last executing test programs:

3m3.972203358s ago: executing program 0 (id=1459):
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xa9, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file2/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='rpc_pipefs\x00', 0x0, 0x0)
ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000280)={&(0x7f00000002c0), &(0x7f00000001c0)=""/69, 0x45})
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="7a0a00ff000000007110bc00000000009100000000000000"], &(0x7f0000000480)='syzkaller\x00'}, 0x80)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="ec00000021000100feffffff000000000000000000000000000000000000000000000000007c0000000000000000000000000000000000001700a00000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c00110000000000000000000000000000000000fe8000000000000000000000000000bbac1414210000000000000000000000002001000000000000000000000000000000000000000000000000020000000000000000000000000000000000fe8000000000000000000000000000bb"], 0xec}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r4, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

3m3.067905355s ago: executing program 0 (id=1472):
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd}, 0x10000, 0x0, 0x2, 0x0, 0x88}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

3m2.170329623s ago: executing program 0 (id=1479):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a300000000014000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
r3 = epoll_create1(0x0)
epoll_pwait(r3, &(0x7f00000001c0)=[{}], 0x1, 0x7f, 0x0, 0x0)

3m1.924712298s ago: executing program 0 (id=1485):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd}, 0x10000, 0x0, 0x2, 0x0, 0x88}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x18)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x9c7c, 0x2, 0x4}, &(0x7f0000000200), &(0x7f0000000280))

3m1.255727961s ago: executing program 0 (id=1495):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x80}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r3}, &(0x7f0000000200), &(0x7f0000000240)=r4}, 0x20)
r6 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r6, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x4}, 0x10)
sendmsg$tipc(r7, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x3, {0x0, 0x0, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8811}, 0x8054)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r9, 0x40086602, &(0x7f00000002c0)=0x10)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000300), 0x3800)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1d000000", @ANYRES16=r10, @ANYBLOB="010028bd7000ffdbdf2504000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

3m1.162899082s ago: executing program 0 (id=1497):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="190000000400000004"], 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000001c0)={0x2000000000000051, &(0x7f0000000040)=[{0xe7, 0x17, 0x8, 0x3b6c}]})
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r0}, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x401, <r2=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004400)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r8, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x85a, 0x3ff, 0x46, 0x2, 0x81, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0x1, 0x1, 0x5, 0x1, 0x5b1f, 0x7b0, 0x5, 0x100, 0x6, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x0, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x64, 0xff, 0x24, 0x5, 0xe7, 0x6, 0x7a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x9, 0x200, 0x6, 0x2, 0x2, 0x800, 0x10001, 0x8, 0xb, 0x5, 0xda56, 0x80000000, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x3, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x3, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x6, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x5, 0x7fffffff, 0x0, 0x6, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x1, 0x3, 0xa, 0x1, 0x0, 0x9, 0x300, 0x5, 0x3, 0x6, 0xfffffffd, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x1, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x3, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1000, 0x4, 0xec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0xe, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x8000, 0x98, 0x8, 0x6, 0x9, 0x400, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0xffff, 0x4, 0x2, 0x3ff, 0x3e, 0xb828, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0xb, 0x9, 0x2, 0xffffffff, 0x2, 0x8, 0x4, 0x3, 0x9, 0xc, 0x0, 0x3, 0x2, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x6, 0x8, 0x9, 0x6, 0x6, 0xe, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x2, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0xc0, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x7, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x3, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x6, 0x40, 0x2, 0xfff, 0x8, 0x3, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0x7, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0x3, 0xc0a1, 0x5, 0x8, 0x7, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x80000002, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x8, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x0, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000000c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)=r9}, 0x20)
r10 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
readlink(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x0)
writev(r10, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

