ef38de0214454d0c055d5f9a9ad14d9100b5f2d5dd1e259b407a5fc55920c31a192e0fb0576fe36024315cb9ccb4c897030acc11b70a808ceac24ad8fd0773708b894f57474eeab57dd4fe23f285c936f0d048dd7b6242cad8db8849a283a5ca1924f0b9bb155b719a18528dcf88d46e3bf60add2ec13e6bffb9cf4c7f1d3fd340686900941f5c8af9c63a85258719a0f1c6f03266f41b6644477d816248c64c2d28fc591525b81705e2ac795adcf966073aca295254a09c6b3bb2f65e9f9357589097c2bf0608b4de0a3155d05e2cbaef2"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x4}}}}, @m_sample={0x30, 0xf, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ctinfo={0xb4, 0x13, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x5}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x8}, @TCA_CTINFO_ACT={0x18, 0x3, {0x1, 0x0, 0x20000000, 0x5, 0xa0}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x9}]}, {0x55, 0x6, "d85d43b7ea4d845296355f3471752799af01297afd6813bd04b7bb5071ef36fddfcc5033243031cd5319c20f6766f3d2d6051219b06ff3d56189745c3370e1a4b4879e3b2dc212a69a32820b53d5f0867e"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_connmark={0xc8, 0x0, 0x0, 0x0, {{0xd}, {0x4}, {0x95, 0x6, "b1dd69649d43efaad1efe50a15a7bc2ae427985474a91309265bd7c0b7a15643d1aaadc04b7f2c647668c235c1a04b97d025123adfb96726571deb653d54ec973b2f3a9657c1d1763cb90c04e4b11efb65c22486347da6e423c53617e70ee63adb0f8ca73f5f5e410b00a490b99949f844ec442e1a73b494408f301efc464b2098fc1baea2229183fb9b376f08a52b16b0"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x410}}, 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

5m23.381988705s ago: executing program 5 (id=3208):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x3)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a300000000068000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a3200000000080005400000001f0c000980080001400037"], 0xb0}}, 0x0)

5m22.509721012s ago: executing program 5 (id=3217):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000001d00070f0002000000000000070000", @ANYRES32, @ANYBLOB='\x00\x00w\x00\b'], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)

5m22.460953822s ago: executing program 5 (id=3218):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5, <r6=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r7, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0x0, 0x0, @vifc_lcl_addr=@initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$MRT_FLUSH(r7, 0x0, 0xd4, &(0x7f0000000200)=0x41c16f48c89e823a, 0x4)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
r10 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x105040, 0x0)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r10, 0x3312, 0xd0a6)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0xb1)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000000)={0x0, 'ip6erspan0\x00', {0x4}, 0x9})
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000003800)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {0x0, 0x6}]}, [{0x3}, {}, {}, {}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x10}, {}, {0x0, 0x0, 0x0, 0x2}, {0x0, 0x1000000}, {}, {0x0, 0x0, 0x3}, {0x0, 0x3}, {}, {0x0, 0x0, 0x1}, {}, {}, {0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x2, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {0xfffffffc}, {0xfffffffa, 0xe}, {}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x4, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x2, 0x0, 0xfffffffc}, {}, {}, {}, {}, {0x0, 0xffffffff}, {}, {}, {}, {0xfffffffe, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x100000}, {0x0, 0x10}, {}, {0x0, 0x0, 0x0, 0x100}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x200}, {0x0, 0x0, 0x0, 0xfa8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0x0, 0x0, 0xfffffffd}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x100000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x7}, {}, {0xc0000, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x4}, {0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x0, 0xe10}, {}, {0x0, 0x0, 0xeb3f}, {0x0, 0x0, 0x0, 0x4}, {0x401}, {}, {}, {0xffffffff}, {0x4, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0xffffffff, 0xefa6}, {}, {}, {0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x4}, {}, {0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x400}, {}, {}, {0x0, 0x0, 0x3, 0x0, 0x0, 0xb}, {0x0, 0x0, 0x0, 0x0, 0x7}], [{}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {0x2}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x0, 0x1}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

5m21.324373927s ago: executing program 5 (id=3225):
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x8000)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@data_err_abort}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000003200)=ANY=[@ANYRESOCT=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_clone(0xc4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x1d0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
write$cgroup_pressure(r2, &(0x7f0000000100)={'full', 0x20, 0x3, 0x20, 0xffffffff}, 0x2f)

5m20.729813115s ago: executing program 5 (id=3232):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x7, 0x1, 0x9, 0x1, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000080)=@nat={'nat\x00', 0x3c1, 0x1, 0x1f8, [0x200006c0], 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0000000000000000000000000000faffffff00000000000000000000000000000000000000000000ffffffff01000000150000002800000093007665746830000000010000000000000064756d6d7930000000000000000000006873723000000000000000000000000000000000001000000000001000000000aaaaaaaaaaaa0001fcffffffaaaaaaaaaa00ffff0000ff000000c0000000300100006801000069707673000000000000000000000000000000000000000000000000000000002800000000000000ac1414190000000000000000faffffffffffffffffffffffffffffff000000004e24ff01000000000000007265706c79000000001c0000000000000000000000000000000000000010ea000000000000aaaaaa0f43aa0000fcffff0400000000736e61740000000000000000000000000000000000000a0000000000000000001000000000000000ffff7fffffff0000fcffffff00000000646e617a9591e80900000000000000000000000000000000000000000000000010000000000000000180c200000100000fffe8000000000000000000000000000000000000000000000000000000000000000000a856177e0000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff00000000"]}, 0x270)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000340), &(0x7f0000000380)}, 0x20)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x2)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x141081, 0x0)
setuid(0xee00)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r6}, 0x10)
r7 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, 0x0, 0x0)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000000)={'team0\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000040)={@private2, 0x14, r9})
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000500)={<r10=>0x0, 0x8}, &(0x7f0000000600)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000b00)={r10, @in={{0x2, 0x4e23, @multicast1}}}, 0x84)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x6, '\x00', r9, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r11}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r12, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x24, r13, 0xfc5, 0x0, 0x0, {{0x11}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE={0x8, 0x2a, [@perr={0x84, 0xffffffffffffff21}]}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000040)={&(0x7f00000008c0)={0x16c, r13, 0x300, 0x70bd27, 0x25dfdbfb, {{}, {@void, @void, @void}}, [@NL80211_ATTR_VENDOR_DATA={0xff, 0xc5, "bb755d2897d374c7c7d6aa59f7966750524986da952c45a38a17ac5ff6a9ae5d60d56b239baa27aca560ee7a0ccd2b2c62859727c63e6a7b9327227ea7952ae573e295e3895e9dc41fac81d0232db4d0f067b41153127985b7fc1b35deffd78bd8e46950a6f9bc8eb10fbd2f92d0310bde48d1d8e9019e02fb27f62b6a4422620890c8cfbf999404ec226612ad898bc75fe5b6949aed9cac86bb8ed6cf6c76477f96c20f167b409287b20c18428c6aa02822cf72b4f89202cb6fa827c35e7545f99ec3ae37b20fe06832d0352c7b9dd0ea2ac625436c8fef671f46b3794dcf1fc086fcb0bb7438a8709c4f084451ffe6d7ba9d08dd52d2d7e5788e"}, @NL80211_ATTR_VENDOR_DATA={0x30, 0xc5, "6bc37d53ef65beadcd0d0b6b40cf6d3adbd31aef4b1847ce50264ba8a6bd111e2c025df0c6ec62b165db5249"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xffffffff}, @NL80211_ATTR_VENDOR_SUBCMD={0x8}, @NL80211_ATTR_VENDOR_ID={0x8}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x800}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x7}]}, 0x16c}, 0x1, 0x0, 0x0, 0x10}, 0x8000)

5m18.257941205s ago: executing program 5 (id=3249):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$phonet_pipe(0x23, 0x5, 0x2)
r0 = gettid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r2, 0x545c, 0x3000000)

5m18.090910984s ago: executing program 41 (id=3249):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$phonet_pipe(0x23, 0x5, 0x2)
r0 = gettid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r2, 0x545c, 0x3000000)

3m18.119035602s ago: executing program 3 (id=4915):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6ff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r3}, 0xd)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_dccp(0xa, 0x6, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680), 0xffffffffffffffff)
r8 = socket$inet(0x2, 0x2, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0x80000000000000}, 0x18)
sendmsg$inet(r8, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x5a}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)
sendmsg$TIPC_NL_MON_GET(r6, &(0x7f00000008c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000740)={0x7c, r7, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0x68, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3ff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xf3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}]}]}, 0x7c}}, 0x4040004)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x550, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x298, 0x2c0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x1c8, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5b0)

3m17.973397182s ago: executing program 3 (id=4918):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3m17.868174761s ago: executing program 3 (id=4920):
socket$inet6(0xa, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x400002}}]}, 0x2, 0x462, &(0x7f0000000300)="$eJzs3M1vFOUfAPDvTF94p/3x8w1ErXKw8aWlBZWDF40mHjSa6AEPHmpbCGGhhtZECJFqDF5MDImejUcT/wJvXox6MvGqd0NClAvoqWZmZ8rusltou+yu7OeTzPZ5Zp7deb4788w8M89sA+hbY9lLErEzIn6LiJFqtr7AWPXP9avnZ/++ev6d3RErb/6Z5OWuXT0/WxYt37ejyIynEeknSbGSeotnz52cqVTmzxT5yaVT700unj339IlTM8fnj8+fnj5y5PChqeeenX6mLXFmcV3b9+HC/r2vvH3ptdmjl9796dusvjuL5bVxRON3sEFjWeB/reRWZy634YN70K6adDLYxYqwLgMRkW2uobz9j8RA3Nh4I/Hyx12tHHBHZeemLa0XL68Ad7Ekul0DoDvKE312/VtOHep69IQrL1QvgLK4rxdTdclgpEWZoYbr23Yai4ijy/98lU3R5D4EAEC7fTb75avxVLP+Xxr31ZTbXYyhjEbE/yJiT0T8PyLuiYh7I/Ky90fEA+tcf+PQ0M39n/TyhgK7TVn/7/libKu+/1f2/mJ0oMjtyuMfSo6dqMwfLL6T8RjakuWn1ljH9y/9+nmrZbX9v2zK1l/2BYt6XB5suEE3N7M0k3dK2+DKRxH7BpvFn6yOBCQRsTci9q3vo3eXiRNPfLO/VaFbx7+GNowzrXwd8Xh1+y9HQ/ylZO3xycmtUZk/OFnuFTf7+ZeLb7Ra/6bib4Ns+2+v3/8bi4wmteO1i+tfx8XfP215TbPR/X84eSs/Hg0X8z6YWVo6MxUxnFQbRt386RvvLfNl+Sz+8QPN2/+e4j1Z/A9GRLYTPxQRD0fEI0XdH42IxyLiwBrx//hi62W9sP3nmh7/Vvf/hu2//sTAyR++a7X+29v+h/PUeDEnP/7dwu1WcDPfHQAAAPxXpPkz8Ek6sZquPqC+I7+3uz2tLCwuPXls4f3Tc9Vn5UdjKC3vdI3U3A+dSsoH26v56eJecbn8UHHf+IuBbXl+YnahMtfVyIEdN7X/NJ2YqC77Y6DbtQPuuGbjaNPDXagI0HGN7T+tz154PXvd1sEKAR3j99rQv27R/tNO1QPoPOd/6F/N2v+FhryxALg7Of9D/9L+oX9p/9C/tH/oS5v5XX93EuU/PumV+vRrItKeqEZPJrZGRA9UY1OJLh+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2uTfAAAA//8I1eji")
r0 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x200, 0x4)
r2 = dup(r1)
syz_genetlink_get_family_id$mptcp(&(0x7f0000001580), r2)
getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="3c0000001000370400000000ffffffff00000000", @ANYRES32=r3, @ANYBLOB="0b120500000000001c0012800b00010069703667726500000c00028008000100", @ANYRES32=r3], 0x3c}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002e00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r6, r7, 0x5, 0x0, 0x0, @void, @value}, 0x10)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r6}, &(0x7f00000006c0), &(0x7f0000000700)=r5}, 0x20)
sendmsg$inet(r4, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000800)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r10}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000730000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r11}, 0x10)
r12 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$cgroup_pid(r12, &(0x7f00000031c0), 0x12)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

3m16.959996888s ago: executing program 3 (id=4935):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) (async)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$IEEE802154_LIST_PHY(0xffffffffffffffff, 0x0, 0x40000) (async)
sendmsg$IEEE802154_LIST_PHY(0xffffffffffffffff, 0x0, 0x40000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00'}, 0x10)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r2, 0x0, 0x20000000, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) (async)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r3, 0x3, 0x5000000, 0x8000c62)

3m16.613757536s ago: executing program 3 (id=4940):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5, <r6=>0xffffffffffffffff}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r8, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0x0, 0x0, @vifc_lcl_addr=@initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$MRT_FLUSH(r8, 0x0, 0xd4, &(0x7f0000000200)=0x41c16f48c89e823a, 0x4)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
r11 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x105040, 0x0)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r11, 0x3312, 0xd0a6)
r12 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0xb1)
write$cgroup_int(r12, &(0x7f0000000000)=0xfe8e, 0x12)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000000)={0x0, 'ip6erspan0\x00', {0x4}, 0x9})
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000003800)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {0x0, 0x6}]}, [{0x3}, {}, {}, {}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {0x0, 0x0, 0x10}, {}, {0x0, 0x0, 0x0, 0x2}, {0x0, 0x1000000}, {}, {0x0, 0x0, 0x3}, {0x0, 0x3}, {}, {0x0, 0x0, 0x1}, {}, {}, {0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x2, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {0xfffffffc}, {0xfffffffa, 0xe}, {}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x4, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x2, 0x0, 0xfffffffc}, {}, {}, {}, {}, {0x0, 0xffffffff}, {}, {}, {}, {0xfffffffe, 0x0, 0x80000000}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x100000}, {0x0, 0x10}, {}, {0x0, 0x0, 0x0, 0x100}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x200}, {0x0, 0x0, 0x0, 0xfa8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {0x0, 0x0, 0xfffffffd}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x100000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x7}, {}, {0xc0000, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x4}, {0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x0, 0xe10}, {}, {0x0, 0x0, 0xeb3f}, {0x0, 0x0, 0x0, 0x4}, {0x401}, {}, {}, {0xffffffff}, {0x4, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x6}, {}, {0x0, 0x0, 0xffffffff, 0xefa6}, {}, {}, {0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x4}, {}, {0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x400}, {}, {}, {0x0, 0x0, 0x3, 0x0, 0x0, 0xb}, {0x0, 0x0, 0x0, 0x0, 0x7}], [{}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {0x2}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x0, 0x1}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

3m16.257579955s ago: executing program 3 (id=4948):
prlimit64(0x0, 0xe, &(0x7f0000000580)={0x8, 0x1003}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r2 = dup(r1)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
ftruncate(r3, 0xee72)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x28, 0x0, 0x10, 0xfffff020}, {0x6}]}, 0x10)
sendfile(r2, r3, 0x0, 0x8000fffffffe)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0xd7cf)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
mount$nfs4(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000001080)={[{'rdma'}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x10004, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = socket(0x10, 0x3, 0x0)
write(r7, &(0x7f00000002c0)="240000001a001deb23713f48f97319b528aca4b2d1000050e4088356b1bf4aecf49f0514", 0x24)

3m16.178387045s ago: executing program 42 (id=4948):
prlimit64(0x0, 0xe, &(0x7f0000000580)={0x8, 0x1003}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
r2 = dup(r1)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
ftruncate(r3, 0xee72)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x28, 0x0, 0x10, 0xfffff020}, {0x6}]}, 0x10)
sendfile(r2, r3, 0x0, 0x8000fffffffe)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0xd7cf)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
mount$nfs4(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000001080)={[{'rdma'}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x10004, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = socket(0x10, 0x3, 0x0)
write(r7, &(0x7f00000002c0)="240000001a001deb23713f48f97319b528aca4b2d1000050e4088356b1bf4aecf49f0514", 0x24)

2.048201408s ago: executing program 7 (id=8392):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
close(r0)

2.021774138s ago: executing program 7 (id=8393):
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000d40)='./file1\x00', 0x3200010, &(0x7f0000000200)=ANY=[], 0x1, 0x7b9, &(0x7f0000000d80)="$eJzs3U1sHGf5APBnXDtxXCmq+v+rRFGaTpIiJSK4u+vWxeqhbNdjZ1p71+yuUXJAbdU4VRT3Q60qaA6UXFpAIMSJY+m14sINxAGJA3BCogcuHJAq9YSKBBICISSjmd2NP7K28+WkH7/fKvvOzrzzvs/MTubZWe/MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQSWO2UqkmsZA3l8+m22vMtluLO0wftPfrTcUO/UYkxb8YH49DvVGH/n998gPF0/E40nt1JMaLYjwu3/vAfU/83+jIYP4dArpZx66zXhLxnSKoS8+vrq68tgeB3EHf/9UNz/LvteJ5PmvmnVa+WJ/P0rzTSmempyuPnJnrpHP5QtY51+lmi2mjndW7rXZ6snEqrc7MTKXZ5LnWcnN+tr6QDUY+/uVapTKdPj25lNXbnVbzkacnO40z+cJC3pwv69Qq34yizuPFhvhM3k27WX0xTS9cXF2Z2i3UolJ105j9mzacIw/f99EbH/7j4kqxQW7XSNLfMGvVaq1WnX5s5rHHK5XRWqW2eURli7haI0Yiihp7stHyKXL7dt5wi0b6+T8WIo9mLMfZSCONkfJ5/TEW4zEb7WjFYvH6T2Nbpl+T/7/4yN/+sFO/G/P/IMsfWp98OMr8f7T36ug2+b/YKW+NY68e91yNbePY1+PNuByX4vlYjdVYidfuWDw3+Ri5ve3NRxbNyGN/ROSxGPVyTBp5dKIVaczEdExHJZ6NMzEXnUhjLvJYiCw6cS460Y2s3KIa0Y4s6tGNVrQjjZPRiFORRjVmYiamIo0sJuNctGI5mjEfs1EvW7kQF8v1PrUlrge+/dwvX/zjR+8Ww1crVXdYkKT4MFdU+vsOlfrJ/KG4ifw/qCH/f9aMD/YL1+m27bvhVq2V+X/0bocBAAAA7KGk/PY9iYixeLAcmsu/dreDAgAAAG6r8nfNR4pirBh6MJK5fCGrDKn5wR2PDQAAALg9kvIcuyQiJuKh3tDgdKlhXwIAAAAAn0Ll3/+PFsVExFvlCMf/AAAA8Bnz3e2usf/hvv41ejtL+5PBxW+Xzj6cvFQvhuov9cf1i69fbbE7dzg52G+kLKZHL9+bRMRoIzuSDK5++d/9vfLj8vnw+gUIt7vWf9JujyVXtg8gdg6gfBU/iGO9OsfO98rzgym9Xibm8oVsstFaeKKa9L8c6b7x8sVvRRS9f6+5eDCJCxdXVyZfeGX1fBnLlaKVKy/1Lw+f3EAsa/01EA8OX+Kx8kSMfr8TvX4rG5d/pDf7yM59Jhv7fDuO9+ocn+iVE5uXf7zoszr5RDXq9YMj3exs9421DUvfj6J6i0v+dpzo1Tlx8kSvGBJFbVMUL18bRW1jFNe3Lq47inePvXX2n79tJdnUblFM3WIUAHfLhfKqP+tZ6ECZhf6z1lPk/y1598Ag4d7IXu7C+qeMA/3aG3LdaNxQdh8kmyF79JO9Oid7nydGDw/JK5Uhe/RXL776u/4e/dH3f/LTbxz9/c9vPru9H6d6dfpF3P+bbXJsscw/3JJV3yvmeG+bfouXtSTGevdOWJ+88uLKy7Xa1HTl0UrlsVqMlR8V+oXcA8AQu95j5zruwvPo8KPqGGS8+6/+pGAyXohXYjXOx+nybIOIeGh4qxMbfoZwepej1okNd3g5vfOx5aH10xtqW+vuP5HEvftiSLubUuUXflwW/9qztwQA9tzxXfLwDvl/bJD/T+9y3L05l5/q3Th3cHQc2+fyYb6y1ysEAD4HsvbHyUT3naTdzpeerc7MVOvdM1nabjWeSdv57HyW5s1u1m4MvmludVuNwdHwbNZJO8tLS612N51rtdOlVic/W975Pe3f+r2TLdab3bzRWVrI6p0sbbSa3Xqjm87mnUa6tPzUQt45k7XLmTtLWSOfyxv1bt5qpp3WcruRTaZpJ8s2VMxns2Y3n8uLwWa61M4X6+0rEbGwvJils1mn0c6Xuq1eg4O+8uZcq71YNjt57eL/9U6uawD4pHj9zcuXnl9dXXlt88BasnXM8IE/v3n50uBP9NtWjli7y0sJAGy0MUsDAAAAAAAAAAAAAACfTNeerleM3e20v00DY3EDlbcM7N/+rMHP5cCXftZ7W25Hg7fSzoFN7+m+/sayJ4t8T0Ts3Vp97sknL21X56m3Dp35y/7r6X34/5Rhp7q+czBi3y9+1Bvz1Tu12XzQX4cxekOzryU71LlruyQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Nb/AgAA///rrkcE")
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x3ff, 0x200, 0xc8, 0x402, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000005a40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x98}}, {{&(0x7f0000005840)=@file={0x1, './file1\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4800}}], 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$binfmt_script(r3, 0x0, 0xb)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r5)
sendmsg$IPVS_CMD_NEW_DAEMON(r5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000a000000380003801400020076657468305f766972745f7769666900060007004e2400000800030000000000080001"], 0x4c}}, 0x0)
pselect6(0x40, &(0x7f00000045c0), 0x0, 0x0, 0x0, 0x0)
splice(r2, 0x0, r4, 0x0, 0x80, 0x2)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1a1b40, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x9a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000641100fe8000000000000000000000000000bbff02000000000000000000000000000100004e22"], 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x30, 0x3, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x0, 0x4}]}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffc, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000400)='stack\x00')
sendmsg$inet(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000100)={0x2, 0x4e21, @empty}, 0x10, 0x0}, 0x0)

1.787194477s ago: executing program 0 (id=8396):
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)

1.754201297s ago: executing program 0 (id=8397):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006, 0x0, 0x6, 0x3ff}]}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7c2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x48a80, 0x0)
close(r2)
socket$nl_generic(0x10, 0x3, 0x10)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x7}, 0x20, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0xe}, {&(0x7f0000000300)="d8a834a3de902d15d29501b87bedbc2137cc13784ea361df08df840517c88ef9eb47d6ad4cc07c825b72ce860a630a82ce11cc268e2a16488f49364fae93f2b443fbad2fcc92267749f2615f28c3689155f0229beb6fce8baf3fade36dcc2a9171a5001d794c9b5e7d118937c9f9d958e870605dc88706c43716ca0ffc2cf2a0cb31303ce96c351288114fabd190bae3b29a583719e18d9a064d355fdcd87002993cefc197f3f44db726a7fddc8fd5b7c84d08c98ec0f4afeed8cfa24261ac8c5d5a9892bc6532fafea7ba6cdd9f", 0xce}, {&(0x7f00000006c0)}], 0x3)

1.621164626s ago: executing program 0 (id=8399):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_clone(0x20a00000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$getregset(0x4204, r1, 0x1, &(0x7f0000000180)={&(0x7f0000000000)=""/7, 0x7})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f00000000c0)={0x28, 0x0, 0xffffffff, @hyper}, 0x10)

1.575426396s ago: executing program 0 (id=8400):
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) (fail_nth: 2)

1.315503255s ago: executing program 6 (id=8403):
unshare(0x400)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x2, 0x84}}}, 0x28}}, 0x24000000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
dup2(r2, r2)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000100)={0x2000})
ioctl$SIOCSIFHWADDR(r1, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})
r3 = perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg(r4, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000700)="6b093db1947bc296cf697e335c7aa0e9afc07b5f0c819e3522eaad2a74224b7a5bed182fec91c96271033eec5d14ede20a6d1c36c3e7a445ccb5b158ffaec30b8b846de0d5b327a6b1d322a80d00b5c08428fb6ef0d6bdfef436fd9a0027a7cce11f65f633449199149e065a48b3f6bb51b5e305aa20ec347027ace732178271cb92f3e4bdda6732a10715efe7a7eae23413207a9cd1c24ea5ad8f333bfedf8e93e880fc51fb9051917d5488a13c22f1a575b1767424074c84444b29becb98de0e479ae50c12711cc5e26973d496458de4969e51dd5aee7ae9ca5da879f96737d626b447cdf675bc4af3e1ffec688c6945d0786b8ff146cab2e441e3438f3ddd2832b9ac4c9693141785b844f706c8137d0ebf12347ee82f9bd1968c51803a81998a149178952f712f57c09038a8f8a2e871a1f3b026ec617a77cb2163cea2164504b5ae989034b7ceb91545c2d968b9852181505afb7422606d1db2982240a7583260c32f5e3ea677edfeffc6cb30ef79c96938f7b571a3747042c4db17296ea799f65205b5cc2bf60f5921db65d28ae0a3ce76601fb0dfc04c7fa3900aff36af6c018df195fe6e97e6aa3a81c06130489c24b82c920681d3efb1fc33c73f8645ff0baa0be3a9a92b601f9602a2ef119e527c156bd8d8c91ec92baed92c43bc153fb5c7a5b08f8c8c03b0d266bcadbb061ae5e0f15eab9ba116923a27d96137", 0x200}], 0x1}}], 0x1, 0x81)
setsockopt$sock_int(r4, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmmsg$inet(r4, &(0x7f0000004100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)='f', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000300)='2', 0x1}], 0x1}}], 0x2, 0x4)
shutdown(r4, 0x1)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)={@cgroup, 0xffffffffffffffff, 0x10, 0x0, 0xffffffffffffffff, @void, @value}, 0x20)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)

1.314139885s ago: executing program 9 (id=8404):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = syz_io_uring_setup(0x10e, 0x0, 0x0, &(0x7f0000000280))
io_uring_enter(r0, 0x1b1, 0x59be, 0x1, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x8)
dup(0xffffffffffffffff)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x12, 0x8, &(0x7f00000009c0)=ANY=[@ANYRES64=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000001000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='sched_migrate_task\x00', r1, 0x0, 0x3}, 0x6e)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000180)='./file0\x00', 0x1808008, &(0x7f00000000c0), 0x6, 0x59e, &(0x7f0000001500)="$eJzs3U1sHFcdAPD/TOzsOnGaFHooCGgohYCirmOnjapeWi5IUFUgFU49pJa9sSKvs5F3XWrjg3PiwBWJSpzgwoUTh0ockHpCXLnBjUs5IBUUgWokhKaa8Wy8u9mNt/7aOP79pJHfm52d/3sj75uZNx8vgFPrckRsRcTZiHgnIi5GUsxPyile35ny5T65v7mwfX9zIYkse+tfE+UaNhc6y3ecj4ifDohV6Uq31jeW5xuN+mqZn2mv3J1prW+8eHtlfqm+VL8zN3dj9sa1V66/PHdodX1u5Xcff+f2Gz/6w++//NGft771k7zMr5Wf5XXrWjTJsuzgAV/rbJfJmC5npRGRb7k3Dr72x8KZsj5nx10Q9iX/f/xcRDxfph+ojq9MAMDRyrKLkV3szu9Ke3JZlgxYBgA4efJz/ulI0lp5/j8daVqrFX141WfiXNpottpXbzXX7iSdLr7J9NbtRv1a0VcYUYnJJM/PRsSloidoJz9X5PNpJ389Ip6OiJ9Xpop8baHZWBzLEQ8AcL5v//+fSr7/r4zyVVcIAOAksycHgNPn4f3/5FjKAQAcH+f/AHD6dO3/R7ryDwCcfNW+Z/8HKh//mziG8gAAR29g///bF3bTzyZ9r/gCAE461/8B4FT5wZtv5lO2nSXF+68X311fW26+++JivbVcW1lbqC00V+/WlprNpeKdPSsDVnGvO9NoNu/OvhRr78206632TGt94+ZKc+1O+2bxXu+bdQ8WAMD4Pf3ch39NImLr1aliis5YDnvfEACccGnE1LjLAIzHmXEXABibEW/n1UzAE2hwf7xb/eA02esXP/AWoamIeH/4d3QswOPtyheG9P/3Hxv0Xg/4/yGMjg2MWfmz9lQvnEIH69hzNx+cZI/e8XswCJ5kWZYYzx8ATpkRzuC7ugguHemxCDAe+7r+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfcdDElaa0cC3w60rRWi7hQjPYzmdy63ahfi4inIuIvlclKnp8dd6EBgANK/5GU439dufjCdP+nZ5P/Voq/EfHjX771i/fm252hAx/Mb79fzG+vzg0MUDn6OgAAXSb6Z3T208XfrhP5T+5vLnSm4yzgx9/ejb99f3NhdzziibLw1cjnnft30lOZpHdg4n3buhcRz/bXP33w+aUySn/8fO6FI4sfRQ2ni/jVMn7vYVRajsacltvi81MjxjuEMsOT4sO8/Xl90O8vjcvF3/L3N9XbmFbjZw83rvtQtH/ViO1sp/3b7oqfr//7F6pFWzOo/bs8aoyX/vjdoZ/dO5N9cSKiE3u7q/3ZUS1Sg+K/MGL8v33pK88P21jZryKuxKPi76Rm2it3Z1rrG7/93gd/Wqov1e/Mzd2YvXHtlesvz80UfdQznZ7qh/3z1atPDa9/xLkh8at71P/rI9b/1/975+2vPiL+N782KH4azzwifr5P/EasjhR//twHQ4fvzuMvDqn/RE/8sz3fy+dd7V/ZkH/Ij/6+sThSQQGAY9Fa31iebzTqq6Mk0thYnu+caI78rZ7E1L6+NWIijmzNDyXy46/1ye6NMHVk0c8P+eg3n3mFk3Fc2+dwE/c+w8KV8RT1TDQ6/VF7Llwut3WQoFl2gDJfHmGZMTVIwLHZ/dGPuyQAAAAAAAAAAAAAAMAwrR+Wr/w75IeiqqueLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODofRoAAP//ccjFBg==")
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb08004500002c000000020011907808000000000000000000000000089078"], 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000380)=ANY=[@ANYBLOB="e90c630faca20180c200000008e04500001c0000e8240011907800000000000000000000000000089078aaf4a341b12759af92f27a8bdec88eaed697bc20534301464f72fc28bbac817c48e4a0ea00a6b0ceac55252869b637"], 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0xc000)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg$rds(r3, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000001c0)=[{&(0x7f0000000880)=""/4096, 0x1000}], 0x1, 0x0, 0x4}}], 0x48, 0x40841}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
syz_open_pts(r6, 0x8001)
open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)

1.233591355s ago: executing program 0 (id=8405):
r0 = syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8, &(0x7f00000005c0)={[{@errors_remount}, {}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000080)=0x6)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x78, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xf, &(0x7f0000000ac0)=ANY=[@ANYRES64=r2, @ANYBLOB="6b8c334a76682ea59e3eeecf31b465994684853b4898b2b82de84959d6782582a89734a858c773319f136e0777e11f877699f9b3b5038e00a691ef1bb8dee721c0a62490e8bf42359ec0a4c1805942b3a22601f51d456926dcbac3e9b4dcea9cfa98c34da58659b2808d9f78d63dd0999f4e3ca119c7c719d17dace22e353cda0f91cc3a97ee458d199b54744947dccdd60ddca5595671666c4ace3e1378cb260e39c37ee2334a5caa60d85932bcce8bf022b8b1852ba0ddad568cde5690b4bdd27496c77820ed5128aaa861ab8923e5d4104e2ebac2011441c544b046569c6414e75a", @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
setgid(0x0)
clock_nanosleep(0x8, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
fcntl$getownex(r0, 0x10, &(0x7f0000000180)={0x0, <r5=>0x0})
fcntl$setown(r1, 0x8, r5)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x95c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f00000002c0), 0x2}, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x1}, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_dev$usbmon(&(0x7f0000000000), 0x9, 0x60281)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
syz_emit_ethernet(0x66, &(0x7f0000000600)=ANY=[@ANYBLOB="aa96aaaaaaaaffffffffffff080040be00580067000001069078ffffffff00000000441487730000000000000000ac1414bb000003ff860900000000010323440c4801ffffffff000000000000000000000000000000000000000000000400004e2100004e23"], 0x0)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000180), 0xfea7)
socket$tipc(0x1e, 0x5, 0x0)

1.233178585s ago: executing program 6 (id=8406):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x7, &(0x7f0000000040)=@framed={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.194553985s ago: executing program 6 (id=8407):
clock_gettime(0x0, &(0x7f00000004c0)={<r0=>0x0, <r1=>0x0})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000780)={r0, r1+10000000})
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x1, 0x24000001, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet6(0xa, 0x80002, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x99, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='sched_switch\x00'}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x64000600)