2m46.006103077s ago: executing program 32 (id=1497):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="190000000400000004"], 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000001c0)={0x2000000000000051, &(0x7f0000000040)=[{0xe7, 0x17, 0x8, 0x3b6c}]})
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r0}, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x401, <r2=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004400)=@newtfilter={0x8b0, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r8, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x87c, 0x2, [@TCA_MATCHALL_ACT={0x878, 0x2, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1ff, 0x3, 0x10000, 0x81, 0x7f, 0xfffffffb, 0x4, 0x2, 0xffffffc0, 0x5, 0x2234, 0x7f, 0x81b, 0x800, 0x8, 0x0, 0x3, 0x7ed53619, 0x1, 0x2, 0x9644, 0x4, 0x58b, 0x85a, 0x3ff, 0x46, 0x2, 0x81, 0x0, 0x80000000, 0x10001, 0x790, 0x5, 0xab2, 0xfffffff9, 0x1a77, 0x9, 0x3, 0x400, 0x63c, 0x4, 0x1, 0x1, 0x5, 0x1, 0x5b1f, 0x7b0, 0x5, 0x100, 0x6, 0xd, 0xff, 0x3, 0x10000, 0x6, 0x6b7, 0x1ff, 0x80, 0x4, 0x7, 0x3, 0xa14, 0x3, 0x2, 0x80000000, 0x81, 0x7, 0x8, 0x5, 0x10001, 0xf7, 0x3, 0xfffffff9, 0x9, 0x4, 0x8, 0xfff, 0x3, 0x1, 0x6, 0x7, 0x0, 0x100, 0xc0000000, 0x6, 0x6, 0x6, 0x8, 0x80000001, 0x8, 0x1d24, 0x2, 0x9, 0x0, 0x7f, 0x7, 0x64, 0xff, 0x24, 0x5, 0xe7, 0x6, 0x7a, 0x8, 0x0, 0x7, 0x470, 0x7f, 0x6, 0x0, 0x1, 0x0, 0x4, 0x9, 0x9, 0x200, 0x6, 0x2, 0x2, 0x800, 0x10001, 0x8, 0xb, 0x5, 0xda56, 0x80000000, 0x80, 0x2f0cb955, 0x7, 0xfed, 0xf, 0x3, 0x2, 0x1, 0x9, 0x8001, 0x0, 0xec000, 0x0, 0x1, 0x3, 0xfffffffb, 0x7, 0x8, 0x4, 0x1, 0xffffcf1b, 0x282, 0x5517bc7b, 0x3, 0x4, 0xb6b, 0x6, 0x0, 0xac, 0x9, 0x6, 0x10, 0x9, 0x8, 0x80000001, 0x0, 0x74, 0x5, 0x7fffffff, 0x0, 0x6, 0x6, 0xffffffff, 0x8, 0x2, 0x7, 0x7f, 0x1, 0x3, 0xa, 0x1, 0x0, 0x9, 0x300, 0x5, 0x3, 0x6, 0xfffffffd, 0xffb, 0xff, 0x5, 0x8, 0x3, 0x2, 0x5, 0xfca, 0x399d, 0x6, 0x8ab6, 0x18000, 0x2, 0xfffffff9, 0x2, 0x2, 0x528c, 0x5, 0x200, 0xac, 0xf, 0xd05, 0x9a2ce73, 0x4, 0x6, 0xe074, 0x6b10, 0x5, 0x1, 0x6, 0xb, 0xa26, 0xaf6, 0x0, 0xec, 0x8, 0xde16, 0xc418, 0xffffffff, 0xffffffff, 0x9, 0x400, 0x1, 0x5, 0x354d, 0x5, 0x2, 0x1, 0x7, 0x1, 0x177, 0x7, 0x3, 0x80, 0x5, 0x8, 0xfffffffb, 0x9, 0xe7b, 0x0, 0x7, 0x42bf, 0x10000, 0x9, 0x9, 0x6, 0x4b75, 0x80000001, 0x1000, 0x5915, 0x10001, 0x1]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1000, 0x4, 0xec2, 0x6, 0x8, 0x400, 0x5, 0x1, 0x7, 0x470, 0x487, 0x100, 0xa99, 0xffffff01, 0x5, 0x37f, 0x8, 0x6, 0x3, 0x3, 0x800, 0xd2f5, 0x40, 0x4, 0x4, 0x5, 0x7, 0xe, 0x2, 0x8, 0x101, 0xffffffff, 0x2, 0x10000, 0xa6, 0x3, 0x10000, 0x5, 0x4, 0x0, 0x3, 0x0, 0xd, 0x8000, 0x98, 0x8, 0x6, 0x9, 0x400, 0xb3000, 0xf, 0x3, 0x9, 0xb4, 0x94d, 0x9, 0x8, 0x6, 0x100, 0xec0, 0xffff, 0x4, 0x2, 0x3ff, 0x3e, 0xb828, 0x0, 0x0, 0x365, 0x8, 0x8, 0xf, 0x1, 0xfffffffe, 0xfffffff6, 0x93, 0x7ff, 0x92, 0x0, 0x7, 0xfffffffc, 0xb, 0x9, 0x2, 0xffffffff, 0x2, 0x8, 0x4, 0x3, 0x9, 0xc, 0x0, 0x3, 0x2, 0x400, 0x100000, 0x7f, 0x2, 0x8, 0x4, 0x7, 0x4, 0x7, 0xfffffffa, 0x101, 0xadd9, 0x1, 0x0, 0x7, 0x7fffffff, 0x2, 0x4, 0x0, 0x5, 0x4, 0x6, 0x8, 0x9, 0x6, 0x6, 0xe, 0xb, 0x3, 0x7f, 0xffff, 0x401, 0x1685, 0xa252, 0x2, 0x200, 0x3, 0x1, 0x400, 0xfffffffc, 0xfffffffc, 0x1000, 0x7ff, 0x1, 0x1f6, 0x751, 0x7, 0x40000000, 0x2, 0xffffdbb7, 0x50, 0xf, 0xf, 0xe, 0xc0, 0x0, 0x81, 0xfff80000, 0x7a7, 0x1, 0x6, 0x3, 0x8, 0x7, 0x5, 0x2, 0x0, 0x4e8, 0x80, 0x3, 0x8, 0x5, 0x0, 0x5, 0x7fff, 0x7, 0x8, 0x6a4941c5, 0x2ea567b4, 0x8, 0x80000000, 0x6, 0x40, 0x2, 0xfff, 0x8, 0x3, 0x1, 0x1, 0x0, 0x0, 0xd3bed341, 0x691f, 0x0, 0x2, 0x9, 0x6, 0x0, 0x1ff, 0x3, 0x3, 0x6, 0x5fc8462f, 0x0, 0x7, 0x7, 0xfffffffc, 0x5, 0x0, 0xb9a6, 0x522, 0x2, 0x2, 0x900, 0x8, 0xbb99, 0xb8000000, 0x8, 0x3, 0xc0a1, 0x5, 0x8, 0x7, 0x59, 0x9, 0x2, 0x101, 0x5f502dc7, 0x7, 0x0, 0x4, 0x6, 0x80000001, 0x3, 0xffffff97, 0x80000002, 0xfff, 0x1, 0x40, 0x8, 0x3, 0x710, 0x8, 0x1, 0xfffff339, 0x3, 0x8001, 0x1, 0x8001, 0x9, 0x8, 0xfffffffa, 0x8, 0x9, 0x3, 0xe, 0x10000, 0x9, 0x9, 0x7, 0xfffffff8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffe00, 0x8, 0x5, 0x1, 0xdbec, {0x8, 0x0, 0xb55, 0x5, 0x7, 0x5}, {0x6, 0x0, 0xd, 0x5, 0x1, 0x5d17}, 0x2, 0x0, 0x6}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x8b0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000000c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)=r9}, 0x20)
r10 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
readlink(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x0)
writev(r10, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
symlink(&(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

2m39.687923851s ago: executing program 1 (id=1704):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000400)='\b', 0x1}, {&(0x7f0000000140)="2400d325ecaed9", 0x7}], 0x2, &(0x7f0000000100)=ANY=[], 0x40}, 0x20008024)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc1ffb}]})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f00000001c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x7, 0x9, r1, 0x0, 0x0, 0x7, 0x0, 0x1, r2}])
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00'}, 0x10)
setfsgid(0x0)

2m39.284605588s ago: executing program 1 (id=1707):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
shmget(0x3, 0x2000, 0x800, &(0x7f0000ffe000/0x2000)=nil)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'tunl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0a000000040000000c0000000b00000042840000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000059787000000000000000000", @ANYRES32=<r5=>0xffffffffffffffff, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRES16=r1, @ANYRES16=r3, @ANYRES8=r5, @ANYRES64=r2, @ANYRES8, @ANYRESHEX=r0, @ANYRESOCT=0x0], 0x48)
r7 = memfd_secret(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x9, 0x12, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000500000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000852000000300000018460000f9ffffff0000000000000000bf9100000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000400)='syzkaller\x00', 0x9, 0x5c, &(0x7f00000004c0)=""/92, 0x41100, 0x0, '\x00', 0x0, @cgroup_sock=0x22, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x2, 0x1, 0xc, 0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x1, &(0x7f0000000a00)=[r4, r6, r4, r4, r6, r6], &(0x7f0000000a40)=[{0x2, 0x5, 0x6, 0x3}], 0x10, 0x9}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$PIO_UNIMAPCLR(r10, 0x4b68, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r4, @ANYRESHEX=r9], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r11 = gettid()
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r12 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r12, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x4, @tid=r11}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