1.193113555s ago: executing program 9 (id=8408):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r2, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x4004082)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0, 0x3}, 0x0, 0x3, 0xffff, 0x0, 0x0, 0xfffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f00000005c0)='fd', 0x0, r3)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
symlinkat(&(0x7f0000000080)='./file0\x00', r5, &(0x7f00000000c0)='./file0\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
rt_tgsigqueueinfo(0x0, 0x0, 0x39, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r6, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x2000c12, &(0x7f0000000200)={[], [{@flag='rw'}]}, 0x4, 0xa0b, &(0x7f0000000dc0)="$eJzs3U1snPWdB/DvM7YTY1ASIMuyCMgkbIIBr2M7S7IRBzaxJ4lZv6xsRyLaA2GJs8rGu+ySXQlQJYJU9VTUSq16aG+op/aCxKVcKm7trT31UKni1DvqKVUPrp6Zcfw247GNY4fw+ViP53n5Pf//73n9e8Yz8w9fL4sHV00tLtaHbU5f/tkuZMx97PzYFx9/8lE5fHg7+9KVl4tfJL1Jqkl3kieTntGxmenJDgXdTK4m+TwpkuxP43FTrqb4Xh5Znv48xU/Ketvat9mS6WSRb7S9Pv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB+VIyODQ0NF/syPnX59WpDUl1ndGxmusji4volS+s0fFbv9bv4rGO9SVEO6e1dmvXk4eXFTySpHsvTjamn6x2SpzfvP/zEoVce764srd8um69k/+aLvfXe+zffXFiYf6d9yOIHjW3YmdzuMxdrU+Oz0+OT5y7WquOz09Wzp08Pnbx0YbZ6YXyiNntldq42WR2dqZ2bm56p9o++UB0+e/ZUtTZ4Zfry1MWxwYna0swz/zAyNHS6+trgv9bOzcxOT518bXB29NL4xMT41MV6TLm4jDlTnoj/Mj5Xnaudm6xWr99YmD+1JqeutTu7DBrutCVl0EinoJGhkZHh4ZGR4Q+bvWffnXH65bMvnxka6h5aI+si7tFJy/3lofaHeUfv3/BVVBrtf/5zIuOZyuW8nmrLn9GMZSbTmWyzvGmp/T9+srZhvSvb/2Yr371i8VPlr2N5tjnZ26b9b5PL7v3cynt5PzfzZhaykPm8s+cZ7e7PxdQylfHMZjrjmcy5+pxqc041Z3M6pzOUN3IpRzKbai5kPBOpZTZXMpu51Opn1GhmUsu5zGU6M6mmP6N5IdUM52zO5lSqqWUwVzKdy5nKxYzlXL2U67lR3++nNsjxbtDwZoJGNgha25iX5/rW2v/ag/qXIJu28zdx2KbFZvu/r3No/+huJAQAAADsuL/7dQ4cfuxXf0iKPFN/Xf7C+ETt1b1OCwAAANhB9bfrPV0+9JRjz/TWn/8P7XVaAAAAwA4q6p+xK5L05UhjbOmTUF4EAAAAgAdE/f//z6Y4sjzD838AAAB4wHT+jv2OEcXA0tf/Vq81Hq81IxpTRd+F8Yna4Oj0xCvDOVH/loEkz6wvrSspeuofP3gxRxtRR/saj33LJZZ19pZRw4OvDOfFHGtuSP9z5cNz/S0iRxqRzzcin18Z2ZVVkafKSAB40B3boD3ebPv/YgYaEQNP1Zv87qdatMFDWlYAuF/c7WPnz80uzVq0/82IZ9u1//+4wfP/MuKxXD/SeEvBYN7K21nItQyk+Y6DI61KXeqNoPE2hIEOrwb0Nd+y8NszlQysez3gbv+Cq2LnM5KBlq8IrCi3WMrhVCOu694cAwDYbcc2bIc31/4PdHj+3+cthQBwX7nbg/0WRj7YSvD8O7f2ehsBgNW00gAAAAAAAAAAAAAAAAAAAAAAAAAAALDzNvUF/r85kSwszCfb6Cxg2yO9W8lw45FKdinnPR/pSrJXtb+aLa9VHuOvUOnPH2qu/se93/MP3Mge35gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYFUXS1Wp+JdmfZCjJyd3P6t65vdcJ7JTqvm2tVtzJnbybAzueDwAAAAAAAAAAAAAAAAAAAAAAAAAAAADAN1zz+/8raTw+3JiV7kpyPMnVJP+21znupDt7ncC9UXQO+a9G4PL3/1eSniwW6W4c9hQ9o2Mz05NlUcX+cvkXH3/yUTl0Lnt9rwplAWUNqzqXaNawYk7P6rUera/VNzZ/6+b/vf0/1bHz9RPz/NyFibHJizP/vBz4RPFpUk1jWLKU77eO//L7K2Y3O0ooPi23tLW19V6o1zu2vt6/bbV2m3o34cbC/EhZ01zt9bn//+8b765Y9FiOJs/1J/2ra/qPcmhT09G1+3O14sviO8WB/ChX68e/3BvFYlEeooP17X/o+o2F+cG33l64djenD1bldChHklxLejef05H252b9rKv0lLUO1YPKX4c7lLehFSUOt9mvj6ZaSfq2tA3VDtdXh/3ezOhUy4x+8L+P58SWj/SJDjW2VHxZ/L64lN/l2yv6/6iUx/94Wl6dLYqoR644U1YuW3V5VRqR9S0fWbngjbVltr0qW/vL4uLi1tZghe/m3/NPd49/ZcX9v3msdud+tKLG1tdFsvXr4qcH17Uoy+ot0uE1LVLz7tNunWaehxtRbfL8m7zUKHMLd5SXOrXY9+j6/3HRnz/ltv5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+1+RdLWaX0mOJzmU5GA5XU0W18bc3kZ9lb5iO2numO3k/PVTtN3Q4k7u5N0c2O2MAAAAAAAAALg3zo998fEnH5VD/f/xXfn7SnNJNelOcqj4Yc/o2Mz0ZIeCepKrS//S791aDlfLX48sT39eTj3ZOrZYNwIAbNVfAwAA///qxHJw")
r7 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$key(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000b40), r8)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

1.185734035s ago: executing program 8 (id=8409):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000400)={'wpan0\x00'})
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x3, 0x0, 0x0, 0x0, 0x40006, 0x500, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, @perf_config_ext={0xffffffffffffff01, 0xa5d7}, 0x408, 0x0, 0x0, 0x0, 0x8, 0x0, 0xb, 0x0, 0x0, 0x0, 0xffffffffffffff19}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRESHEX=r1], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB="00a20000000700"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r3, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)

1.122804534s ago: executing program 7 (id=8410):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1.078581024s ago: executing program 8 (id=8411):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
close(r0)

1.067259644s ago: executing program 7 (id=8412):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x80}, 0x18)
r1 = socket$kcm(0xa, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'wlan1\x00', @random="020000001300"})
r2 = socket$kcm(0x2, 0x5, 0x84)
connect$pppoe(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @broadcast, 'veth1_to_batadv\x00'}}, 0x1e)
sendmsg$inet(r2, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0x0, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000001800)='_', 0x1}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x84, 0x1e, &(0x7f0000000000), 0x10)
r3 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r3})
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8936, &(0x7f0000000000)={r3})

1.028458384s ago: executing program 9 (id=8413):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0xf, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000003c0)={'vcan0\x00', <r4=>0x0})
bind$can_raw(r3, &(0x7f0000000480)={0x1d, r4}, 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@getchain={0x24, 0x11, 0x1, 0x0, 0x3, {0x0, 0x0, 0x0, r4, {0xe, 0xb5d54cde5c199d9f}}}, 0x24}}, 0x40044)

1.017463874s ago: executing program 8 (id=8414):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f00000005c0)="f4416eb4e859495d589fefa788", 0xd, 0x0, &(0x7f0000002780)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14)

599.277832ms ago: executing program 8 (id=8415):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

565.921182ms ago: executing program 7 (id=8416):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000400000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e0001006970366572737061", @ANYRES32], 0x5c}}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r3 = creat(0x0, 0xecf86c37d53049cc)
write$binfmt_elf32(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="7f454c4604030003000000000000000002003e00000000000103000038000000000000000f000000000020000100040000000000000000000300000008000000f300000081000000040000000400"], 0x58)
close(r3)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000240)={r2, r3}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_settime(0x0, 0x1, &(0x7f00000006c0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
socket$inet6(0xa, 0x6, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000033000000ac1414aa00000000000000000000000000000000000000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000200040000000000000000004c001400636d6163286165732900"/229], 0x13c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

525.200442ms ago: executing program 8 (id=8417):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f0000000380), &(0x7f00000003c0)=r0}, 0x20)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f00000004c0)={@private, @rand_addr, <r2=>0x0}, &(0x7f0000000500)=0xc)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000880)=@bpf_ext={0x1c, 0x8, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xacd, 0x0, 0x0, 0x0, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}]}, &(0x7f0000000480)='syzkaller\x00', 0xfffffff8, 0xd9, &(0x7f0000000780)=""/217, 0x41100, 0x2, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x0, 0x1}, 0x8, 0x10, &(0x7f00000005c0)={0x3, 0x1, 0x80000001, 0x9}, 0x10, 0x272bb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xbb9c981, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@local})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002a00)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000340)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x8000000000000000}, 0x18)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0x0, 0x0, 0x0, 0xea}}}}}, 0x0)
r4 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
write$selinux_access(r4, &(0x7f0000000740)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x65, 0x0, 0x5, 0x0, 0x0, 0x3, 0x89008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc46, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x19fbcc0a, 0xfffffffd, 0x3, 0x1, 0x2, 0x0, 0x0, 0x3ffffffe}, 0x0, 0x6, 0xffffffffffffffff, 0x0)
r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r7, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
write$UHID_DESTROY(r7, &(0x7f0000000080), 0x4)

517.281512ms ago: executing program 9 (id=8418):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = memfd_create(&(0x7f0000000680)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x4)
fsetxattr$security_selinux(r3, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180300000000b2ff0000000000000000850000000700000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000000), 0x49)
sendmsg$kcm(r5, &(0x7f00000001c0)={&(0x7f0000000100)=@phonet={0x23, 0x0, 0x0, 0xd}, 0x80, &(0x7f00000018c0)=[{&(0x7f0000000180)="27050200160014000600002fb96dbcf706e10500070088a800008100", 0x1c}, {&(0x7f0000000300)="cb4e88a8af3288a8eef1", 0xa}], 0x2}, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="6c0000008a641371bebbc13df01704d3cede9b9a5a54792c31ac4e857a52e530eaca72a8b396a8f32707020203", @ANYRES16=r1, @ANYBLOB="01000000000000000000030000005800018044000400210001000a000000000090040000000000000000000000000000000100000000200002000a00000000000000fc010000000000000000000000000000000000000d0001007564703a73797a3100000000"], 0x6c}, 0x1, 0x0, 0x0, 0x851}, 0x0)

328.516871ms ago: executing program 0 (id=8419):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x20a00000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r2, 0x4, 0x6000)
io_setup(0x200, &(0x7f0000000140)=<r3=>0x0)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x39)
write$binfmt_script(r4, &(0x7f0000000080), 0x208e24b)
io_submit(r3, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r2, &(0x7f0000000000), 0x4000}])

328.055271ms ago: executing program 9 (id=8420):
openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[], 0x88}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xfe0f}, @TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)

180.843371ms ago: executing program 6 (id=8421):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000000000002000000000ff000000850000000f000000850000000500000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x16, &(0x7f0000002540)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa000004aa"], 0x0)

112.30913ms ago: executing program 6 (id=8422):
unshare(0x2040600)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)={'team0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0xa4, 0x24, 0xf0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x1, 0x8}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81], [0x0, 0x8, 0x4, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x7ffffffe}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xdea}]}]}]}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

76.96028ms ago: executing program 8 (id=8423):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESOCT], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
r3 = memfd_create(&(0x7f0000000840)='[\v\xdbX\xae[\x1a\xa9\xe5\xfa\xad\xd1md\xc8\x85HX\xa9%V\xdd\xf2ZA\x1c)\x16G\x1aZ\x11%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x1af\xdeD\"-=F\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\x80\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\x81\x00r\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x00\x00\x00\x00', 0x0)
write$binfmt_script(r3, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

41.99891ms ago: executing program 6 (id=8424):
socket$nl_generic(0x10, 0x3, 0x10)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e1f, 0x1, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x2069e}, 0x1c)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2}, 0x10)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYRES16, @ANYRESDEC, @ANYRES64=0x0], 0x64}, 0x1, 0x0, 0x0, 0xc050}, 0x4000000)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000030601020000000000000000000000000500010007"], 0x1c}}, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000e80), 0x0, 0x6d91fb6102d8910c, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
mkdir(&(0x7f0000000040)='./file0\x00', 0x140)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x2}}, './file0\x00'})
futex(0x0, 0x1, 0x800000, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r5}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r6 = socket$inet(0x2, 0x3, 0x4)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c00)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xe59}, @TCA_TBF_PARMS={0x28, 0x1, {{0xb2, 0x2, 0x83ba, 0x22dc, 0x6, 0x6}, {0x3, 0x0, 0x5, 0x1, 0x40, 0x2}, 0xff, 0xeb1, 0xa19}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xc90d8b5559ec0195}, @TCA_TBF_RATE64={0xc, 0x4, 0xbae8efee76372151}]}}]}, 0x78}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r9}, 0x10)
socket$isdn(0x22, 0x3, 0x11)
syz_clone(0x40089000, 0x0, 0x0, 0x0, 0x0, 0x0)

38.47825ms ago: executing program 9 (id=8425):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000400)={'wpan0\x00'})
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x3, 0x0, 0x0, 0x0, 0x40006, 0x500, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, @perf_config_ext={0xffffffffffffff01, 0xa5d7}, 0x408, 0x0, 0x0, 0x0, 0x8, 0x0, 0xb, 0x0, 0x0, 0x0, 0xffffffffffffff19}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRESHEX=r1], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB="00a20000000700"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r3, &(0x7f00000000c0)=[{0x0, 0x4f}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)

0s ago: executing program 7 (id=8426):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
creat(0x0, 0x0)
ustat(0x1, 0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESOCT], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
r3 = memfd_create(&(0x7f0000000840)='[\v\xdbX\xae[\x1a\xa9\xe5\xfa\xad\xd1md\xc8\x85HX\xa9%V\xdd\xf2ZA\x1c)\x16G\x1aZ\x11%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x1af\xdeD\"-=F\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\x80\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\x81\x00r\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x00\x00\x00\x00', 0x0)
write$binfmt_script(r3, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
ioctl$USBDEVFS_CONNECTINFO(0xffffffffffffffff, 0x40085511, 0x0)
r4 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
close(r4)
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000000880)={[], 0xf000}, 0x0)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

kernel console output (not intermixed with test programs):

_r:sysadm_t tclass=key_socket permissive=1
[  542.120118][   T29] audit: type=1400 audit(542.607:23514): avc:  denied  { read } for  pid=29826 comm="syz.9.7892" path="socket:[87334]" dev="sockfs" ino=87334 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  542.120894][T29832] loop6: detected capacity change from 0 to 764
[  542.169410][T29832] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7894'.
[  542.228214][T29837] ALSA: seq fatal error: cannot create timer (-22)
[  542.243046][T29837] xt_hashlimit: max too large, truncated to 1048576
[  542.255251][T29837] No such timeout policy "syz1"
[  542.284272][   T29] audit: type=1400 audit(542.807:23515): avc:  denied  { ioctl } for  pid=29839 comm="syz.9.7898" path="socket:[87379]" dev="sockfs" ino=87379 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  542.339949][   T29] audit: type=1326 audit(542.857:23516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29844 comm="syz.8.7900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f8005d29 code=0x7ffc0000
[  542.364378][   T29] audit: type=1326 audit(542.857:23517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29844 comm="syz.8.7900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f8005d29 code=0x7ffc0000
[  542.418944][   T29] audit: type=1326 audit(542.907:23519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29844 comm="syz.8.7900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6f8005d29 code=0x7ffc0000
[  542.443562][   T29] audit: type=1400 audit(542.907:23518): avc:  denied  { bind } for  pid=29841 comm="syz.0.7899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  542.463817][   T29] audit: type=1400 audit(542.907:23520): avc:  denied  { name_bind } for  pid=29841 comm="syz.0.7899" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  542.489722][T29846] loop8: detected capacity change from 0 to 164
[  542.528894][T29846] bio_check_eod: 2 callbacks suppressed
[  542.528910][T29846] syz.8.7900: attempt to access beyond end of device
[  542.528910][T29846] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  542.552782][T29853] loop0: detected capacity change from 0 to 1024
[  542.559860][T29846] syz.8.7900: attempt to access beyond end of device
[  542.559860][T29846] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[  542.582347][T29853] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  542.593187][T29853] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  542.603200][T29853] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  542.614765][T29853] EXT4-fs error (device loop0): ext4_get_journal_inode:5809: inode #5: comm syz.0.7902: unexpected bad inode w/o EXT4_IGET_BAD
[  542.632250][T29853] EXT4-fs (loop0): no journal found
[  542.637506][T29853] EXT4-fs (loop0): can't get journal size
[  542.652641][T29855] SELinux:  policydb magic number 0x2e7cff8c does not match expected magic number 0xf97cff8c
[  542.661140][T29853] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  542.678351][T29855] SELinux: failed to load policy
[  542.697481][T29853] EXT4-fs (loop0): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  542.724588][T29221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  542.738395][T29860] FAULT_INJECTION: forcing a failure.
[  542.738395][T29860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  542.753093][T29860] CPU: 1 UID: 0 PID: 29860 Comm: syz.7.7896 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  542.763943][T29860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  542.774015][T29860] Call Trace:
[  542.777300][T29860]  <TASK>
[  542.780312][T29860]  dump_stack_lvl+0xf2/0x150
[  542.784943][T29860]  dump_stack+0x15/0x1a
[  542.789530][T29860]  should_fail_ex+0x223/0x230
[  542.794263][T29860]  should_fail+0xb/0x10
[  542.798432][T29860]  should_fail_usercopy+0x1a/0x20
[  542.803472][T29860]  _copy_to_user+0x20/0xa0
[  542.808019][T29860]  simple_read_from_buffer+0xa0/0x110
[  542.813607][T29860]  proc_fail_nth_read+0xf9/0x140
[  542.818580][T29860]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  542.824259][T29860]  vfs_read+0x1a2/0x700
[  542.828451][T29860]  ? __rcu_read_unlock+0x4e/0x70
[  542.833464][T29860]  ? __fget_files+0x17c/0x1c0
[  542.838177][T29860]  ksys_read+0xe8/0x1b0
[  542.842351][T29860]  __x64_sys_read+0x42/0x50
[  542.846934][T29860]  x64_sys_call+0x2874/0x2dc0
[  542.851685][T29860]  do_syscall_64+0xc9/0x1c0
[  542.856201][T29860]  ? clear_bhb_loop+0x55/0xb0
[  542.860919][T29860]  ? clear_bhb_loop+0x55/0xb0
[  542.865664][T29860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.871587][T29860] RIP: 0033:0x7f3049b5473c
[  542.876017][T29860] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  542.895640][T29860] RSP: 002b:00007f30481c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  542.904145][T29860] RAX: ffffffffffffffda RBX: 00007f3049d45fa0 RCX: 00007f3049b5473c
[  542.912123][T29860] RDX: 000000000000000f RSI: 00007f30481c70a0 RDI: 0000000000000006
[  542.920104][T29860] RBP: 00007f30481c7090 R08: 0000000000000000 R09: 0000000000000000
[  542.928080][T29860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  542.936058][T29860] R13: 0000000000000000 R14: 00007f3049d45fa0 R15: 00007ffe6756ca08
[  542.944063][T29860]  </TASK>
[  543.069642][T29858] netlink: 76 bytes leftover after parsing attributes in process `syz.8.7904'.
[  543.076016][T29867] syz.0.7905[29867] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  543.078705][T29867] syz.0.7905[29867] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  543.157478][T29867] syz.0.7905[29867] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  543.336022][T29875] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7910'.
[  543.535029][T29886] loop9: detected capacity change from 0 to 1024
[  543.542403][T29886] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  543.553565][T29886] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  543.565360][T29886] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  543.597300][T29886] EXT4-fs error (device loop9): ext4_get_journal_inode:5809: inode #5: comm syz.9.7914: unexpected bad inode w/o EXT4_IGET_BAD
[  543.615825][T29886] EXT4-fs (loop9): no journal found
[  543.622382][T29886] EXT4-fs (loop9): can't get journal size
[  543.636660][T29888] loop8: detected capacity change from 0 to 1024
[  543.647595][T29886] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  543.665305][T29888] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  543.676535][T29888] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  543.697086][T29886] EXT4-fs (loop9): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  543.709080][T29888] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  543.740845][T22811] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  543.757780][T29888] EXT4-fs error (device loop8): ext4_get_journal_inode:5809: inode #5: comm syz.8.7915: unexpected bad inode w/o EXT4_IGET_BAD
[  543.780091][T29888] EXT4-fs (loop8): no journal found
[  543.786798][T29888] EXT4-fs (loop8): can't get journal size
[  543.797432][T29888] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  543.815633][T29888] EXT4-fs (loop8): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  543.868214][T23772] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  543.938146][T29903] vlan2: entered promiscuous mode
[  544.021321][T29903] netlink: 4595 bytes leftover after parsing attributes in process `syz.9.7920'.
[  544.090208][T29917] FAULT_INJECTION: forcing a failure.
[  544.090208][T29917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  544.103481][T29917] CPU: 0 UID: 0 PID: 29917 Comm: syz.6.7925 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  544.114345][T29917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  544.114406][T29917] Call Trace:
[  544.114415][T29917]  <TASK>
[  544.114425][T29917]  dump_stack_lvl+0xf2/0x150
[  544.114477][T29917]  dump_stack+0x15/0x1a
[  544.114511][T29917]  should_fail_ex+0x223/0x230
[  544.114597][T29917]  should_fail+0xb/0x10
[  544.114626][T29917]  should_fail_usercopy+0x1a/0x20
[  544.114660][T29917]  strncpy_from_user+0x25/0x210
[  544.114683][T29917]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  544.114713][T29917]  ? getname_flags+0x81/0x3b0
[  544.114745][T29917]  getname_flags+0xb0/0x3b0
[  544.114819][T29917]  getname+0x17/0x20
[  544.114841][T29917]  __se_sys_newstat+0x44/0x320
[  544.114875][T29917]  ? __secure_computing+0x9f/0x1c0
[  544.114918][T29917]  __x64_sys_newstat+0x31/0x40
[  544.114992][T29917]  x64_sys_call+0x6eb/0x2dc0
[  544.115017][T29917]  do_syscall_64+0xc9/0x1c0
[  544.115044][T29917]  ? clear_bhb_loop+0x55/0xb0
[  544.115071][T29917]  ? clear_bhb_loop+0x55/0xb0
[  544.115095][T29917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.115188][T29917] RIP: 0033:0x7fc909935d29
[  544.115208][T29917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  544.115256][T29917] RSP: 002b:00007fc907fa7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[  544.115279][T29917] RAX: ffffffffffffffda RBX: 00007fc909b25fa0 RCX: 00007fc909935d29
[  544.115296][T29917] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  544.115311][T29917] RBP: 00007fc907fa7090 R08: 0000000000000000 R09: 0000000000000000
[  544.115324][T29917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  544.115340][T29917] R13: 0000000000000000 R14: 00007fc909b25fa0 R15: 00007ffcd93dfd88
[  544.115363][T29917]  </TASK>
[  544.319421][T29920] loop0: detected capacity change from 0 to 512
[  544.320429][T29922] loop9: detected capacity change from 0 to 764
[  544.326371][T29920] journal_path: Non-blockdev passed as './bus'
[  544.338304][T29920] EXT4-fs: error: could not find journal device path
[  544.375452][T29924] loop6: detected capacity change from 0 to 164
[  544.389634][T29924] syz.6.7928: attempt to access beyond end of device
[  544.389634][T29924] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  544.408225][T29926] loop8: detected capacity change from 0 to 1024
[  544.419681][T29924] syz.6.7928: attempt to access beyond end of device
[  544.419681][T29924] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  544.438188][T29926] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  544.449330][T29926] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  544.466284][T29926] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  544.508646][T29926] EXT4-fs error (device loop8): ext4_get_journal_inode:5809: inode #5: comm syz.8.7929: unexpected bad inode w/o EXT4_IGET_BAD
[  544.525153][T29931] loop0: detected capacity change from 0 to 128
[  544.527134][T29926] EXT4-fs (loop8): no journal found
[  544.536752][T29926] EXT4-fs (loop8): can't get journal size
[  544.549199][T29926] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  544.569443][T29926] EXT4-fs (loop8): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  544.606921][T23772] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  544.716835][T29946] loop8: detected capacity change from 0 to 764
[  544.735366][T29948] netlink: 'syz.6.7939': attribute type 7 has an invalid length.
[  544.744475][T29948] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7939'.
[  544.764770][T29946] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7935'.
[  544.933135][T29955] loop6: detected capacity change from 0 to 164
[  545.212737][T29961] syzkaller0: entered promiscuous mode
[  545.218294][T29961] syzkaller0: entered allmulticast mode
[  545.338575][T29965] vlan2: entered allmulticast mode
[  545.426790][T29971] loop0: detected capacity change from 0 to 512
[  545.503678][T29976] loop9: detected capacity change from 0 to 512
[  545.516572][T29966] FAULT_INJECTION: forcing a failure.
[  545.516572][T29966] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  545.529795][T29966] CPU: 0 UID: 0 PID: 29966 Comm: syz.7.7944 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  545.540654][T29966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  545.550736][T29966] Call Trace:
[  545.554091][T29966]  <TASK>
[  545.557058][T29966]  dump_stack_lvl+0xf2/0x150
[  545.561673][T29966]  dump_stack+0x15/0x1a
[  545.565963][T29966]  should_fail_ex+0x223/0x230
[  545.570664][T29966]  should_fail+0xb/0x10
[  545.574836][T29966]  should_fail_usercopy+0x1a/0x20
[  545.579948][T29966]  _copy_from_iter+0xd5/0xd00
[  545.584644][T29966]  ? kmalloc_reserve+0x16e/0x190
[  545.589587][T29966]  ? __build_skb_around+0x196/0x1f0
[  545.594803][T29966]  ? __alloc_skb+0x21f/0x310
[  545.599404][T29966]  ? __virt_addr_valid+0x1ed/0x250
[  545.604589][T29966]  ? __check_object_size+0x364/0x520
[  545.609897][T29966]  netlink_sendmsg+0x460/0x6e0
[  545.614679][T29966]  ? __pfx_netlink_sendmsg+0x10/0x10
[  545.619998][T29966]  __sock_sendmsg+0x140/0x180
[  545.624692][T29966]  ____sys_sendmsg+0x312/0x410
[  545.629470][T29966]  __sys_sendmsg+0x19d/0x230
[  545.634087][T29966]  __x64_sys_sendmsg+0x46/0x50
[  545.638922][T29966]  x64_sys_call+0x2734/0x2dc0
[  545.643621][T29966]  do_syscall_64+0xc9/0x1c0
[  545.648373][T29966]  ? clear_bhb_loop+0x55/0xb0
[  545.653059][T29966]  ? clear_bhb_loop+0x55/0xb0
[  545.657843][T29966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.663782][T29966] RIP: 0033:0x7f3049b55d29
[  545.668211][T29966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.687834][T29966] RSP: 002b:00007f30481a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  545.696354][T29966] RAX: ffffffffffffffda RBX: 00007f3049d46080 RCX: 00007f3049b55d29
[  545.704391][T29966] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  545.712464][T29966] RBP: 00007f30481a6090 R08: 0000000000000000 R09: 0000000000000000
[  545.720449][T29966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  545.728434][T29966] R13: 0000000000000000 R14: 00007f3049d46080 R15: 00007ffe6756ca08
[  545.736435][T29966]  </TASK>
[  545.796780][T29979] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  545.804333][T29979] batman_adv: batadv0: Removing interface: batadv_slave_0
[  545.833013][T29979] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  545.840541][T29979] batman_adv: batadv0: Removing interface: batadv_slave_1
[  545.850653][T29984] syz.6.7952[29984] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  545.850727][T29984] syz.6.7952[29984] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  545.876364][T29989] loop9: detected capacity change from 0 to 512
[  545.899387][T29984] syz.6.7952[29984] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  545.922370][T29989] netlink: 68 bytes leftover after parsing attributes in process `syz.9.7954'.
[  546.004094][T29991] syzkaller0: entered promiscuous mode
[  546.009673][T29991] syzkaller0: entered allmulticast mode
[  546.100578][T30002] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7959'.
[  546.272948][T30018] netlink: 16 bytes leftover after parsing attributes in process `syz.9.7965'.
[  546.338510][T30024] loop0: detected capacity change from 0 to 512
[  546.360073][T30024] EXT4-fs: Ignoring removed mblk_io_submit option
[  546.366662][T30024] EXT4-fs: Ignoring removed bh option
[  546.394145][T30024] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  546.427041][T30024] EXT4-fs (loop0): 1 truncate cleaned up
[  546.457555][T30024] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  546.536102][T30037] syzkaller0: entered promiscuous mode
[  546.543103][T30037] syzkaller0: entered allmulticast mode
[  546.647640][T29221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  546.749309][T30048] FAULT_INJECTION: forcing a failure.
[  546.749309][T30048] name failslab, interval 1, probability 0, space 0, times 0
[  546.755723][T30052] loop6: detected capacity change from 0 to 764
[  546.763512][T30048] CPU: 1 UID: 0 PID: 30048 Comm: syz.8.7979 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  546.779024][T30048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  546.789221][T30048] Call Trace:
[  546.792540][T30048]  <TASK>
[  546.795487][T30048]  dump_stack_lvl+0xf2/0x150
[  546.800194][T30048]  dump_stack+0x15/0x1a
[  546.804493][T30048]  should_fail_ex+0x223/0x230
[  546.809216][T30048]  ? audit_log_d_path+0x96/0x250
[  546.814376][T30048]  should_failslab+0x8f/0xb0
[  546.819024][T30048]  __kmalloc_cache_noprof+0x4e/0x320
[  546.824416][T30048]  audit_log_d_path+0x96/0x250
[  546.829282][T30048]  ? __rcu_read_unlock+0x4e/0x70
[  546.834252][T30048]  audit_log_d_path_exe+0x42/0x70
[  546.839347][T30048]  audit_log_task+0x192/0x1c0
[  546.844150][T30048]  audit_seccomp+0x68/0x130
[  546.848691][T30048]  __seccomp_filter+0x6fa/0x1180
[  546.853710][T30048]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  546.859384][T30048]  ? vfs_write+0x596/0x920
[  546.863907][T30048]  ? __schedule+0x6fa/0x930
[  546.868440][T30048]  __secure_computing+0x9f/0x1c0
[  546.873484][T30048]  syscall_trace_enter+0xd1/0x1f0
[  546.878556][T30048]  do_syscall_64+0xaa/0x1c0
[  546.883082][T30048]  ? clear_bhb_loop+0x55/0xb0
[  546.887840][T30048]  ? clear_bhb_loop+0x55/0xb0
[  546.892530][T30048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.898494][T30048] RIP: 0033:0x7ff6f8005d29
[  546.902970][T30048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.922628][T30048] RSP: 002b:00007ff6f6671038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  546.931099][T30048] RAX: ffffffffffffffda RBX: 00007ff6f81f5fa0 RCX: 00007ff6f8005d29
[  546.939076][T30048] RDX: 0000000020000000 RSI: 0000000000000018 RDI: 0000000000000008
[  546.947140][T30048] RBP: 00007ff6f6671090 R08: 0000000000000000 R09: 0000000000000000
[  546.955165][T30048] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  546.963140][T30048] R13: 0000000000000000 R14: 00007ff6f81f5fa0 R15: 00007ffd96905908
[  546.971128][T30048]  </TASK>
[  546.984873][   T29] kauditd_printk_skb: 681 callbacks suppressed
[  546.984891][   T29] audit: type=1326 audit(547.267:24202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30045 comm="syz.8.7979" exe="<no_memory>" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7ff6f8005d29 code=0x7ffc0000
[  547.054793][   T29] audit: type=1326 audit(547.577:24203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30045 comm="syz.8.7979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7ff6f800473c code=0x7ffc0000
[  547.079077][   T29] audit: type=1326 audit(547.577:24204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30045 comm="syz.8.7979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff6f80047df code=0x7ffc0000
[  547.103192][   T29] audit: type=1326 audit(547.577:24205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30045 comm="syz.8.7979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff6f800498a code=0x7ffc0000
[  547.127889][   T29] audit: type=1326 audit(547.577:24206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30045 comm="syz.8.7979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f8005d29 code=0x7ffc0000
[  547.152193][   T29] audit: type=1326 audit(547.577:24207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30045 comm="syz.8.7979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f8005d29 code=0x7ffc0000
[  547.326242][T30057] pimreg: entered allmulticast mode
[  547.338772][T30057] pimreg: left allmulticast mode
[  547.952642][   T29] audit: type=1326 audit(548.457:24208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30065 comm="syz.0.7983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  547.977268][   T29] audit: type=1326 audit(548.457:24209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30065 comm="syz.0.7983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  548.001996][   T29] audit: type=1326 audit(548.457:24210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30065 comm="syz.0.7983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  548.026356][   T29] audit: type=1326 audit(548.467:24211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30065 comm="syz.0.7983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  548.096097][T30077] ipt_REJECT: TCP_RESET invalid for non-tcp
[  548.106562][T30076] loop9: detected capacity change from 0 to 512
[  548.231162][T30079] lo speed is unknown, defaulting to 1000
[  548.558995][T30055] loop7: detected capacity change from 0 to 8192
[  548.585354][T30055] FAULT_INJECTION: forcing a failure.
[  548.585354][T30055] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  548.599836][T30055] CPU: 1 UID: 0 PID: 30055 Comm: syz.7.7975 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  548.610795][T30055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  548.620974][T30055] Call Trace:
[  548.624273][T30055]  <TASK>
[  548.627231][T30055]  dump_stack_lvl+0xf2/0x150
[  548.631904][T30055]  dump_stack+0x15/0x1a
[  548.636192][T30055]  should_fail_ex+0x223/0x230
[  548.638884][T30081] loop8: detected capacity change from 0 to 1024
[  548.640894][T30055]  should_fail+0xb/0x10
[  548.640928][T30055]  should_fail_usercopy+0x1a/0x20
[  548.640968][T30055]  _copy_to_user+0x20/0xa0
[  548.660961][T30055]  simple_read_from_buffer+0xa0/0x110
[  548.666433][T30055]  proc_fail_nth_read+0xf9/0x140
[  548.671417][T30055]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  548.677079][T30055]  vfs_read+0x1a2/0x700
[  548.681317][T30055]  ? __rcu_read_unlock+0x4e/0x70
[  548.686345][T30055]  ? __fget_files+0x17c/0x1c0
[  548.691052][T30055]  ksys_read+0xe8/0x1b0
[  548.695303][T30055]  __x64_sys_read+0x42/0x50
[  548.699818][T30055]  x64_sys_call+0x2874/0x2dc0
[  548.704541][T30055]  do_syscall_64+0xc9/0x1c0
[  548.709085][T30055]  ? clear_bhb_loop+0x55/0xb0
[  548.713836][T30055]  ? clear_bhb_loop+0x55/0xb0
[  548.718557][T30055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.724536][T30055] RIP: 0033:0x7f3049b5473c
[  548.728983][T30055] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  548.748706][T30055] RSP: 002b:00007f30481c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  548.757185][T30055] RAX: ffffffffffffffda RBX: 00007f3049d45fa0 RCX: 00007f3049b5473c
[  548.765188][T30055] RDX: 000000000000000f RSI: 00007f30481c70a0 RDI: 0000000000000005
[  548.773200][T30055] RBP: 00007f30481c7090 R08: 0000000000000000 R09: 0000000000000000
[  548.781187][T30055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  548.789186][T30055] R13: 0000000000000000 R14: 00007f3049d45fa0 R15: 00007ffe6756ca08
[  548.797173][T30055]  </TASK>