2m38.035119223s ago: executing program 1 (id=1721):
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd}, 0x10000, 0x0, 0x2, 0x0, 0x88}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x9c7c, 0x2, 0x4}, &(0x7f0000000200), &(0x7f0000000280))

2m37.458672324s ago: executing program 1 (id=1731):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0xffffffffffffff5c, 0x0, 0x0, 0x8}, 0x94)
mlock2(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000000100)={'macvtap0\x00', @random="f40100000060"})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000003b00)={0x11, 0x1, &(0x7f0000003980)=ANY=[@ANYBLOB="9500001000000000"], &(0x7f00000039c0)='GPL\x00', 0x6, 0x12, &(0x7f0000003a00)=""/18, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r2 = io_uring_setup(0x7db1, &(0x7f0000000180)={0x0, 0x7036, 0x8, 0x0, 0x1a7})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000500)='./file0/../file0\x00', 0x0, 0x2125099, 0x0)
mount$cgroup2(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000000), 0x81, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffefc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x10000}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r7=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7fe, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x2}, r7, 0xb}}, 0x48)
write$RDMA_USER_CM_CMD_DESTROY_ID(r6, &(0x7f0000000f80)={0x1, 0xe, 0xfa00, {&(0x7f0000000300), r7}}, 0x18)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IGNORE_DF={0x5, 0x13, 0x1}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
r8 = io_uring_setup(0x3a9f, &(0x7f0000000240)={0x0, 0x3432, 0x100, 0x1, 0x200175, 0x0, r2})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
io_uring_register$IORING_REGISTER_PROBE(r8, 0x8, &(0x7f0000000140), 0x26)

2m37.377481246s ago: executing program 1 (id=1734):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000040)={'ip6gre0\x00', <r0=>0x0, 0x2f, 0xf5, 0xf6, 0x0, 0x1, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x700, 0x7, 0x3, 0x400}})
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000004000000450000008814"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000380)={0x3, &(0x7f0000000340)=[{0x1, 0x8, 0xfb, 0x5}, {0x84, 0x6, 0xa8, 0x4}, {0x6, 0x9, 0x4, 0x1}]})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20004011, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r5, 0x0, 0x1000000000000}, 0x18)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2m37.1616157s ago: executing program 1 (id=1738):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@data_err_ignore}, {@grpquota}, {@abort}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000000800)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
syz_io_uring_setup(0x3380, &(0x7f0000000180)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r0=>0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})

2m37.082845651s ago: executing program 33 (id=1738):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@data_err_ignore}, {@grpquota}, {@abort}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000000800)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
syz_io_uring_setup(0x3380, &(0x7f0000000180)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r0=>0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})

2m29.176816935s ago: executing program 5 (id=1851):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x454e, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000000)=0x56, 0x4)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

2m29.034303988s ago: executing program 5 (id=1856):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000))
creat(&(0x7f0000000640)='./bus\x00', 0x1a8)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write(r0, &(0x7f0000000180)="2cd889f0253e14", 0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = getpid()
recvmsg$can_j1939(r1, &(0x7f0000000440)={&(0x7f0000000000)=@generic, 0x80, &(0x7f0000000340)=[{&(0x7f0000000800)=""/91, 0x5b}], 0x1, &(0x7f0000000a00)=""/4096, 0x1000}, 0x400121a1)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1, 0x0, r3}}, 0x40)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffe, 0x0, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r7, 0x0, 0x2}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r6}, &(0x7f0000000000), &(0x7f00000000c0)=r7}, 0x20)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
r8 = perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xece7, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x1007, 0x9, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfc}, r3, 0xa, 0xffffffffffffffff, 0x8)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r8, 0x0)
perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xc7d7}, 0x0, 0x0, r8, 0xa)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
dup(r4)

2m28.92748573s ago: executing program 5 (id=1858):
write(0xffffffffffffffff, &(0x7f0000000080)="1400", 0x2)
syz_read_part_table(0x104c, &(0x7f0000000000)="$eJzsz7ENwjAQBdDvAAkLsA8jICT2oaFiE1ZiAEagNEpCXNAjhPReYZ989rcu/NTQz/tmOTiPS59D9mOxrtd7u/CsU9UlWU3NufMYPkNbWEotSY4l72+yzWWX5UF3un1lKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4M68AAAD//zEzCY0=")
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r0, 0x11c, 0x3, &(0x7f0000001080)=""/3, &(0x7f00000010c0)=0x3)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_int(r1, 0x0, 0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYRES16=r1], &(0x7f00000000c0)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008413, &(0x7f0000000000)={[{@noblock_validity}, {@barrier}]}, 0x0, 0x517, &(0x7f00000000c0)="$eJzs3UFvG1kdAPD/OHG2adJNFjjASuwu7KK0gtrJRrsb9VCKhOBUCSj3EhIniuLEVey0TVTRVHwAJIQAiRNcuCDxAZBQJS4cEVIlOIMAgRC0cAAJOsj2OE0dOwmta6fJ7ydN58178/x/z+2M581MZwI4ta5k0+M0TS9ExESWn8umhp2ItyLi0cM7C/UpiTS99rckkiyvtVra8EqMNas0PuArX4z4erI/bnVre3W+XC5tZMvF2tqNYnVr++LK2vxyabm0Pjs78/7cB3PvzU0/T/eWxrLEuYi4/Pk/ffdbP/7C5Z9/5tbvr//l/DeSZpvvtvfj/zN8YGnz+8zHmbYqG88W7Fga3psYPVqde9k/EQAA+qt+XPqhiPhkRFyIiRg65HgWAAAAePmknx2P/ySta3f7jHTJBwAAAF4iuYgYjyRXyO73HY9crlCIxj28H4mzuXKlWvv0UmVzfbFeFjEZ+dzSSrk0nd3bOhn5pL4800g/WX63bXk2Il6LiO9MjDaWCwuV8uKgT34AAADAKTHWNv7/50Rz/A8AAACcMJODbgAAAADwwhn/AwAAwMln/A8AAAAn2peuXq1Paev914s3tzZXKzcvLpaqq4W1zYXCQmXjRmG5UlluPLNv7cAP23114Prm7WKtVK0Vq1vb19cqm+u16ytPvwIbAAAA6J/X3rz/2yQidi6Nxuil0UbeyJ7yf2fvCRhYA4EXZveUXSTZfGT/Sr97tTn/Y58aBfTF0KAbAAzM8KAbAAxMftANAAYuOaS86807v8rmn+htewAAgN6b+tiT6/87bdf/cwfW3Dm4GDj2bMRwern+D6dX4/p/h1v+OnKwACdK3hEAnHrPff3/UP4PEQAADNp4Y0pyhez03njkcoVCxLnGawHyydJKuTQdEa9GxG8m8q/Ul2caNZNDxwwAAAAAAAAAAAAAAAAAAAAAAAAAQFOaJpECAAAAJ1pE7s/JL5rP8p+aeGe8/fzASPKvicheEXrrB9e+d3u+VtuYqef/fTe/9v0s/91BnMEAAAAA2rXG6a1xPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD00qOHdxZaUz/j/vVzETHZKf5wnGnMz0Q+Is7+I4nhPfWSiBjqQfydexHx0U7xk3qzdkN2ij/64uPHZPYtdIo/1oP4cJrdr+9/rnTa/nLxVmPeefsbjnhq+Vl13//F7v5vqMv2f+6IMV5/8NNi1/j3Il4f7rz/acVPusR/+4jxv/bV7e1uZekPI6Y6/v4kT8Uq1tZuFKtb2xdX1uaXS8ul9dnZmffnPph7b266uLRSLmV/dozx7Y//7PFB/T/bJf7kIf1/54j9/++D2w8/3EzmO8U//3aH+L/8UbbG/vi57LfvU1m6Xj7VSu8003u98ZNfv3FQ/xe79P+wv//zR+z/hS9/8w9HXBUA6IPq1vbqfLlc2jixifoo/Rg0Q+IYJu7uL3ozutZKkoM/ME3TtL5NPUfDku7R+5NIdnMGvWcCAAB67cnR/6BbAgAAAAAAAAAAAAAAAAAAAKdXP54r1h5zZzeV9OIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPfG/AAAA//+j7+fN")
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="fffffffff55286990914593186dd6087fb00000000000000000000000001fc0200000000000000000000000000000002000000000000040100010100c204"], 0x0)

2m28.693506334s ago: executing program 5 (id=1862):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2f4, &(0x7f0000000900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOn8oKVMKYVKEb6fhMxhzj3tvZ2SnNt02Lrz+nEhZ2k5vSLBmJKAiMi2yIgExRNwj0E7jkqzF3Jx8NvH/2/dvXcjnclMzig1lZ69lFJKDY++e/Is7g5bH5DNkQdbX1NfNv/e/Hfr5+yjvKXyliqWKkpXc6XPFX3ONNRC3ipoSk2bhm4ZKl+0jLKTLzn5nFlaXKwqvbgwlFgsG5al9GJVFYyqqpRUpVxVoYd6vqg0TVNDCUEn2ZWZGT19yOL5Hk8Gv0m5nNZDIhLfk8mu9GVCAACgr1r7/6CoXvb/q+c2KoO314bd/n896tf/X/7kPNau/j8mIr79v/f8vv2/3l3/v7cjOluO1P/jZBiN7jkVaIT1ZDmtJ9y/X9vL+6tjdkD/DwAAAAAAAAAAAAAAAAAAAADAn2C7VkvWarWkd/R+6rmYiDT/3iIkIlePf8bopXbXf6Dz9ccp0LhxLzwsYr5ayi5lnaM7YENETDFkTJLyw34/uOqxd+eRqhuR9+ayW7+8lA3ZmXRO8nb9uCQj0lpfq01dz0yOK8fu+ogkmutTkpS//OtTvvVRuXC+qV6TpHyYl5KYsmDPo1H/fFypazczLfVxexwAAAAAAKeBpnb47t81rV3eqd/ZX7d+PhBq7K/HfPfnYfkv3N+1AwAAAABwVljVpwXdNI3yPkFcOo9xgsgBxrQG4W4GdxF4Kzxolfddhh5P42CB9+S7UjH3ZM9flkAXL0ubICiHqRqtr0YddRXex0btxsj0xPFfQTv4583b7717wCtrsQ4rPXwQ2v8NEHG//gUAAADgFGk0/d6Zif5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+g4/jtav9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//9p2gTn")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
r1 = syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}})
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2f4, &(0x7f0000000900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOn8oKVMKYVKEb6fhMxhzj3tvZ2SnNt02Lrz+nEhZ2k5vSLBmJKAiMi2yIgExRNwj0E7jkqzF3Jx8NvH/2/dvXcjnclMzig1lZ69lFJKDY++e/Is7g5bH5DNkQdbX1NfNv/e/Hfr5+yjvKXyliqWKkpXc6XPFX3ONNRC3ipoSk2bhm4ZKl+0jLKTLzn5nFlaXKwqvbgwlFgsG5al9GJVFYyqqpRUpVxVoYd6vqg0TVNDCUEn2ZWZGT19yOL5Hk8Gv0m5nNZDIhLfk8mu9GVCAACgr1r7/6CoXvb/q+c2KoO314bd/n896tf/X/7kPNau/j8mIr79v/f8vv2/3l3/v7cjOluO1P/jZBiN7jkVaIT1ZDmtJ9y/X9vL+6tjdkD/DwAAAAAAAAAAAAAAAAAAAADAn2C7VkvWarWkd/R+6rmYiDT/3iIkIlePf8bopXbXf6Dz9ccp0LhxLzwsYr5ayi5lnaM7YENETDFkTJLyw34/uOqxd+eRqhuR9+ayW7+8lA3ZmXRO8nb9uCQj0lpfq01dz0yOK8fu+ogkmutTkpS//OtTvvVRuXC+qV6TpHyYl5KYsmDPo1H/fFypazczLfVxexwAAAAAAKeBpnb47t81rV3eqd/ZX7d+PhBq7K/HfPfnYfkv3N+1AwAAAABwVljVpwXdNI3yPkFcOo9xgsgBxrQG4W4GdxF4Kzxolfddhh5P42CB9+S7UjH3ZM9flkAXL0ubICiHqRqtr0YddRXex0btxsj0xPFfQTv4583b7717wCtrsQ4rPXwQ2v8NEHG//gUAAADgFGk0/d6Zif5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+g4/jtav9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//9p2gTn") (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) (async)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628) (async)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) (async)
syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) (async)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}}) (async)

2m28.461698829s ago: executing program 5 (id=1867):
r0 = syz_io_uring_setup(0x4c55, &(0x7f0000000040)={0x0, 0x26e6, 0x200, 0x0, 0x5}, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000140)={&(0x7f0000002000)={[{&(0x7f00000001c0)="bd56307c1c651b19ea94cd2934d9770587a6ed7a441bddf98ba3a9171af5e65ea9aeed1b57b3767092bd1fa9f06bdf01770e4743f2f579ee9d4ee6c9f5881e5d5fa702ef8ece737591014d8ba3d0b62f6acd7b398e2edc23fa8ae0e5ab7715535b9c07cab2ff7d5dbb9dbc3b4ea9d263d013a29c2ed5434077ba6a7a9ff704a319c6", 0x82}]}, 0x1, 0x3}, 0x1)
r1 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000000)={0x10000, 0xfffffffffffffffc, 0x6, 0xf})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000180)='cpu==0||!')