[  548.861519][T30081] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  548.871362][T30081] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  548.885170][T30081] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  548.898107][T30081] EXT4-fs error (device loop8): ext4_get_journal_inode:5809: inode #5: comm syz.8.7988: unexpected bad inode w/o EXT4_IGET_BAD
[  548.924715][T30081] EXT4-fs (loop8): no journal found
[  548.930030][T30081] EXT4-fs (loop8): can't get journal size
[  548.957006][T30081] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  548.998729][T30081] EXT4-fs (loop8): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  549.034527][T30096] loop6: detected capacity change from 0 to 512
[  549.045657][T23772] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  549.067680][T30098] loop7: detected capacity change from 0 to 764
[  549.138736][T30100] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=30100 comm=syz.6.7997
[  549.152994][T30100] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=30100 comm=syz.6.7997
[  549.165817][T30100] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=30100 comm=syz.6.7997
[  549.181310][T30100] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=30100 comm=syz.6.7997
[  549.195209][T30100] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=30100 comm=syz.6.7997
[  549.263701][T30106] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7998'.
[  549.360607][T30111] loop6: detected capacity change from 0 to 164
[  549.555016][T30113] loop0: detected capacity change from 0 to 164
[  549.567817][T30113] syz.0.8000: attempt to access beyond end of device
[  549.567817][T30113] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  549.585507][T30113] syz.0.8000: attempt to access beyond end of device
[  549.585507][T30113] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[  549.775394][T30121] netlink: 676 bytes leftover after parsing attributes in process `syz.0.8004'.
[  549.785861][T30121] netlink: 676 bytes leftover after parsing attributes in process `syz.0.8004'.
[  549.855031][T30131] loop0: detected capacity change from 0 to 512
[  549.867293][T30133] loop9: detected capacity change from 0 to 764
[  549.911929][T30135] loop0: detected capacity change from 0 to 764
[  550.015583][T30137] syzkaller0: entered promiscuous mode
[  550.022589][T30137] syzkaller0: entered allmulticast mode
[  550.077893][T30144] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=30144 comm=syz.8.8012
[  550.094549][T30144] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=30144 comm=syz.8.8012
[  550.184819][T30149] loop6: detected capacity change from 0 to 512
[  550.195134][T30149] journal_path: Non-blockdev passed as './bus'
[  550.202896][T30149] EXT4-fs: error: could not find journal device path
[  550.238929][T30151] loop7: detected capacity change from 0 to 512
[  550.254752][T30151] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  550.257914][T30153] syz.6.8015[30153] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  550.264964][T30153] syz.6.8015[30153] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  550.278196][T30153] syz.6.8015[30153] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  550.295953][T30151] EXT4-fs (loop7): 1 truncate cleaned up
[  550.316712][T30151] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  550.352616][T24176] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.373967][T30158] FAULT_INJECTION: forcing a failure.
[  550.373967][T30158] name failslab, interval 1, probability 0, space 0, times 0
[  550.386653][T30158] CPU: 1 UID: 0 PID: 30158 Comm: syz.7.8016 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  550.397494][T30158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  550.407626][T30158] Call Trace:
[  550.411016][T30158]  <TASK>
[  550.414054][T30158]  dump_stack_lvl+0xf2/0x150
[  550.418740][T30158]  dump_stack+0x15/0x1a
[  550.422972][T30158]  should_fail_ex+0x223/0x230
[  550.427686][T30158]  should_failslab+0x8f/0xb0
[  550.432399][T30158]  kmem_cache_alloc_noprof+0x52/0x320
[  550.437797][T30158]  ? skb_clone+0x154/0x1f0
[  550.442272][T30158]  skb_clone+0x154/0x1f0
[  550.446609][T30158]  dev_queue_xmit_nit+0x14b/0x680
[  550.451661][T30158]  dev_hard_start_xmit+0xcc/0x3f0
[  550.456715][T30158]  ? validate_xmit_skb+0x645/0x830
[  550.461849][T30158]  __dev_queue_xmit+0x100a/0x2090
[  550.466911][T30158]  ? security_inode_alloc+0x37/0x100
[  550.472328][T30158]  ? __dev_queue_xmit+0x186/0x2090
[  550.477497][T30158]  ? __skb_clone+0x2d0/0x2f0
[  550.482133][T30158]  __netlink_deliver_tap+0x3be/0x4f0
[  550.487572][T30158]  netlink_unicast+0x64a/0x670
[  550.492425][T30158]  netlink_sendmsg+0x5cc/0x6e0
[  550.497217][T30158]  ? __pfx_netlink_sendmsg+0x10/0x10
[  550.502578][T30158]  __sock_sendmsg+0x140/0x180
[  550.507296][T30158]  ____sys_sendmsg+0x312/0x410
[  550.512180][T30158]  __sys_sendmsg+0x19d/0x230
[  550.516814][T30158]  __x64_sys_sendmsg+0x46/0x50
[  550.521741][T30158]  x64_sys_call+0x2734/0x2dc0
[  550.526456][T30158]  do_syscall_64+0xc9/0x1c0
[  550.531035][T30158]  ? clear_bhb_loop+0x55/0xb0
[  550.535782][T30158]  ? clear_bhb_loop+0x55/0xb0
[  550.540497][T30158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.546429][T30158] RIP: 0033:0x7f3049b55d29
[  550.550958][T30158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  550.570600][T30158] RSP: 002b:00007f30481c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  550.579203][T30158] RAX: ffffffffffffffda RBX: 00007f3049d45fa0 RCX: 00007f3049b55d29
[  550.587205][T30158] RDX: 0000000000000040 RSI: 00000000200000c0 RDI: 0000000000000003
[  550.595200][T30158] RBP: 00007f30481c7090 R08: 0000000000000000 R09: 0000000000000000
[  550.603264][T30158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  550.611256][T30158] R13: 0000000000000000 R14: 00007f3049d45fa0 R15: 00007ffe6756ca08
[  550.619296][T30158]  </TASK>
[  550.626182][T30158] netlink: 68 bytes leftover after parsing attributes in process `syz.7.8016'.
[  550.679188][T30160] loop7: detected capacity change from 0 to 2048
[  550.717023][T30160] EXT4-fs: Ignoring removed mblk_io_submit option
[  550.729635][T30162] netlink: 596 bytes leftover after parsing attributes in process `syz.9.8018'.
[  550.805623][T30170] FAULT_INJECTION: forcing a failure.
[  550.805623][T30170] name failslab, interval 1, probability 0, space 0, times 0
[  550.813570][T30160] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  550.818281][T30170] CPU: 0 UID: 0 PID: 30170 Comm: syz.9.8020 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  550.841338][T30170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  550.851420][T30170] Call Trace:
[  550.854729][T30170]  <TASK>
[  550.857254][T30160] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.8017: bg 0: block 234: padding at end of block bitmap is not set
[  550.857679][T30170]  dump_stack_lvl+0xf2/0x150
[  550.857724][T30170]  dump_stack+0x15/0x1a
[  550.857754][T30170]  should_fail_ex+0x223/0x230
[  550.872487][T30160] EXT4-fs (loop7): Remounting filesystem read-only
[  550.876563][T30170]  should_failslab+0x8f/0xb0
[  550.896621][T30170]  kmem_cache_alloc_lru_noprof+0x57/0x320
[  550.902364][T30170]  ? shmem_alloc_inode+0x34/0x50
[  550.907406][T30170]  shmem_alloc_inode+0x34/0x50
[  550.912202][T30170]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  550.917679][T30170]  alloc_inode+0x3c/0x160
[  550.922061][T30170]  new_inode+0x1e/0x100
[  550.926240][T30170]  shmem_get_inode+0x24e/0x730
[  550.931058][T30170]  __shmem_file_setup+0x127/0x1f0
[  550.936109][T30170]  shmem_file_setup+0x3b/0x50
[  550.940964][T30170]  __se_sys_memfd_create+0x31d/0x5c0
[  550.946333][T30170]  __x64_sys_memfd_create+0x31/0x40
[  550.951563][T30170]  x64_sys_call+0x2d4c/0x2dc0
[  550.956321][T30170]  do_syscall_64+0xc9/0x1c0
[  550.960839][T30170]  ? clear_bhb_loop+0x55/0xb0
[  550.965545][T30170]  ? clear_bhb_loop+0x55/0xb0
[  550.970245][T30170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.976238][T30170] RIP: 0033:0x7f523ff05d29
[  550.980756][T30170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  551.000456][T30170] RSP: 002b:00007f523e570e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  551.008959][T30170] RAX: ffffffffffffffda RBX: 000000000000045c RCX: 00007f523ff05d29
[  551.017035][T30170] RDX: 00007f523e570ef0 RSI: 0000000000000000 RDI: 00007f523ff82469
[  551.025114][T30170] RBP: 0000000020002400 R08: 00007f523e570bb7 R09: 00007f523e570e40
[  551.033091][T30170] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000000
[  551.041069][T30170] R13: 00007f523e570ef0 R14: 00007f523e570eb0 R15: 0000000020000140
[  551.049627][T30170]  </TASK>
[  551.279908][T30188] loop9: detected capacity change from 0 to 128
[  551.351316][T30191] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8029'.
[  551.360368][T30188] syz.9.8026: attempt to access beyond end of device
[  551.360368][T30188] loop9: rw=34817, sector=97, nr_sectors = 32 limit=128
[  551.438277][T30197] ref_ctr increment failed for inode: 0x5b3 offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff88815a7eea00
[  551.458131][T30199] netlink: 399 bytes leftover after parsing attributes in process `syz.8.8031'.
[  551.475260][T30197] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30197 comm=+}[@
[  551.535144][T30197] 9pnet_fd: Insufficient options for proto=fd
[  551.568272][T30196] uprobe: syz.6.8030:30196 failed to unregister, leaking uprobe
[  551.599669][T30210] syz.8.8034[30210] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  551.599745][T30210] syz.8.8034[30210] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  551.609484][T30208] loop9: detected capacity change from 0 to 512
[  551.629870][T30210] syz.8.8034[30210] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  551.639285][T24176] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  551.675280][T30208] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  551.751747][T22811] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  551.786214][T30224] loop9: detected capacity change from 0 to 764
[  551.846630][T30228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8042'.
[  551.852184][T30231] loop8: detected capacity change from 0 to 1024
[  551.885444][T30231] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  551.895278][T30231] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  551.930326][T30236] FAULT_INJECTION: forcing a failure.
[  551.930326][T30236] name failslab, interval 1, probability 0, space 0, times 0
[  551.935807][T30231] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  551.944490][T30236] CPU: 1 UID: 0 PID: 30236 Comm: syz.6.8044 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  551.963936][T30236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  551.974363][T30236] Call Trace:
[  551.977656][T30236]  <TASK>
[  551.980674][T30236]  dump_stack_lvl+0xf2/0x150
[  551.985314][T30236]  dump_stack+0x15/0x1a
[  551.989540][T30236]  should_fail_ex+0x223/0x230
[  551.994245][T30236]  should_failslab+0x8f/0xb0
[  551.998914][T30236]  kmem_cache_alloc_node_noprof+0x59/0x320
[  552.004809][T30236]  ? __alloc_skb+0x10b/0x310
[  552.009437][T30236]  __alloc_skb+0x10b/0x310
[  552.013874][T30236]  ? audit_log_start+0x34c/0x6b0
[  552.018923][T30236]  audit_log_start+0x368/0x6b0
[  552.023713][T30236]  audit_seccomp+0x4b/0x130
[  552.028319][T30236]  __seccomp_filter+0x6fa/0x1180
[  552.033303][T30236]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  552.039036][T30236]  ? vfs_write+0x596/0x920
[  552.043495][T30236]  __secure_computing+0x9f/0x1c0
[  552.043876][T30231] EXT4-fs error (device loop8): ext4_get_journal_inode:5809: inode #5: comm syz.8.8043: unexpected bad inode w/o EXT4_IGET_BAD
[  552.048455][T30236]  syscall_trace_enter+0xd1/0x1f0
[  552.048497][T30236]  ? fpregs_assert_state_consistent+0x83/0xa0
[  552.072690][T30236]  do_syscall_64+0xaa/0x1c0
[  552.077222][T30236]  ? clear_bhb_loop+0x55/0xb0
[  552.079653][T30231] EXT4-fs (loop8): no journal found
[  552.081914][T30236]  ? clear_bhb_loop+0x55/0xb0
[  552.081945][T30236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.087185][T30231] EXT4-fs (loop8): can't get journal size
[  552.091830][T30236] RIP: 0033:0x7fc909935d29
[  552.108043][T30236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  552.127929][T30236] RSP: 002b:00007fc907fa7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  552.136436][T30236] RAX: ffffffffffffffda RBX: 00007fc909b25fa0 RCX: 00007fc909935d29
[  552.144453][T30236] RDX: 0000000020000080 RSI: 0000000000002284 RDI: 0000000000000006
[  552.152471][T30236] RBP: 00007fc907fa7090 R08: 0000000000000000 R09: 0000000000000000
[  552.160611][T30236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.168671][T30236] R13: 0000000000000000 R14: 00007fc909b25fa0 R15: 00007ffcd93dfd88
[  552.176711][T30236]  </TASK>
[  552.181559][T30236] audit_log_lost: 312 callbacks suppressed
[  552.181575][T30236] audit: audit_lost=15 audit_rate_limit=0 audit_backlog_limit=64
[  552.196713][T30236] audit: out of memory in audit_log_start
[  552.204035][T30236] sd 0:0:1:0: device reset
[  552.204321][T30231] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  552.221122][   T29] audit: type=1326 audit(552.727:24524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30235 comm="syz.6.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fc90993473c code=0x7ffc0000
[  552.244070][   T29] audit: type=1326 audit(552.727:24525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30235 comm="syz.6.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc9099347df code=0x7ffc0000
[  552.267035][   T29] audit: type=1326 audit(552.727:24526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30235 comm="syz.6.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc90993498a code=0x7ffc0000
[  552.290025][   T29] audit: type=1326 audit(552.727:24527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30235 comm="syz.6.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  552.313123][   T29] audit: type=1326 audit(552.727:24528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30235 comm="syz.6.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  552.345252][T30231] EXT4-fs (loop8): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  552.383995][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.392906][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.402606][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.410026][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.418869][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.427814][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.436629][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.445408][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.454129][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.462973][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.470375][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.479312][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.488126][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.514572][T23772] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  552.529439][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.538277][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.547192][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.555999][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.564504][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.572022][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.579437][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.586852][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.595409][T30246] syz.8.8048[30246] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  552.595600][T30246] syz.8.8048[30246] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  552.595750][T30246] syz.8.8048[30246] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  552.607121][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.607153][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.607181][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.657758][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.666524][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.673958][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.682734][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.690190][ T7463] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  552.723196][T30244] loop0: detected capacity change from 0 to 512
[  552.772453][ T7463] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  552.842403][   T29] audit: type=1400 audit(553.357:24529): avc:  denied  { ioctl } for  pid=30257 comm="syz.0.8053" path="socket:[88354]" dev="sockfs" ino=88354 ioctlcmd=0x4519 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  552.916213][   T29] audit: type=1400 audit(553.417:24530): avc:  denied  { write } for  pid=30262 comm="syz.8.8055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  552.940316][T30269] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  552.946853][T30269] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  552.955705][T30269] vhci_hcd vhci_hcd.0: Device attached
[  552.973457][T30270] vhci_hcd: connection closed
[  552.974761][T30275] loop8: detected capacity change from 0 to 128
[  552.987543][  T271] vhci_hcd: stop threads
[  552.993321][  T271] vhci_hcd: release socket
[  552.997812][  T271] vhci_hcd: disconnect device
[  553.006109][   T29] audit: type=1400 audit(553.507:24531): avc:  denied  { bind } for  pid=30272 comm="syz.6.8058" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  553.103566][T30283] loop8: detected capacity change from 0 to 512
[  553.111365][T30283] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  553.133771][T30283] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  553.153469][T30283] FAULT_INJECTION: forcing a failure.
[  553.153469][T30283] name failslab, interval 1, probability 0, space 0, times 0
[  553.167629][T30283] CPU: 1 UID: 0 PID: 30283 Comm: syz.8.8061 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  553.178509][T30283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  553.188610][T30283] Call Trace:
[  553.191915][T30283]  <TASK>
[  553.194929][T30283]  dump_stack_lvl+0xf2/0x150
[  553.199684][T30283]  dump_stack+0x15/0x1a
[  553.203938][T30283]  should_fail_ex+0x223/0x230
[  553.208639][T30283]  should_failslab+0x8f/0xb0
[  553.213271][T30283]  kmem_cache_alloc_node_noprof+0x59/0x320
[  553.219108][T30283]  ? __alloc_skb+0x10b/0x310
[  553.223725][T30283]  __alloc_skb+0x10b/0x310
[  553.228171][T30283]  netlink_alloc_large_skb+0xad/0xe0
[  553.233537][T30283]  netlink_sendmsg+0x3b4/0x6e0
[  553.238389][T30283]  ? __pfx_netlink_sendmsg+0x10/0x10
[  553.243696][T30283]  __sock_sendmsg+0x140/0x180
[  553.248413][T30283]  ____sys_sendmsg+0x312/0x410
[  553.253270][T30283]  __sys_sendmsg+0x19d/0x230
[  553.257919][T30283]  __x64_sys_sendmsg+0x46/0x50
[  553.262720][T30283]  x64_sys_call+0x2734/0x2dc0
[  553.267457][T30283]  do_syscall_64+0xc9/0x1c0
[  553.271991][T30283]  ? clear_bhb_loop+0x55/0xb0
[  553.276721][T30283]  ? clear_bhb_loop+0x55/0xb0
[  553.281443][T30283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.287467][T30283] RIP: 0033:0x7ff6f8005d29
[  553.291908][T30283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.311608][T30283] RSP: 002b:00007ff6f6671038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  553.320046][T30283] RAX: ffffffffffffffda RBX: 00007ff6f81f5fa0 RCX: 00007ff6f8005d29
[  553.328123][T30283] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000006
[  553.336119][T30283] RBP: 00007ff6f6671090 R08: 0000000000000000 R09: 0000000000000000
[  553.344127][T30283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.352295][T30283] R13: 0000000000000000 R14: 00007ff6f81f5fa0 R15: 00007ffd96905908
[  553.360312][T30283]  </TASK>
[  553.374450][T30288] netlink: 180 bytes leftover after parsing attributes in process `syz.6.8060'.
[  553.384968][T30288] netlink: 24 bytes leftover after parsing attributes in process `syz.6.8060'.
[  553.395239][T30288] netlink: 16 bytes leftover after parsing attributes in process `syz.6.8060'.
[  553.515429][T30281] netlink: 'syz.6.8060': attribute type 1 has an invalid length.
[  553.570831][T23772] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.669286][T30298] ipvlan2: entered promiscuous mode
[  553.680196][T30298] bridge0: port 3(ipvlan2) entered blocking state
[  553.688221][T30298] bridge0: port 3(ipvlan2) entered disabled state
[  553.702421][T30298] ipvlan2: entered allmulticast mode
[  553.707795][T30298] bridge0: entered allmulticast mode
[  553.715849][T30298] ipvlan2: left allmulticast mode
[  553.721025][T30298] bridge0: left allmulticast mode
[  553.869979][T30307] loop9: detected capacity change from 0 to 512
[  553.979230][T30315] loop9: detected capacity change from 0 to 512
[  554.029947][T30322] FAULT_INJECTION: forcing a failure.
[  554.029947][T30322] name failslab, interval 1, probability 0, space 0, times 0
[  554.042802][T30322] CPU: 0 UID: 0 PID: 30322 Comm: syz.9.8075 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  554.053653][T30322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  554.063764][T30322] Call Trace:
[  554.067068][T30322]  <TASK>
[  554.070004][T30322]  dump_stack_lvl+0xf2/0x150
[  554.074704][T30322]  dump_stack+0x15/0x1a
[  554.078921][T30322]  should_fail_ex+0x223/0x230
[  554.083666][T30322]  ? alloc_fs_context+0x44/0x4e0
[  554.088624][T30322]  should_failslab+0x8f/0xb0
[  554.093272][T30322]  __kmalloc_cache_noprof+0x4e/0x320
[  554.098575][T30322]  alloc_fs_context+0x44/0x4e0
[  554.103356][T30322]  ? strncmp+0x34/0x70
[  554.107517][T30322]  fs_context_for_mount+0x21/0x30
[  554.112558][T30322]  do_new_mount+0xf3/0x690
[  554.116996][T30322]  path_mount+0x49b/0xb30
[  554.121402][T30322]  __se_sys_mount+0x27c/0x2d0
[  554.126103][T30322]  __x64_sys_mount+0x67/0x80
[  554.130763][T30322]  x64_sys_call+0x2c84/0x2dc0
[  554.135578][T30322]  do_syscall_64+0xc9/0x1c0
[  554.140101][T30322]  ? clear_bhb_loop+0x55/0xb0
[  554.144794][T30322]  ? clear_bhb_loop+0x55/0xb0
[  554.149498][T30322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.155471][T30322] RIP: 0033:0x7f523ff05d29
[  554.159890][T30322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  554.179532][T30322] RSP: 002b:00007f523e571038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  554.188049][T30322] RAX: ffffffffffffffda RBX: 00007f52400f5fa0 RCX: 00007f523ff05d29
[  554.196030][T30322] RDX: 0000000020000080 RSI: 0000000020000300 RDI: 0000000000000000