2m28.275337413s ago: executing program 5 (id=1873):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
semtimedop(0x0, 0x0, 0x1f4, 0x0)

2m28.226610044s ago: executing program 34 (id=1873):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
semtimedop(0x0, 0x0, 0x1f4, 0x0)

4.184823058s ago: executing program 3 (id=4148):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdbb73887feb3f14db126c935954a335f6469a793"], 0x138)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x45, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xc890, 0x4000}, 0x0, 0x0)

4.11174022s ago: executing program 3 (id=4149):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kfree\x00', r1, 0x0, 0x200003}, 0x18)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000004080)=@filename='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0/file0\x00', 0x0, &(0x7f00000001c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')

3.994720902s ago: executing program 3 (id=4151):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYRES8=r0], 0x7c}, 0x1, 0x0, 0x0, 0x200488c0}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000006000000000000000a2c000000050a03000000000000000000020000000c00024000000000000000010900010073797a30000000002c000000030a010200000000000000000200ffff0800010073797a30000000000900030573797a320000000020000000020a03"], 0xa0}}, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001580))
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r4, 0x400, 0x1)
fremovexattr(r4, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f0000000640), 0x1, 0x5bc, &(0x7f0000001440)="$eJzs3V2IXGcdB+D/md1N87E1H7Zqa2xWQ20gdGez2YREvLDEj1qTWlG8CIWwZKe7IbM7a3YD3algizeiIII3IggVe2FFNJCbSqntRYs3Ckr9oKIxoIIIRSsFEdSRdz620+akCe7uHJrzPHBm3/Oe2X3f2eE355w57zkngNIaSw9ZxGhEXIyI7Z3Z1z9hrPOjefDCXJqyaLU+/bes/byZgxfmek/t/d629DAcsTkidh3LYu/Ile0urTTPTtfrtXPd+ery/GJ1aaV595n56dnabG3h0JGpo5OHp45Mrd9rnfjZ1lv/fOf9l594/p///tZvDv8g9Xe0u6z/dayXsRjr/k9GYmdf/XAWcd96N1aQoc5bHXf21WXDBXaI69Zq7fp+ev/eHhF72/nfHkPRefNeevrBf2yPX91bdB+BjdPqyV/8Sgu4YVXa28BZZTwiOuVKZXy8sw1/S2yt1BtLy/sfapxfmOlsK++IkcpDZ+q1ie6+wo4YydL8gXb5tfnJN8wfjGhvA39paEt7fvx0oz4z6A87oG004tLFz53etO0N+f/LUCf/wI0r5f+XLzz1bCq/OlR0b4BBSvn/3qvznwj5h9KRfygv+Yfykn8oL/mH8pJ/KC/5h/KSfygv+Yfykn8or17+HzhxIh44caLV7J7/vtCYPXN2bvHo5MT4/PnT46cb5xbHZxuN2fYZO/PX/rv1RmPxwGScf7i6XFtari6tNE/NN84vLJ9qn9d/qpZzKQCgACcvb75v557nXsoi4tEPbGlPyabuclmFG1urlUXR5yADxbDrD+XlUm1QXvbxgewayzdfbUF9/fsCDEal6A4AhbnrNsf/oKx8/w/l5ft/KC/b+IDv/6F8fP8P5TV6lft/3dx3766JiHhbRPx0aOSm3r2+gLeU1+3qj0ZcuvSdz1ZX78OtoKCgsFoo7oMKGIzXQl90T4CizBy8MNebBtXmM7ODagnI8/I9nUFAKffN7tRZMrx6bGBkg8YJ7bwjPf7o94/vmxtKU3Q/hzagKSDHo49FxLvy1v9Z+9jAju7zdnWeFrdExK0R8Y6IeOca2/7GpyLG4oVaf538w+Bcb/5vi4i0ur49It4dEbsj4j1rbPsXF1P+f72lv07+oRw+/3zRPQCK8vGniu4BUJSTxhhAaX33kaJ7ABTl6R8W3QOgKF99segeQLk9d09ETOQd/6u0j/f3jHSvC3hT91oAWyJia0Rs655DeHP3HMHtfccMr+XUJyPG4o4f99c5/geD0xv/17xi/F9ldfzfUETsWUMbz3xw9Ct59dO7U/6feKQ3/i9Nqf3eWEBgY738WMTtufnPVsf8ZpFyGvHe/7ONsS9cfjKv/sX7098d+bn8QzFa3454f+TnvyeVqsvzi9Wllebd7ft4z9YWDh2ZOjp5eOrIVLV9iZBq70IhOY7//ZX9efW/m0z5/+Yh+YdipPX/1qvkv3/7/31raOPY1798Mq9+9I8p/7ufffP8V/66KftMe753X4KHp5eXzx2I2JQdv7J+cg0dhRtcLyO9DKX879ubv/+/q/s7af1/LCI+nLYXIuI/EfHfiPhIRHw0Ij4WEfe+SZtfu2v2cl79H55M+X/8rPU/FCPlf+Ya6//0819raGP/vp98Ma/+Q3tS/sd/+6fjDw6nSf4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1t/SSvPsdL1eO7eBhaJfIwAAAAAAAJTF/wIAAP//d8Uzog==")

3.967166413s ago: executing program 3 (id=4152):
socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x1}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x20, &(0x7f00000000c0)={&(0x7f0000000140)=""/156, 0x9c, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x808010, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b2, &(0x7f0000001380)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj")
unshare(0x6020480)
r0 = socket(0x10, 0x803, 0x0)
write(r0, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1ffec0e90101c7bb0000b0", 0x21)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000d9bffc), 0x4)
r4 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'team0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0x0, 0x2000001, {0x0, 0x0, 0x0, r5, {0x1}, {0x0, 0xc}, {0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x220440c0)

3.776946846s ago: executing program 3 (id=4154):
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd}, 0x10000, 0x0, 0x2, 0x0, 0x88}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x18)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

2.983701522s ago: executing program 3 (id=4168):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffff9]}, 0x0, 0x8)
r4 = gettid()
r5 = gettid()
tkill(r4, 0x12)
tkill(r5, 0x14)
syz_genetlink_get_family_id$ipvs(&(0x7f00000018c0), r0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r8 = dup(r7)
write$P9_RLERRORu(r8, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])

2.008960831s ago: executing program 6 (id=4180):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdbb73887feb3f14db126c935954a335f6469a793"], 0x138)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x45, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xc890, 0x4000}, 0x0, 0x0)

1.910925733s ago: executing program 6 (id=4182):
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd}, 0x10000, 0x0, 0x2, 0x0, 0x88}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x18)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

1.453924112s ago: executing program 6 (id=4187):
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xa9, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file2/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='rpc_pipefs\x00', 0x0, 0x0)
ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000280)={&(0x7f00000002c0), &(0x7f00000001c0)=""/69, 0x45})
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="7a0a00ff000000007110bc00"], &(0x7f0000000480)='syzkaller\x00'}, 0x94)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="ec00000021000100feffffff000000000000000000000000000000000000000000000000007c0000000000000000000000000000000000001700a00000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c00110000000000000000000000000000000000fe8000000000000000000000000000bbac1414210000000000000000000000002001000000000000000000000000000000000000000000000000020000000000000000000000000000000000fe8000000000000000000000000000bb"], 0xec}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x100000b, 0x2013, r4, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

1.409089153s ago: executing program 7 (id=4189):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 64)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', <r4=>0x0}) (async, rerun: 64)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r3) (rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000600)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x24, r5, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x40}, @val={0x8, 0x3, r6}, @void}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x4040091) (async, rerun: 32)
r7 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r2, r4, 0x25, 0x4}, 0x14) (async, rerun: 32)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000100)='sched_kthread_work_queue_work\x00', r8, 0x0, 0xfffffffffffffffd}, 0x18) (async, rerun: 32)
bpf$LINK_DETACH(0x22, &(0x7f0000000040)=r7, 0x4) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r9, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

1.382722593s ago: executing program 7 (id=4190):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f00000005c0), r0)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001000)={0x0, 0x4400, &(0x7f0000000fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB="ec000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000800050001000000140002007767310000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5420800050000000000900008808c00008024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c640009801c000080060001000200000008000200ffffffff0500030003"], 0xec}, 0x1, 0x0, 0x0, 0x4084}, 0x80)

1.328962394s ago: executing program 7 (id=4191):
ioctl$BTRFS_IOC_SYNC(0xffffffffffffffff, 0x9408, 0x0)
gettid()
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000201010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x0)

1.324469414s ago: executing program 2 (id=4192):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x300, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0xc, 0x3}, {0x3}, {0xd}]}]}}, 0x0, 0x3e, 0x0, 0x1, 0x1}, 0x28)

1.301768925s ago: executing program 7 (id=4193):
socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x1}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x20, &(0x7f00000000c0)={&(0x7f0000000140)=""/156, 0x9c, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x808010, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b2, &(0x7f0000001380)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj")
unshare(0x6020480)
r0 = socket(0x10, 0x803, 0x0)
write(r0, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1ffec0e90101c7bb0000b0", 0x21)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000d9bffc), 0x4)
r3 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'team0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0x0, 0x2000001, {0x0, 0x0, 0x0, r4, {0x1}, {0x0, 0xc}, {0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x220440c0)

1.183274067s ago: executing program 2 (id=4194):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2, 0x0, 0xfffffffffffffffc}, 0x18)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f0000000640), 0x1, 0x5bc, &(0x7f0000001440)="$eJzs3V2IXGcdB+D/md1N87E1H7Zqa2xWQ20gdGez2YREvLDEj1qTWlG8CIWwZKe7IbM7a3YD3algizeiIII3IggVe2FFNJCbSqntRYs3Ckr9oKIxoIIIRSsFEdSRdz620+akCe7uHJrzPHBm3/Oe2X3f2eE355w57zkngNIaSw9ZxGhEXIyI7Z3Z1z9hrPOjefDCXJqyaLU+/bes/byZgxfmek/t/d629DAcsTkidh3LYu/Ile0urTTPTtfrtXPd+ery/GJ1aaV595n56dnabG3h0JGpo5OHp45Mrd9rnfjZ1lv/fOf9l594/p///tZvDv8g9Xe0u6z/dayXsRjr/k9GYmdf/XAWcd96N1aQoc5bHXf21WXDBXaI69Zq7fp+ev/eHhF72/nfHkPRefNeevrBf2yPX91bdB+BjdPqyV/8Sgu4YVXa28BZZTwiOuVKZXy8sw1/S2yt1BtLy/sfapxfmOlsK++IkcpDZ+q1ie6+wo4YydL8gXb5tfnJN8wfjGhvA39paEt7fvx0oz4z6A87oG004tLFz53etO0N+f/LUCf/wI0r5f+XLzz1bCq/OlR0b4BBSvn/3qvznwj5h9KRfygv+Yfykn8oL/mH8pJ/KC/5h/KSfygv+Yfykn8or17+HzhxIh44caLV7J7/vtCYPXN2bvHo5MT4/PnT46cb5xbHZxuN2fYZO/PX/rv1RmPxwGScf7i6XFtari6tNE/NN84vLJ9qn9d/qpZzKQCgACcvb75v557nXsoi4tEPbGlPyabuclmFG1urlUXR5yADxbDrD+XlUm1QXvbxgewayzdfbUF9/fsCDEal6A4AhbnrNsf/oKx8/w/l5ft/KC/b+IDv/6F8fP8P5TV6lft/3dx3766JiHhbRPx0aOSm3r2+gLeU1+3qj0ZcuvSdz1ZX78OtoKCgsFoo7oMKGIzXQl90T4CizBy8MNebBtXmM7ODagnI8/I9nUFAKffN7tRZMrx6bGBkg8YJ7bwjPf7o94/vmxtKU3Q/hzagKSDHo49FxLvy1v9Z+9jAju7zdnWeFrdExK0R8Y6IeOca2/7GpyLG4oVaf538w+Bcb/5vi4i0ur49It4dEbsj4j1rbPsXF1P+f72lv07+oRw+/3zRPQCK8vGniu4BUJSTxhhAaX33kaJ7ABTl6R8W3QOgKF99segeQLk9d09ETOQd/6u0j/f3jHSvC3hT91oAWyJia0Rs655DeHP3HMHtfccMr+XUJyPG4o4f99c5/geD0xv/17xi/F9ldfzfUETsWUMbz3xw9Ct59dO7U/6feKQ3/i9Nqf3eWEBgY738WMTtufnPVsf8ZpFyGvHe/7ONsS9cfjKv/sX7098d+bn8QzFa3454f+TnvyeVqsvzi9Wllebd7ft4z9YWDh2ZOjp5eOrIVLV9iZBq70IhOY7//ZX9efW/m0z5/+Yh+YdipPX/1qvkv3/7/31raOPY1798Mq9+9I8p/7ufffP8V/66KftMe753X4KHp5eXzx2I2JQdv7J+cg0dhRtcLyO9DKX879ubv/+/q/s7af1/LCI+nLYXIuI/EfHfiPhIRHw0Ij4WEfe+SZtfu2v2cl79H55M+X/8rPU/FCPlf+Ya6//0819raGP/vp98Ma/+Q3tS/sd/+6fjDw6nSf4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1t/SSvPsdL1eO7eBhaJfIwAAAAAAAJTF/wIAAP//d8Uzog==")