[  554.204009][T30322] RBP: 00007f523e571090 R08: 0000000020000480 R09: 0000000000000000
[  554.211990][T30322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  554.219998][T30322] R13: 0000000000000000 R14: 00007f52400f5fa0 R15: 00007ffc15464878
[  554.228015][T30322]  </TASK>
[  554.508427][T30336] lo speed is unknown, defaulting to 1000
[  554.685071][T30335] loop9: detected capacity change from 0 to 2048
[  554.758370][T30335] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  554.799234][T30340] loop8: detected capacity change from 0 to 128
[  554.843665][T22811] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  554.872039][T30340] syz.8.8081: attempt to access beyond end of device
[  554.872039][T30340] loop8: rw=34817, sector=97, nr_sectors = 32 limit=128
[  555.066857][T30351] syzkaller0: entered promiscuous mode
[  555.073779][T30351] syzkaller0: entered allmulticast mode
[  555.082448][T30364] loop8: detected capacity change from 0 to 764
[  555.109858][T30363] loop9: detected capacity change from 0 to 164
[  555.136055][T30363] syz.9.8090: attempt to access beyond end of device
[  555.136055][T30363] loop9: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  555.185727][T30363] syz.9.8090: attempt to access beyond end of device
[  555.185727][T30363] loop9: rw=0, sector=263328, nr_sectors = 4 limit=164
[  555.297474][T30375] loop6: detected capacity change from 0 to 512
[  555.310696][T30374] loop9: detected capacity change from 0 to 128
[  555.318295][T30359] loop7: detected capacity change from 0 to 164
[  555.327338][T30375] EXT4-fs (loop6): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  555.361405][T26403] EXT4-fs (loop6): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  555.534180][T30359] syz.7.8088: attempt to access beyond end of device
[  555.534180][T30359] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  555.550070][T30359] syz.7.8088: attempt to access beyond end of device
[  555.550070][T30359] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  555.569026][T30384] loop6: detected capacity change from 0 to 1024
[  555.577873][T30384] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  555.588936][T30384] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  555.668029][T30385] lo speed is unknown, defaulting to 1000
[  555.789119][T30384] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  555.805937][T30384] EXT4-fs error (device loop6): ext4_get_journal_inode:5809: inode #5: comm syz.6.8097: unexpected bad inode w/o EXT4_IGET_BAD
[  555.821298][T30384] EXT4-fs (loop6): no journal found
[  555.826553][T30384] EXT4-fs (loop6): can't get journal size
[  555.840538][T30384] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  555.868249][T30384] EXT4-fs (loop6): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  555.966292][T26403] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  556.033105][T30392] loop6: detected capacity change from 0 to 764
[  556.040406][T30392] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  556.137583][T30394] loop8: detected capacity change from 0 to 164
[  556.159793][T30398] __nla_validate_parse: 2 callbacks suppressed
[  556.159851][T30398] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8104'.
[  556.180107][T30394] syz.8.8102: attempt to access beyond end of device
[  556.180107][T30394] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  556.224517][T30394] syz.8.8102: attempt to access beyond end of device
[  556.224517][T30394] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[  556.299137][T30408] loop6: detected capacity change from 0 to 764
[  556.361728][T30410] loop9: detected capacity change from 0 to 128
[  556.382847][T30415] loop8: detected capacity change from 0 to 764
[  556.467563][T30410] syz.9.8106: attempt to access beyond end of device
[  556.467563][T30410] loop9: rw=34817, sector=97, nr_sectors = 32 limit=128
[  556.630157][T30429] loop7: detected capacity change from 0 to 764
[  556.642830][T30431] loop9: detected capacity change from 0 to 164
[  556.655426][T30431] syz.9.8114: attempt to access beyond end of device
[  556.655426][T30431] loop9: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  556.674602][T30431] syz.9.8114: attempt to access beyond end of device
[  556.674602][T30431] loop9: rw=0, sector=263328, nr_sectors = 4 limit=164
[  557.069173][T30438] loop0: detected capacity change from 0 to 512
[  557.119283][T30440] loop0: detected capacity change from 0 to 1024
[  557.135084][T30440] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  557.179633][T30440] bond_slave_1: entered promiscuous mode
[  557.186962][T30440] bond_slave_1: entered allmulticast mode
[  557.191982][   T29] kauditd_printk_skb: 369 callbacks suppressed
[  557.192004][   T29] audit: type=1326 audit(557.717:24899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30443 comm="syz.6.8121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  557.222007][   T29] audit: type=1326 audit(557.717:24900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30443 comm="syz.6.8121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  557.246490][   T29] audit: type=1326 audit(557.717:24901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30443 comm="syz.6.8121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  557.270871][   T29] audit: type=1326 audit(557.717:24902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30443 comm="syz.6.8121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  557.296718][   T29] audit: type=1326 audit(557.717:24903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30443 comm="syz.6.8121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  557.321136][   T29] audit: type=1326 audit(557.717:24904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30443 comm="syz.6.8121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  557.345597][   T29] audit: type=1326 audit(557.717:24905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30443 comm="syz.6.8121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  557.369993][   T29] audit: type=1326 audit(557.717:24906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30443 comm="syz.6.8121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  557.395072][   T29] audit: type=1400 audit(557.787:24907): avc:  denied  { read } for  pid=30439 comm="syz.0.8120" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  557.418086][   T29] audit: type=1326 audit(557.917:24908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30443 comm="syz.6.8121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc909935d29 code=0x7ffc0000
[  557.464711][T30445] loop6: detected capacity change from 0 to 164
[  557.537572][T30451] syz.8.8125[30451] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  557.537721][T30451] syz.8.8125[30451] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  557.592599][T30451] syz.8.8125[30451] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  557.603497][T30455] pimreg: entered allmulticast mode
[  557.635410][T30455] pimreg: left allmulticast mode
[  557.726622][T30467] loop6: detected capacity change from 0 to 764
[  557.729293][T30455] loop9: detected capacity change from 0 to 1024
[  557.748879][T30455] EXT4-fs: Ignoring removed nobh option
[  557.755830][T30455] EXT4-fs: Ignoring removed nomblk_io_submit option
[  557.766899][T30455] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  557.779379][T30455] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  557.780564][T30466] loop8: detected capacity change from 0 to 512
[  557.832541][T30470] loop9: detected capacity change from 0 to 512
[  557.845325][T30470] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #15: comm syz.9.8132: corrupted in-inode xattr: invalid ea_ino
[  557.867537][T30470] EXT4-fs error (device loop9): ext4_orphan_get:1394: comm syz.9.8132: couldn't read orphan inode 15 (err -117)
[  557.883394][T30459] TCP: out of memory -- consider tuning tcp_mem
[  557.994627][T30479] loop8: detected capacity change from 0 to 1024
[  558.018270][T30479] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  558.028197][T30479] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  558.090981][T30480] lo speed is unknown, defaulting to 1000
[  558.091559][T30479] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  558.118962][T24432] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  558.136679][T30479] EXT4-fs error (device loop8): ext4_get_journal_inode:5809: inode #5: comm syz.8.8135: unexpected bad inode w/o EXT4_IGET_BAD
[  558.147520][T24432] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  558.163364][T24432] EXT4-fs (loop0): This should not happen!! Data will be lost
[  558.163364][T24432] 
[  558.174445][T24432] EXT4-fs (loop0): Total free blocks count 0
[  558.180487][T24432] EXT4-fs (loop0): Free/Dirty block details
[  558.183581][T30479] EXT4-fs (loop8): no journal found
[  558.187882][T24432] EXT4-fs (loop0): free_blocks=68451041280
[  558.191604][T30479] EXT4-fs (loop8): can't get journal size
[  558.205883][T24432] EXT4-fs (loop0): dirty_blocks=12720
[  558.212646][T24432] EXT4-fs (loop0): Block reservation details
[  558.218655][T24432] EXT4-fs (loop0): i_reserved_data_blocks=795
[  558.229662][T24432] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 2048 with error 28
[  558.287545][T30479] EXT4-fs (loop8): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  558.414121][T30491] syz.0.8139[30491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  558.414175][T30491] syz.0.8139[30491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  558.450793][T30491] syz.0.8139[30491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  558.490577][T30485] tmpfs: Unknown parameter '9'
[  558.614528][T30505] loop7: detected capacity change from 0 to 512
[  558.677690][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.686515][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.695406][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.704367][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.713182][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.720585][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.729564][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.738360][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.747236][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.756074][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.764930][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.773730][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.782484][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.789899][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.798720][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.807518][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.816309][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.825068][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.833899][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.842340][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.850172][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.857614][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.865054][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.873837][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.882802][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.890216][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.899003][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.907789][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.916594][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.925373][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.934409][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.943197][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.950666][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.959420][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.968181][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.977050][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.986047][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  558.994947][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  559.003800][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  559.012673][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  559.020114][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  559.028885][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  559.037883][ T7463] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  559.050531][ T7463] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  559.218181][T30523] loop9: detected capacity change from 0 to 2048
[  559.357472][T30530] loop8: detected capacity change from 0 to 164
[  559.367402][T30532] loop0: detected capacity change from 0 to 764
[  559.424017][T30525] siw: device registration error -23
[  559.575360][T30541] loop9: detected capacity change from 0 to 1024
[  559.587066][T30541] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  559.598533][T30541] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  559.637113][T30541] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  559.659743][T30541] EXT4-fs error (device loop9): ext4_get_journal_inode:5809: inode #5: comm syz.9.8160: unexpected bad inode w/o EXT4_IGET_BAD
[  559.675455][T30541] EXT4-fs (loop9): no journal found
[  559.680881][T30541] EXT4-fs (loop9): can't get journal size
[  559.693029][T30541] EXT4-fs (loop9): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  559.882949][T30571] loop6: detected capacity change from 0 to 512
[  559.911546][T30573] FAULT_INJECTION: forcing a failure.
[  559.911546][T30573] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  559.926149][T30573] CPU: 1 UID: 0 PID: 30573 Comm: syz.9.8173 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  559.936937][T30573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  559.947005][T30573] Call Trace:
[  559.950302][T30573]  <TASK>
[  559.953328][T30573]  dump_stack_lvl+0xf2/0x150
[  559.958042][T30573]  dump_stack+0x15/0x1a
[  559.962304][T30573]  should_fail_ex+0x223/0x230
[  559.967077][T30573]  should_fail+0xb/0x10
[  559.971265][T30573]  should_fail_usercopy+0x1a/0x20
[  559.976353][T30573]  _copy_to_user+0x20/0xa0
[  559.980805][T30573]  simple_read_from_buffer+0xa0/0x110
[  559.986207][T30573]  proc_fail_nth_read+0xf9/0x140
[  559.991356][T30573]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  559.996997][T30573]  vfs_read+0x1a2/0x700
[  560.001261][T30573]  ? __rcu_read_unlock+0x4e/0x70
[  560.006237][T30573]  ? __fget_files+0x17c/0x1c0
[  560.011034][T30573]  ksys_read+0xe8/0x1b0
[  560.015227][T30573]  __x64_sys_read+0x42/0x50
[  560.019852][T30573]  x64_sys_call+0x2874/0x2dc0
[  560.024642][T30573]  do_syscall_64+0xc9/0x1c0
[  560.029256][T30573]  ? clear_bhb_loop+0x55/0xb0
[  560.033960][T30573]  ? clear_bhb_loop+0x55/0xb0
[  560.038702][T30573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.044816][T30573] RIP: 0033:0x7f523ff0473c
[  560.049290][T30573] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  560.069054][T30573] RSP: 002b:00007f523e571030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  560.077512][T30573] RAX: ffffffffffffffda RBX: 00007f52400f5fa0 RCX: 00007f523ff0473c
[  560.085505][T30573] RDX: 000000000000000f RSI: 00007f523e5710a0 RDI: 0000000000000003
[  560.093499][T30573] RBP: 00007f523e571090 R08: 0000000000000000 R09: 0000000000000000
[  560.101691][T30573] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  560.109680][T30573] R13: 0000000000000001 R14: 00007f52400f5fa0 R15: 00007ffc15464878
[  560.117685][T30573]  </TASK>
[  560.183544][T30579] syzkaller0: entered promiscuous mode
[  560.189089][T30579] syzkaller0: entered allmulticast mode
[  560.220061][T30582] loop6: detected capacity change from 0 to 512
[  560.237160][T30581] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8177'.
[  560.422990][T30593] loop0: detected capacity change from 0 to 764
[  560.589358][T30606] syzkaller0: entered promiscuous mode
[  560.596448][T30606] syzkaller0: entered allmulticast mode
[  560.670146][T30610] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8190'.
[  560.959029][T30638] loop9: detected capacity change from 0 to 512
[  561.244232][T30656] syzkaller0: entered promiscuous mode
[  561.249797][T30656] syzkaller0: entered allmulticast mode
[  561.289835][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.297450][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.304922][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.312544][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.319979][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.327473][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.334915][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.342387][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.349872][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.357500][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.364969][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.372434][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.379938][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.387410][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.394850][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.402486][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.402511][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.417768][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.417847][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.417878][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.417908][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.417950][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.417980][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418006][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418029][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418128][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418154][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418202][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418227][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418252][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418279][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418309][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418335][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418362][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418388][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418415][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418492][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418519][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418545][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418604][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418628][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418652][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.418742][ T7484] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  561.476980][ T7484] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  561.745758][T30672] FAULT_INJECTION: forcing a failure.
[  561.745758][T30672] name failslab, interval 1, probability 0, space 0, times 0
[  561.760095][T30672] CPU: 1 UID: 0 PID: 30672 Comm: syz.0.8217 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  561.770948][T30672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  561.781072][T30672] Call Trace:
[  561.784368][T30672]  <TASK>
[  561.787380][T30672]  dump_stack_lvl+0xf2/0x150
[  561.792074][T30672]  dump_stack+0x15/0x1a
[  561.796303][T30672]  should_fail_ex+0x223/0x230
[  561.801170][T30672]  should_failslab+0x8f/0xb0
[  561.805871][T30672]  __kmalloc_noprof+0xab/0x3f0
[  561.810746][T30672]  ? genl_family_rcv_msg_attrs_parse+0x75/0x1a0
[  561.817122][T30672]  genl_family_rcv_msg_attrs_parse+0x75/0x1a0
[  561.823321][T30672]  genl_rcv_msg+0x470/0x6c0
[  561.827887][T30672]  ? __pfx_cgroupstats_user_cmd+0x10/0x10
[  561.833787][T30672]  ? __dev_queue_xmit+0xb6e/0x2090
[  561.838972][T30672]  ? ref_tracker_free+0x3a5/0x410
[  561.844036][T30672]  ? __dev_queue_xmit+0x186/0x2090
[  561.849182][T30672]  netlink_rcv_skb+0x12c/0x230
[  561.853979][T30672]  ? __pfx_genl_rcv_msg+0x10/0x10
[  561.859041][T30672]  genl_rcv+0x28/0x40
[  561.863083][T30672]  netlink_unicast+0x599/0x670
[  561.867883][T30672]  netlink_sendmsg+0x5cc/0x6e0
[  561.872689][T30672]  ? __pfx_netlink_sendmsg+0x10/0x10
[  561.878069][T30672]  __sock_sendmsg+0x140/0x180
[  561.882832][T30672]  ____sys_sendmsg+0x312/0x410
[  561.887627][T30672]  __sys_sendmsg+0x19d/0x230
[  561.892300][T30672]  __x64_sys_sendmsg+0x46/0x50
[  561.897181][T30672]  x64_sys_call+0x2734/0x2dc0
[  561.901873][T30672]  do_syscall_64+0xc9/0x1c0
[  561.906401][T30672]  ? clear_bhb_loop+0x55/0xb0
[  561.911106][T30672]  ? clear_bhb_loop+0x55/0xb0
[  561.915810][T30672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  561.921967][T30672] RIP: 0033:0x7f2e09355d29
[  561.926459][T30672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  561.946099][T30672] RSP: 002b:00007f2e079c1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  561.954623][T30672] RAX: ffffffffffffffda RBX: 00007f2e09545fa0 RCX: 00007f2e09355d29
[  561.962667][T30672] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000006
[  561.970659][T30672] RBP: 00007f2e079c1090 R08: 0000000000000000 R09: 0000000000000000
[  561.978648][T30672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  561.986669][T30672] R13: 0000000000000000 R14: 00007f2e09545fa0 R15: 00007ffc81810d48
[  561.994668][T30672]  </TASK>
[  562.038857][T30677] loop7: detected capacity change from 0 to 2048
[  562.084371][T30677]  loop7: p1 < > p2 p3 < p5 > p4
[  562.089409][T30677] loop7: partition table partially beyond EOD, truncated
[  562.100378][T30677] loop7: p1 start 4278190080 is beyond EOD, truncated
[  562.108730][T30677] loop7: p2 start 16908800 is beyond EOD, truncated
[  562.122303][T30677] loop7: p4 start 11326 is beyond EOD, truncated
[  562.128730][T30677] loop7: p5 start 16908800 is beyond EOD, truncated
[  562.133111][T30685] loop6: detected capacity change from 0 to 764
[  562.294094][   T29] kauditd_printk_skb: 430 callbacks suppressed
[  562.294111][   T29] audit: type=1400 audit(562.817:25339): avc:  denied  { mounton } for  pid=30688 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  562.366002][T30694] loop0: detected capacity change from 0 to 512
[  562.515946][   T29] audit: type=1326 audit(563.037:25340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30704 comm="syz.0.8228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  562.524030][T30688] lo speed is unknown, defaulting to 1000
[  562.539020][   T29] audit: type=1326 audit(563.037:25341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30704 comm="syz.0.8228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  562.578424][   T29] audit: type=1326 audit(563.067:25342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30704 comm="syz.0.8228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  562.602908][   T29] audit: type=1326 audit(563.067:25343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30704 comm="syz.0.8228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  562.627396][   T29] audit: type=1326 audit(563.067:25344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30704 comm="syz.0.8228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  562.702959][   T29] audit: type=1326 audit(563.097:25345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30704 comm="syz.0.8228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  562.727544][   T29] audit: type=1326 audit(563.097:25346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30704 comm="syz.0.8228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  562.752056][   T29] audit: type=1326 audit(563.097:25347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30704 comm="syz.0.8228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  562.776516][   T29] audit: type=1326 audit(563.097:25348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30704 comm="syz.0.8228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  562.914270][T30688] chnl_net:caif_netlink_parms(): no params data found
[  563.005054][T30688] bridge0: port 1(bridge_slave_0) entered blocking state
[  563.013534][T30688] bridge0: port 1(bridge_slave_0) entered disabled state
[  563.029642][T30726] syz.0.8235[30726] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  563.029746][T30726] syz.0.8235[30726] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  563.045124][T30688] bridge_slave_0: entered allmulticast mode
[  563.071210][T30726] syz.0.8235[30726] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  563.079569][T30688] bridge_slave_0: entered promiscuous mode
[  563.137518][T30734] loop0: detected capacity change from 0 to 512
[  563.169373][T30688] bridge0: port 2(bridge_slave_1) entered blocking state
[  563.178014][T30688] bridge0: port 2(bridge_slave_1) entered disabled state
[  563.192697][T30688] bridge_slave_1: entered allmulticast mode
[  563.199707][T30688] bridge_slave_1: entered promiscuous mode
[  563.208363][T30737] loop6: detected capacity change from 0 to 764
[  563.250092][T30688] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  563.275919][T30737] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8239'.
[  563.276084][T30688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  563.360078][T30750] loop0: detected capacity change from 0 to 512
[  563.368016][T30745] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8242'.
[  563.368638][T30688] team0: Port device team_slave_0 added
[  563.389435][T30688] team0: Port device team_slave_1 added
[  563.410566][T30688] batman_adv: batadv0: Adding interface: batadv_slave_0
[  563.419010][T30688] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  563.446438][T30688] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  563.466694][T30688] batman_adv: batadv0: Adding interface: batadv_slave_1
[  563.475088][T30688] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  563.502267][T30688] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  563.532819][T30753] loop8: detected capacity change from 0 to 512
[  563.546192][T30688] hsr_slave_0: entered promiscuous mode
[  563.555267][T30688] hsr_slave_1: entered promiscuous mode
[  563.568119][T30688] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  563.577423][T30688] Cannot create hsr debugfs directory
[  563.590133][T30753] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2240: inode #15: comm syz.8.8244: corrupted in-inode xattr: invalid ea_ino
[  563.616681][T30753] EXT4-fs error (device loop8): ext4_orphan_get:1394: comm syz.8.8244: couldn't read orphan inode 15 (err -117)
[  563.644937][T30757] loop0: detected capacity change from 0 to 1024
[  563.661996][T30753] EXT4-fs mount: 12 callbacks suppressed
[  563.662014][T30753] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  563.695458][T30757] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  563.703728][T30753] FAULT_INJECTION: forcing a failure.
[  563.703728][T30753] name failslab, interval 1, probability 0, space 0, times 0
[  563.705700][T30757] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  563.719672][T30753] CPU: 1 UID: 0 PID: 30753 Comm: syz.8.8244 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  563.738739][T30753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  563.748897][T30753] Call Trace:
[  563.752236][T30753]  <TASK>
[  563.755180][T30753]  dump_stack_lvl+0xf2/0x150
[  563.759817][T30753]  dump_stack+0x15/0x1a
[  563.764121][T30753]  should_fail_ex+0x223/0x230
[  563.768895][T30753]  ? audit_log_d_path+0x96/0x250
[  563.771401][T30757] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  563.773848][T30753]  should_failslab+0x8f/0xb0
[  563.773893][T30753]  __kmalloc_cache_noprof+0x4e/0x320
[  563.793965][T30753]  audit_log_d_path+0x96/0x250
[  563.798767][T30753]  ? __rcu_read_unlock+0x4e/0x70
[  563.803754][T30753]  audit_log_d_path_exe+0x42/0x70
[  563.808817][T30753]  audit_log_task+0x192/0x1c0
[  563.813608][T30753]  audit_seccomp+0x68/0x130
[  563.816583][T30757] EXT4-fs error (device loop0): ext4_get_journal_inode:5809: inode #5: comm syz.0.8246: unexpected bad inode w/o EXT4_IGET_BAD
[  563.818216][T30753]  __seccomp_filter+0x6fa/0x1180
[  563.836416][T30753]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  563.842185][T30753]  ? vfs_write+0x596/0x920
[  563.846703][T30753]  ? __schedule+0x6fa/0x930
[  563.851273][T30753]  __secure_computing+0x9f/0x1c0
[  563.856243][T30753]  syscall_trace_enter+0xd1/0x1f0
[  563.861350][T30753]  do_syscall_64+0xaa/0x1c0
[  563.861904][T30757] EXT4-fs (loop0): no journal found
[  563.866056][T30753]  ? clear_bhb_loop+0x55/0xb0
[  563.866099][T30753]  ? clear_bhb_loop+0x55/0xb0
[  563.871365][T30757] EXT4-fs (loop0): can't get journal size
[  563.875964][T30753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.892408][T30753] RIP: 0033:0x7ff6f8005d29
[  563.896917][T30753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  563.916555][T30753] RSP: 002b:00007ff6f6671038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c2
[  563.924997][T30753] RAX: ffffffffffffffda RBX: 00007ff6f81f5fa0 RCX: 00007ff6f8005d29
[  563.932991][T30753] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000140
[  563.940993][T30753] RBP: 00007ff6f6671090 R08: 0000000000000000 R09: 0000000000000000
[  563.948985][T30753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  563.957016][T30753] R13: 0000000000000000 R14: 00007ff6f81f5fa0 R15: 00007ffd96905908
[  563.965026][T30753]  </TASK>
[  563.970516][T30688] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.983797][T30757] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  563.997490][T23772] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.006651][T30757] EXT4-fs (loop0): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  564.030447][T29221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.053781][T30688] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.070707][T30765] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(4)
[  564.077276][T30765] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  564.086125][T30765] vhci_hcd vhci_hcd.0: Device attached
[  564.103954][T30766] vhci_hcd: connection closed
[  564.104171][T24428] vhci_hcd: stop threads
[  564.108959][T30769] syz.6.8250[30769] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  564.113177][T24428] vhci_hcd: release socket
[  564.113191][T24428] vhci_hcd: disconnect device
[  564.137875][T30769] syz.6.8250[30769] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  564.137981][T30769] syz.6.8250[30769] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  564.153751][T30688] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.245423][T30688] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.319178][T30688] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  564.329980][T30688] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  564.340779][T30688] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  564.350985][T30688] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  564.374780][T30784] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8253'.
[  564.467540][T30688] 8021q: adding VLAN 0 to HW filter on device bond0
[  564.495029][T30688] 8021q: adding VLAN 0 to HW filter on device team0
[  564.514578][  T271] bridge0: port 1(bridge_slave_0) entered blocking state
[  564.521748][  T271] bridge0: port 1(bridge_slave_0) entered forwarding state
[  564.536883][  T271] bridge0: port 2(bridge_slave_1) entered blocking state
[  564.544077][  T271] bridge0: port 2(bridge_slave_1) entered forwarding state
[  564.576178][T30688] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  564.587925][T30688] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  564.663506][T30795] loop0: detected capacity change from 0 to 512
[  564.677838][T30795] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  564.703940][T30795] EXT4-fs (loop0): invalid journal inode
[  564.711978][T30795] EXT4-fs (loop0): can't get journal size
[  564.716887][T30799] loop8: detected capacity change from 0 to 1024
[  564.735061][T30795] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a056c119, mo2=0002]
[  564.738053][T30688] 8021q: adding VLAN 0 to HW filter on device batadv0
[  564.753490][T30799] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  564.755074][T30795] System zones: 1-12, 13-13
[  564.764817][T30799] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  564.779762][T30799] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  564.793202][T30799] EXT4-fs error (device loop8): ext4_get_journal_inode:5809: inode #5: comm syz.8.8259: unexpected bad inode w/o EXT4_IGET_BAD
[  564.806868][T30795] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.8258: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  564.840162][T30799] EXT4-fs (loop8): no journal found
[  564.845515][T30799] EXT4-fs (loop8): can't get journal size
[  564.848421][T30795] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.8258: couldn't read orphan inode 15 (err -117)
[  564.867731][T30795] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  564.887344][T30799] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  564.924566][T30799] EXT4-fs (loop8): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  565.009250][T30811] loop6: detected capacity change from 0 to 764
[  565.040391][T23772] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.068649][T29221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.175492][T30688] veth0_vlan: entered promiscuous mode
[  565.188954][T30822] loop0: detected capacity change from 0 to 512
[  565.206523][T30688] veth1_vlan: entered promiscuous mode
[  565.212940][T30822] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  565.248432][T29221] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  565.287419][T30688] veth0_macvtap: entered promiscuous mode
[  565.317254][T30688] veth1_macvtap: entered promiscuous mode
[  565.353333][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.363850][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.373808][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.384346][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.394212][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.404710][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.414583][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.425047][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.434947][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.445456][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.455339][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.465806][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.475658][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.486149][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.496145][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  565.506677][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.581984][T30688] batman_adv: batadv0: Interface activated: batadv_slave_0
[  565.609882][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  565.620381][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.630238][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  565.640951][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.650789][T30688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  565.661261][T30688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.710434][T30847] loop0: detected capacity change from 0 to 1024
[  565.721578][T30847] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  565.730854][T30688] batman_adv: batadv0: Interface activated: batadv_slave_1
[  565.732865][T30847] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  565.740041][T30688] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  565.756919][T30688] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  565.765715][T30688] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  565.774630][T30688] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  565.793262][T30847] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  565.820073][T30847] EXT4-fs error (device loop0): ext4_get_journal_inode:5809: inode #5: comm syz.0.8271: unexpected bad inode w/o EXT4_IGET_BAD
[  565.846711][T30847] EXT4-fs (loop0): no journal found
[  565.853422][T30847] EXT4-fs (loop0): can't get journal size
[  565.870050][T30847] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  565.890081][T30847] EXT4-fs (loop0): ext4_remount: Checksum for group 0 failed (42152!=20869)
[  565.924659][T29221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.971158][T30860] loop9: detected capacity change from 0 to 764
[  565.987304][T30860] netlink: 8 bytes leftover after parsing attributes in process `syz.9.8275'.
[  566.078890][T30869] loop7: detected capacity change from 0 to 128
[  566.118217][T30872] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  566.124839][T30872] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  566.132376][T30872] vhci_hcd vhci_hcd.0: Device attached
[  566.168535][T30873] vhci_hcd: connection closed
[  566.168727][T24422] vhci_hcd: stop threads
[  566.177730][T24422] vhci_hcd: release socket
[  566.182193][T24422] vhci_hcd: disconnect device
[  566.196856][T30879] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  566.265946][T30879] syzkaller0: entered promiscuous mode
[  566.272982][T30879] syzkaller0: entered allmulticast mode
[  566.365397][T30869] bio_check_eod: 4 callbacks suppressed
[  566.365416][T30869] syz.7.8276: attempt to access beyond end of device
[  566.365416][T30869] loop7: rw=34817, sector=97, nr_sectors = 32 limit=128
[  566.368112][T30885] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8283'.
[  566.498164][T30896] syzkaller0: entered promiscuous mode
[  566.505178][T30896] syzkaller0: entered allmulticast mode
[  567.404491][   T29] kauditd_printk_skb: 146 callbacks suppressed
[  567.404516][   T29] audit: type=1326 audit(567.927:25495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30913 comm="syz.0.8293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  567.520110][   T29] audit: type=1326 audit(567.957:25496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30913 comm="syz.0.8293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  567.544609][   T29] audit: type=1326 audit(567.957:25497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30913 comm="syz.0.8293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  567.569199][   T29] audit: type=1326 audit(567.957:25498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30913 comm="syz.0.8293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  567.593745][   T29] audit: type=1326 audit(567.967:25499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30913 comm="syz.0.8293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2e093547df code=0x7ffc0000
[  567.617958][   T29] audit: type=1326 audit(567.967:25500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30913 comm="syz.0.8293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  567.642367][   T29] audit: type=1326 audit(567.967:25501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30913 comm="syz.0.8293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e09355d29 code=0x7ffc0000
[  567.738196][   T29] audit: type=1400 audit(568.237:25502): avc:  denied  { mount } for  pid=30921 comm="syz.8.8295" name="/" dev="autofs" ino=89705 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  567.748058][T30924] loop8: detected capacity change from 0 to 1764
[  567.774741][T30929] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8296'.
[  567.794746][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.802347][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.809773][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.875016][T30933] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  567.881581][T30933] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  567.889114][T30933] vhci_hcd vhci_hcd.0: Device attached
[  567.889309][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.899339][T30934] vhci_hcd: connection closed
[  567.902179][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.904176][T24422] vhci_hcd: stop threads
[  567.906884][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.914326][T24422] vhci_hcd: release socket
[  567.914337][T24422] vhci_hcd: disconnect device
[  567.924676][T30925] loop7: detected capacity change from 0 to 512
[  567.926056][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.948942][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.956378][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.963962][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.971469][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.978883][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.986379][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  567.993967][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.001478][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.008888][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.016427][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.023927][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.031358][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.038770][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.046208][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.053662][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.061097][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.068529][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.075971][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.083370][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.090787][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.098203][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.105699][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.113159][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.120561][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.128065][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.135497][ T7482] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  568.205377][T30940] loop6: detected capacity change from 0 to 764
[  568.208102][ T7482] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  568.229431][T30940] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8302'.
[  568.229868][T30942] loop8: detected capacity change from 0 to 512
[  568.440452][T30950] loop9: detected capacity change from 0 to 4096
[  568.454785][T30950] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  568.457788][T30953] loop7: detected capacity change from 0 to 128
[  568.495479][   T29] audit: type=1326 audit(569.017:25503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30949 comm="syz.9.8307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf9c05d29 code=0x7ffc0000
[  568.603082][   T29] audit: type=1400 audit(569.117:25504): avc:  denied  { remove_name } for  pid=30949 comm="syz.9.8307" name="file1" dev="loop9" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  568.715329][T30688] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  568.851899][T30953] syz.7.8304: attempt to access beyond end of device
[  568.851899][T30953] loop7: rw=34817, sector=97, nr_sectors = 32 limit=128
[  568.875594][T30964] loop0: detected capacity change from 0 to 164
[  568.899742][T30964] syz.0.8310: attempt to access beyond end of device
[  568.899742][T30964] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  568.917885][T30964] syz.0.8310: attempt to access beyond end of device
[  568.917885][T30964] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[  569.269188][T30978] loop0: detected capacity change from 0 to 512
[  569.337715][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x1
[  569.346286][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.353925][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.361367][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.368804][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.377910][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.386727][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.395534][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.404301][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.413223][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.420745][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.429619][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.438627][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.447651][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.456457][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.465383][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.474041][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.481851][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.490590][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.499569][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.508466][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.517269][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.523268][T30990] netlink: 24 bytes leftover after parsing attributes in process `syz.6.8317'.