879.514563ms ago: executing program 2 (id=4196):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000540)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070"], 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@deltfilter={0x24, 0x2d, 0x200, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4, 0xf}}}, 0x24}}, 0x14000000)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
flock(r4, 0x1)

877.738383ms ago: executing program 7 (id=4197):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
shmget(0x3, 0x2000, 0x800, &(0x7f0000ffe000/0x2000)=nil)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'tunl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0a000000040000000c00", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000059787000000000000000000", @ANYBLOB='\x00'], 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRES16, @ANYRES16=r1, @ANYRES8, @ANYRES64, @ANYRES8, @ANYRESHEX=r0, @ANYRESOCT=0x0], 0x48)
r4 = memfd_secret(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x9, 0x12, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000852000000300000018460000f9ffffff0000000000000000bf9100000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000400)='syzkaller\x00', 0x9, 0x5c, &(0x7f00000004c0)=""/92, 0x41100, 0x0, '\x00', 0x0, @cgroup_sock=0x22, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540)={0x2, 0x1, 0xc, 0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a00)=[r2, r3, r2, r2, r3, r3], &(0x7f0000000a40), 0x10, 0x9}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$PIO_UNIMAPCLR(r7, 0x4b68, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r2, @ANYRESHEX=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r8 = gettid()
r9 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r9, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x4, @tid=r8}, &(0x7f0000bbdffc)=<r10=>0x0)
timer_settime(r10, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

760.948275ms ago: executing program 4 (id=4199):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='tran', @ANYRESHEX])
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[])

737.457186ms ago: executing program 4 (id=4200):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x78}, 0x1, 0x0, 0x0, 0x840}, 0x0)

714.273896ms ago: executing program 4 (id=4201):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r0, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x200000007})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)=ANY=[@ANYRES16=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x12, 0x2ff, &(0x7f0000000bc0)=ANY=[@ANYRESHEX=r0, @ANYRES64=r0, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000480), 0x73, 0x160341)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r4=>0x0})
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000140000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r5, r4, 0x25, 0x0, @void}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0x18, &(0x7f0000000900)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10000}, [@map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x5}, @map_idx={0x18, 0x4, 0x5, 0x0, 0x8}, @call={0x85, 0x0, 0x0, 0x7f}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x4}, @ldst={0x0, 0x3, 0x0, 0x0, 0x3, 0xfffffffffffffff4, 0x4}, @alu={0x4, 0x1, 0x3, 0x1, 0x4, 0x18, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0x3}]}, &(0x7f0000000280)='syzkaller\x00', 0x6, 0xc6, &(0x7f00000009c0)=""/198, 0x41100, 0x21, '\x00', r4, 0x0, r0, 0x8, &(0x7f00000003c0)={0x9, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x3, 0x8, 0x7354, 0x5}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000640)=[r0], &(0x7f0000000680)=[{0x5, 0x2, 0x9, 0x3}, {0x2, 0x2, 0x2, 0xe}, {0x0, 0x5, 0x0, 0xb}], 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
syz_emit_ethernet(0xfdef, &(0x7f0000000a40)=ANY=[], 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000240)='xen_mmu_set_pud\x00', r6, 0x0, 0x8}, 0x18)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000300)=ANY=[], 0x15)
r9 = dup(r8)
write$P9_RLERRORu(r9, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r9, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r9, &(0x7f0000000340)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r9])

639.813177ms ago: executing program 4 (id=4202):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
cachestat(r2, &(0x7f0000000300)={0x6, 0x2}, &(0x7f0000000340), 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r4, 0x0, 0x4}, 0x18)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x101, 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x8031, 0xffffffffffffffff, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) (async)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0) (async)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) (async)
cachestat(r2, &(0x7f0000000300)={0x6, 0x2}, &(0x7f0000000340), 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r4, 0x0, 0x4}, 0x18) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]}) (async)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) (async)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x101, 0x0}) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x8031, 0xffffffffffffffff, 0x0) (async)
close_range(r5, 0xffffffffffffffff, 0x0) (async)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) (async)

541.29977ms ago: executing program 6 (id=4203):
ioctl$BTRFS_IOC_SYNC(0xffffffffffffffff, 0x9408, 0x0)
gettid()
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000201010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x0)