[  569.526155][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.542477][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.549890][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.558975][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.567801][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.576468][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.585249][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.594127][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.601642][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.609064][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.609096][ T7463] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  569.631178][ T7463] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  569.745320][T30995] loop9: detected capacity change from 0 to 164
[  569.762403][T30995] syz.9.8321: attempt to access beyond end of device
[  569.762403][T30995] loop9: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  569.762472][T30995] syz.9.8321: attempt to access beyond end of device
[  569.762472][T30995] loop9: rw=0, sector=263328, nr_sectors = 4 limit=164
[  569.852937][T31009] netlink: 76 bytes leftover after parsing attributes in process `syz.0.8324'.
[  569.909068][T31007] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  570.020026][T31007] syzkaller0: entered promiscuous mode
[  570.027045][T31007] syzkaller0: entered allmulticast mode
[  570.188252][T31023] syz.9.8332[31023] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  570.188312][T31023] syz.9.8332[31023] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  570.216147][T31023] syz.9.8332[31023] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  570.265527][T31019] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8330'.
[  570.315407][T31029] loop0: detected capacity change from 0 to 128
[  570.339186][T31033] loop9: detected capacity change from 0 to 764
[  570.358112][T31019] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8330'.
[  570.391374][T31035] loop6: detected capacity change from 0 to 164
[  570.419569][T31035] syz.6.8337: attempt to access beyond end of device
[  570.419569][T31035] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  570.438183][T31035] syz.6.8337: attempt to access beyond end of device
[  570.438183][T31035] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  570.626947][T31053] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8346'.
[  570.650743][T31056] loop9: detected capacity change from 0 to 512
[  570.734533][T31056] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  570.743858][T31056] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  570.848986][T31056] System zones: 0-1, 15-15, 18-18, 34-34
[  570.884865][T31056] EXT4-fs (loop9): orphan cleanup on readonly fs
[  570.920642][T31056] EXT4-fs warning (device loop9): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  570.935359][T31056] EXT4-fs (loop9): Cannot turn on quotas: error -22
[  570.949949][T31063] syzkaller0: entered promiscuous mode
[  570.956942][T31063] syzkaller0: entered allmulticast mode
[  570.972475][T31070] loop8: detected capacity change from 0 to 512
[  570.973972][T31056] EXT4-fs error (device loop9): ext4_orphan_get:1415: comm syz.9.8340: bad orphan inode 16
[  571.009607][T31056] ext4_test_bit(bit=15, block=18) = 1
[  571.016394][T31056] is_bad_inode(inode)=0
[  571.020593][T31056] NEXT_ORPHAN(inode)=0
[  571.026155][T31056] max_ino=32
[  571.029398][T31056] i_nlink=2
[  571.038915][T31056] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  571.067055][T31077] FAULT_INJECTION: forcing a failure.
[  571.067055][T31077] name failslab, interval 1, probability 0, space 0, times 0
[  571.079811][T31077] CPU: 0 UID: 0 PID: 31077 Comm: syz.8.8355 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  571.090630][T31077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  571.100763][T31077] Call Trace:
[  571.104128][T31077]  <TASK>
[  571.107082][T31077]  dump_stack_lvl+0xf2/0x150
[  571.111727][T31077]  dump_stack+0x15/0x1a
[  571.112760][T31043] netlink: 12 bytes leftover after parsing attributes in process `syz.9.8340'.
[  571.115909][T31077]  should_fail_ex+0x223/0x230
[  571.124870][T31043] netlink: 16 bytes leftover after parsing attributes in process `syz.9.8340'.
[  571.129513][T31077]  should_failslab+0x8f/0xb0
[  571.143120][T31077]  kmem_cache_alloc_noprof+0x52/0x320
[  571.148548][T31077]  ? audit_log_start+0x34c/0x6b0
[  571.153517][T31077]  audit_log_start+0x34c/0x6b0
[  571.158322][T31077]  audit_seccomp+0x4b/0x130
[  571.162851][T31077]  __seccomp_filter+0x6fa/0x1180
[  571.167889][T31077]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  571.173549][T31077]  ? vfs_write+0x596/0x920
[  571.178078][T31077]  ? __schedule+0x6fa/0x930
[  571.182609][T31077]  __secure_computing+0x9f/0x1c0
[  571.187574][T31077]  syscall_trace_enter+0xd1/0x1f0
[  571.192776][T31077]  do_syscall_64+0xaa/0x1c0
[  571.197308][T31077]  ? clear_bhb_loop+0x55/0xb0
[  571.201997][T31077]  ? clear_bhb_loop+0x55/0xb0
[  571.206688][T31077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.212630][T31077] RIP: 0033:0x7ff6f8005d29
[  571.217050][T31077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  571.236682][T31077] RSP: 002b:00007ff6f6671038 EFLAGS: 00000246 ORIG_RAX: 0000000000000069
[  571.245103][T31077] RAX: ffffffffffffffda RBX: 00007ff6f81f5fa0 RCX: 00007ff6f8005d29
[  571.253162][T31077] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee00
[  571.261164][T31077] RBP: 00007ff6f6671090 R08: 0000000000000000 R09: 0000000000000000
[  571.269145][T31077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  571.277218][T31077] R13: 0000000000000000 R14: 00007ff6f81f5fa0 R15: 00007ffd96905908
[  571.285205][T31077]  </TASK>
[  571.316264][T31043] netlink: 116 bytes leftover after parsing attributes in process `syz.9.8340'.
[  571.466198][T30688] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.525114][T31100] loop9: detected capacity change from 0 to 1764
[  571.540150][T31096] loop8: detected capacity change from 0 to 4096
[  571.566473][T31096] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  571.660059][T23772] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.706929][T31108] syzkaller0: entered promiscuous mode
[  571.712512][T31108] syzkaller0: entered allmulticast mode
[  571.726137][T31111] netlink: 'syz.9.8371': attribute type 1 has an invalid length.
[  571.735365][T31111] netlink: 220 bytes leftover after parsing attributes in process `syz.9.8371'.
[  571.933460][T31129] loop0: detected capacity change from 0 to 1024
[  571.952760][T31129] EXT4-fs: Ignoring removed orlov option
[  571.958495][T31129] EXT4-fs: Ignoring removed orlov option
[  571.965612][T31129] EXT4-fs: Ignoring removed oldalloc option
[  571.977819][T31129] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  571.989857][T31129] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[  572.002570][T31129] EXT4-fs (loop0): invalid journal inode
[  572.009924][T31129] EXT4-fs (loop0): can't get journal size
[  572.018551][T31129] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  572.048184][T29221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  572.058397][T31135] bond0: entered promiscuous mode
[  572.064943][T31135] bond_slave_0: entered promiscuous mode
[  572.070732][T31135] bond_slave_1: entered promiscuous mode
[  572.082083][T31135] loop9: detected capacity change from 0 to 512
[  572.093490][T31135] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  572.110689][T31135] EXT4-fs (loop9): orphan cleanup on readonly fs
[  572.125479][T31135] EXT4-fs warning (device loop9): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  572.144335][T31137] FAULT_INJECTION: forcing a failure.
[  572.144335][T31137] name failslab, interval 1, probability 0, space 0, times 0
[  572.158410][T31137] CPU: 1 UID: 0 PID: 31137 Comm: syz.7.8375 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  572.169328][T31137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  572.179492][T31137] Call Trace:
[  572.182783][T31137]  <TASK>
[  572.185806][T31137]  dump_stack_lvl+0xf2/0x150
[  572.190524][T31137]  dump_stack+0x15/0x1a
[  572.194764][T31137]  should_fail_ex+0x223/0x230
[  572.199533][T31137]  ? __hw_addr_add_ex+0x13d/0x360
[  572.204618][T31137]  should_failslab+0x8f/0xb0
[  572.209249][T31137]  __kmalloc_cache_noprof+0x4e/0x320
[  572.214609][T31137]  __hw_addr_add_ex+0x13d/0x360
[  572.219616][T31137]  dev_addr_init+0xb2/0x120
[  572.224163][T31137]  alloc_netdev_mqs+0x1e1/0x9c0
[  572.229074][T31137]  ? __pfx_macvtap_setup+0x10/0x10
[  572.234281][T31137]  rtnl_create_link+0x233/0x680
[  572.239237][T31137]  rtnl_newlink_create+0x133/0x5d0
[  572.244436][T31137]  ? ns_capable+0x7d/0xb0
[  572.248829][T31137]  ? full_name_hash+0x93/0xe0
[  572.253572][T31137]  rtnl_newlink+0xe9f/0x1250
[  572.258234][T31137]  ? __rcu_read_unlock+0x34/0x70
[  572.263334][T31137]  ? bpf_trace_run3+0x12b/0x1d0
[  572.268242][T31137]  ? packet_rcv+0xd4/0x990
[  572.272691][T31137]  ? __memcg_slab_free_hook+0xc9/0x1e0
[  572.278215][T31137]  ? packet_rcv+0xd4/0x990
[  572.282669][T31137]  ? __rcu_read_unlock+0x4e/0x70
[  572.287732][T31137]  ? avc_has_perm_noaudit+0x1cc/0x210
[  572.293151][T31137]  ? selinux_capable+0x1f2/0x260
[  572.298215][T31137]  ? security_capable+0x81/0x90
[  572.303114][T31137]  ? ns_capable+0x7d/0xb0
[  572.307476][T31137]  ? __pfx_rtnl_newlink+0x10/0x10
[  572.312651][T31137]  rtnetlink_rcv_msg+0x651/0x710
[  572.317651][T31137]  ? netlink_rcv_skb+0xf9/0x230
[  572.322537][T31137]  netlink_rcv_skb+0x12c/0x230
[  572.327336][T31137]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  572.332875][T31137]  rtnetlink_rcv+0x1c/0x30
[  572.337317][T31137]  netlink_unicast+0x599/0x670
[  572.342231][T31137]  netlink_sendmsg+0x5cc/0x6e0
[  572.347094][T31137]  ? __pfx_netlink_sendmsg+0x10/0x10
[  572.352448][T31137]  __sock_sendmsg+0x140/0x180
[  572.357187][T31137]  ____sys_sendmsg+0x312/0x410
[  572.362000][T31137]  __sys_sendmsg+0x19d/0x230
[  572.366657][T31137]  __x64_sys_sendmsg+0x46/0x50
[  572.371475][T31137]  x64_sys_call+0x2734/0x2dc0
[  572.376182][T31137]  do_syscall_64+0xc9/0x1c0
[  572.380786][T31137]  ? clear_bhb_loop+0x55/0xb0
[  572.385522][T31137]  ? clear_bhb_loop+0x55/0xb0
[  572.390254][T31137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.396211][T31137] RIP: 0033:0x7f3049b55d29
[  572.400643][T31137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  572.420346][T31137] RSP: 002b:00007f30481c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  572.428789][T31137] RAX: ffffffffffffffda RBX: 00007f3049d45fa0 RCX: 00007f3049b55d29
[  572.436847][T31137] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  572.444862][T31137] RBP: 00007f30481c7090 R08: 0000000000000000 R09: 0000000000000000
[  572.452859][T31137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  572.460848][T31137] R13: 0000000000000000 R14: 00007f3049d45fa0 R15: 00007ffe6756ca08
[  572.468854][T31137]  </TASK>
[  572.477836][T31135] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  572.488976][T31135] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.8378: bg 0: block 40: padding at end of block bitmap is not set
[  572.510792][T31135] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  572.540567][T31135] EXT4-fs (loop9): 1 truncate cleaned up
[  572.565312][T31135] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  572.597018][T31147] loop0: detected capacity change from 0 to 764
[  572.609330][   T29] kauditd_printk_skb: 359 callbacks suppressed
[  572.609346][   T29] audit: type=1326 audit(573.127:25860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31134 comm="syz.9.8378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2cf9c04690 code=0x7ffc0000
[  572.612558][T31135] IPVS: Error joining to the multicast group
[  572.615647][   T29] audit: type=1326 audit(573.127:25861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31134 comm="syz.9.8378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f2cf9c04a77 code=0x7ffc0000
[  572.667780][   T29] audit: type=1326 audit(573.127:25862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31134 comm="syz.9.8378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2cf9c04690 code=0x7ffc0000
[  572.690758][   T29] audit: type=1326 audit(573.127:25863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31134 comm="syz.9.8378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf9c05d29 code=0x7ffc0000
[  572.690796][   T29] audit: type=1326 audit(573.127:25864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31134 comm="syz.9.8378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf9c05d29 code=0x7ffc0000
[  572.740467][   T29] audit: type=1326 audit(573.127:25865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31134 comm="syz.9.8378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2cf9c05d29 code=0x7ffc0000
[  572.764991][   T29] audit: type=1326 audit(573.127:25866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31134 comm="syz.9.8378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf9c05d29 code=0x7ffc0000
[  572.789283][   T29] audit: type=1326 audit(573.127:25867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31134 comm="syz.9.8378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf9c05d29 code=0x7ffc0000
[  572.813618][   T29] audit: type=1326 audit(573.127:25868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31134 comm="syz.9.8378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2cf9c05d29 code=0x7ffc0000
[  572.838198][   T29] audit: type=1326 audit(573.167:25869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31134 comm="syz.9.8378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cf9c05d29 code=0x7ffc0000
[  572.894936][T31147] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8381'.
[  572.928761][T31151] syzkaller0: entered promiscuous mode
[  572.935776][T31151] syzkaller0: entered allmulticast mode
[  572.952604][T31134] bond0: left promiscuous mode
[  572.957447][T31134] bond_slave_0: left promiscuous mode
[  572.963032][T31134] bond_slave_1: left promiscuous mode
[  572.997449][T30688] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  573.056101][T31160] loop9: detected capacity change from 0 to 764
[  573.125514][T31164] loop7: detected capacity change from 0 to 512
[  573.137762][T31164] EXT4-fs (loop7): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  573.175103][T24176] EXT4-fs (loop7): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  573.300263][T31174] loop7: detected capacity change from 0 to 764
[  573.468478][T31179] loop0: detected capacity change from 0 to 512
[  573.575324][T31183] syzkaller0: entered promiscuous mode
[  573.582335][T31183] syzkaller0: entered allmulticast mode
[  573.725397][T31191] FAULT_INJECTION: forcing a failure.
[  573.725397][T31191] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  573.738555][T31191] CPU: 0 UID: 0 PID: 31191 Comm: syz.0.8400 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  573.749341][T31191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  573.759424][T31191] Call Trace:
[  573.762715][T31191]  <TASK>
[  573.765659][T31191]  dump_stack_lvl+0xf2/0x150
[  573.770295][T31191]  dump_stack+0x15/0x1a
[  573.774512][T31191]  should_fail_ex+0x223/0x230
[  573.779268][T31191]  should_fail+0xb/0x10
[  573.783535][T31191]  should_fail_usercopy+0x1a/0x20
[  573.788642][T31191]  strncpy_from_user+0x25/0x210
[  573.793575][T31191]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  573.799231][T31191]  ? getname_flags+0x81/0x3b0
[  573.804207][T31191]  getname_flags+0xb0/0x3b0
[  573.808733][T31191]  getname+0x17/0x20
[  573.812698][T31191]  do_sys_openat2+0x67/0x120
[  573.817480][T31191]  __x64_sys_openat+0xf3/0x120
[  573.822276][T31191]  x64_sys_call+0x2b30/0x2dc0
[  573.827199][T31191]  do_syscall_64+0xc9/0x1c0
[  573.831996][T31191]  ? clear_bhb_loop+0x55/0xb0
[  573.836702][T31191]  ? clear_bhb_loop+0x55/0xb0
[  573.841461][T31191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.847544][T31191] RIP: 0033:0x7f2e09355d29
[  573.851969][T31191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  573.871693][T31191] RSP: 002b:00007f2e079c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  573.880124][T31191] RAX: ffffffffffffffda RBX: 00007f2e09545fa0 RCX: 00007f2e09355d29
[  573.888184][T31191] RDX: 0000000000042002 RSI: 0000000020001480 RDI: ffffffffffffff9c
[  573.896189][T31191] RBP: 00007f2e079c1090 R08: 0000000000000000 R09: 0000000000000000
[  573.904167][T31191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  573.912168][T31191] R13: 0000000000000000 R14: 00007f2e09545fa0 R15: 00007ffc81810d48
[  573.920152][T31191]  </TASK>
[  573.936594][T31195] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  573.944391][T31195] batman_adv: batadv0: Removing interface: batadv_slave_0
[  573.969997][T31195] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  573.979063][T31195] batman_adv: batadv0: Removing interface: batadv_slave_1
[  574.016039][T31202] loop9: detected capacity change from 0 to 512
[  574.036653][T31204] loop0: detected capacity change from 0 to 512
[  574.064316][T31204] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  574.124174][T31211] loop9: detected capacity change from 0 to 1764
[  574.385288][T31225] lo speed is unknown, defaulting to 1000
[  574.616122][T31224] __nla_validate_parse: 1 callbacks suppressed
[  574.616144][T31224] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8413'.
[  574.774535][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.783699][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.798359][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.807312][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.816309][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.825132][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.833888][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.842602][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.850166][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.858678][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.866117][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.873582][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.882276][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.904315][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.913298][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.920735][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.929599][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.938402][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.947324][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.956160][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.965101][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.974100][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.982909][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.990314][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  574.999050][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  575.007747][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  575.016593][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  575.021670][T29221] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.025435][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  575.040575][ T7463] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  575.145880][ T7463] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  575.191028][T31247] loop0: detected capacity change from 0 to 128
[  575.256913][T31247] syz.0.8419: attempt to access beyond end of device
[  575.256913][T31247] loop0: rw=34817, sector=97, nr_sectors = 32 limit=128
[  575.306390][T31260] loop8: detected capacity change from 0 to 164
[  575.320689][T31252] syz.8.8423: attempt to access beyond end of device
[  575.320689][T31252] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  575.336025][T31252] syz.8.8423: attempt to access beyond end of device
[  575.336025][T31252] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[  575.367288][T31248] ==================================================================
[  575.375406][T31248] BUG: KCSAN: data-race in do_exit / zap_pid_ns_processes
[  575.382536][T31248] 
[  575.384861][T31248] write to 0xffff888107cee820 of 4 bytes by task 31247 on cpu 1:
[  575.392577][T31248]  do_exit+0xa61/0x17f0
[  575.396737][T31248]  do_group_exit+0x102/0x150
[  575.401339][T31248]  get_signal+0xeb9/0x1000
[  575.405770][T31248]  arch_do_signal_or_restart+0x95/0x4b0
[  575.411341][T31248]  syscall_exit_to_user_mode+0x62/0x120
[  575.416915][T31248]  do_syscall_64+0xd6/0x1c0
[  575.421449][T31248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  575.427365][T31248] 
[  575.429687][T31248] read to 0xffff888107cee820 of 4 bytes by task 31248 on cpu 0:
[  575.437316][T31248]  zap_pid_ns_processes+0x3d/0x2c0
[  575.442439][T31248]  do_exit+0x155d/0x17f0
[  575.446690][T31248]  __x64_sys_exit+0x1f/0x20
[  575.451205][T31248]  x64_sys_call+0x2da1/0x2dc0
[  575.455888][T31248]  do_syscall_64+0xc9/0x1c0
[  575.460397][T31248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  575.466320][T31248] 
[  575.468643][T31248] value changed: 0x00000000 -> 0x00000011
[  575.474362][T31248] 
[  575.476686][T31248] Reported by Kernel Concurrency Sanitizer on:
[  575.482834][T31248] CPU: 0 UID: 0 PID: 31248 Comm: syz.0.8419 Not tainted 6.13.0-rc6-syzkaller-00036-gfbfd64d25c7a #0
[  575.493603][T31248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  575.503664][T31248] ==================================================================
[  575.566492][T31254] lo speed is unknown, defaulting to 1000
[  575.589689][T31259] loop7: detected capacity change from 0 to 164
[  575.688205][T31259] syz.7.8426: attempt to access beyond end of device
[  575.688205][T31259] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  575.706006][T31259] syz.7.8426: attempt to access beyond end of device
[  575.706006][T31259] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164