308.252674ms ago: executing program 6 (id=4204):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000022c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a000100001c0002800c00024000000000000000030c0001400000000000000101340b00000e0a010800000000000000000200000a0900020073797a3000000000f42703806c0100807a000640d098c82b576a2dbb1b4b29cddf10eccea2113f48ef0d5450e178f7327d25e71ec90830bec90022e5c8db9b6fd6fd9702308aec7070138c9ead68fec17af7f959eac56f9ca97bb0c284279be52c699440cc5e80ce421086bfa1b46637debbe3e9de0025a353d74a68e1a2d9fe99e44f5079702f39ee4700000900090073797a310000000010000780090001006c617374000000001c0007800c0001007061796c6f6164000c0002800800074000000000100007800b0001006e756d67656e000008000340000000010c0004400000000000000006810006402453ff2ab9e70b4243206e5332cef0e3989a7e84af12bc6b3d3c7874d929a358b8d84812f574188a5078499682104233be63988e75159483de2e9dabc82af1c0a57e50be58430134e25b54904aa7c39e6eea8f047420a038d53cf76eb57985d43e99c0df90e62a771f3d4e4ad8abc1571502c42970021ee971fdf587330000000900090073797a3100000000780100800c00054000000000000000100c0004400000000000000002500102803800028008000180fffffffd0900020073797a30000000000800034000000002080003400000000108000180fffffffb08000340000000041f00010025bf99925a8043ca3618f5b64537b5b3affd3433b2e97b9ab58470003800028008000180ffffffff08000180ffffffff0900020073797a30000000000900020073797a30000000000900020073797a3000000000540002800900020073797a310000000008000340000000040900020073797a310000000008000340000000030900020073797a310000000008000340000000040900020073797a30000000000800034000000003380002800800034000000004080001801906161c0900020073797a300000000008000180ffffffff08000180ffffffffffff14000280080003400000000308000340000000041c0002800800034000000002080003400000000208000340000000040c0005400000000000000005b4010080800002805400028008000180fffffffe080003400000000208000180fffffffe0800034000000003080003400000000208000340000000020900020073797a31000000000900020073797a30000000000800034000000003280002800900020073797a32000000000900020073797a30000000000900020073797a320000000004010180000101008f19d7e8e93ea980f067b4e8fff99ef82a6b3e97dc1a457f7e855706ebb824efcad61471f9ee411a3b9d28902dc8f10f9b6061eea1f6e5c21cbe21f7f90f958cb09fa81d57cdbfd8f371c38dd36a7c87f1d8bd38e9723063e67f836828b60bf9614d91f29bc10730776e101b9998b8b530a8731d7ab7ef363d4fdcf45f9b34d3e75ec9cc7470e6527b1bd512d31d94865f04f8414aa2ad00373c703e8fecfd88be19775a878d67da8cf201f3c68231b767f820d41e005f57ab7e660777cd98e58b7bc97b81cc1cb33eaffed153351ba9fbca1547b45229088080ede54d1cedc176cb1c7a11bd2b57b3f0c5869a772e16a4837a40478c9b85930771520c000440000000000000000720000a801c000280080003400000000408000340000000020800034000000002980300802c000640d1a98a70f5984f2d6d80a26ba6727a7347771afe51dc1ea98b5e494d63381704538382f251702a870c000440000000000000007d0900090073797a3200000000e9000640db348e5875bfd41c1587a7e84362b171aa7d9f5c47605c637cc14f55f5a19c821a01f5992fdc5e6d764a345f3d55d8de0d1248c424da1792cbc764c17da3866e73b206025c264ad11033d9aaa21bbf4d4a83ccdd830184b31ea2752b5177a55bc95f6ee4ffa581c826036ca6ebc5977edbc5ec0ee2f0589c1552a870f28a18068efb616cdd0de4ee0dd33c225bbc6c7f9339433d5e67636e233397e8141c7bf7bbf53eefd630e3dc5808799c8fc1ed7362eb8371d4b4849769550c4ec100fda6c94aa87ee1a0627027fb0af2c39c8bc1b3c3f9662576a8c2a0813c0dcea12458b91a5e327300000008000340000000030301064046328c7956a709fd7f681120350bb67d8cab6021d268a48d34e8f7ff0581d38e0e2de812600fee6b722120b41ca65fbd65c224d55b4735c853be8628a98466896cf1f512978a0c4bbeb78ccfbdee8bebc8e1df6b9b42aa1e01b16b604d7f92125b7dcc927a6d9c7c026b5faa790971a519a7230207bd6ab1e996a00ad0f79ce0104b7f7d19f9547e9224440605c32bd49b7a063ad3870a07db23e9e22de9a400b39b52cc7ac80f2b5998d1fbf8230c5aa2a51042db59b00771334a7fa1117b1337a574f1c22d64c2d7948524ddb06e87a67857a4fc132597eef3e659ff59fa17441c4e892846340dbab64e84842c08155d671f37ff4785f957902d7eda7e450058010180140002800800034000000004080003400000000414000280080003400000000308000180fffffffd0c0002800800034000000002bf000100c1b6c5ec4a8a7fdb481f0beecb1865c17e8ba9e44495742e2b92501619e10665610dcfdd0ecee807fd194fad7c6336abdec9cc20c43ed0e36f7f020f1a052ed6c4ae33d6985b5e5eb3d1eef0cb0056dab96e1517399cd676b73953845653e88adda79c01cf5ed0512a40ae95d936f42afe199921fc8fb346683c8e1da045beea628be794f3baec05c2bd7a80be8ed09fe4797431b1ec91e262e5d637365663f65556547d33f0e22c619745451e8424e3eb9a2adc8ca5a5a51e5493006000028008000180ffffffff08000180fffffffe0900020073797a320000000008000180fffffffc0900020073797a300000000008000180fffffffc0900020073797a310000000008000180fffffffd08000180000000010800034000000001c00200800900090073797a300000000050010a803800028008000180fffffffd080003400000000408000180fffffffb080003400000000308000340000000020900020073797a320000000069000100b85522d5952f75559af53df41c93e2ba4d1ebdbb1c3256395f89a993a392a1a95a696b444c87512f558a6c5bdf31d3ca37853fd774d43c20f5e3eb7f385d86870be89cb85d423d3286df38833d2233a37e7f2d110d5449ddbcb5e6934de8e7474bb5612fed0000008f000100b5d66443c2392c123e7bc17666642d8d02e9f6b67fed5829c710848dbdd2bf5897794409e4a2544a44f1c0c46099dcd4cf8fa03af4aa314a0fefc739bae51a1a9d80dedb6673c484ba53d2f6d781e9d83892f8e8c310ed13f34b2baa50872b7d0d232ed2e2197261e8ac69d64e492a307ec25de37538a6113adec10ed63aca5d71891efe9a3bffd652b5b900180002800900020073797a310000000008000180fffffffc08000340000000105001028004000100710001006b38806901172956c957e1638418da6b7a5e51b627f303be43f43b8f317e08732fa3742b17d963f902b8d434fc3e453b210fb12ac80f2d7c39539cf285cebe2dc3ea444874dcd64e088fdc9b2db087447fd03308dc9eb6ff20a891504885f7a792fc0a92164bdea2bfb3d587990000004800028008000340000000030900020073797a32000000000900020073797a320000000008000180fffffffb0900020073797a3000000000080003400000000408000180fffffffe440002800900020073797a300000000008000340000000020900020073797a310000000008000180fffffffb0900020073797a32000000000900020073797a30000000004800028008000180fffffffe0800034000000002090073797a310000000008000180fffffffe08000340000000020900020073797a310000000008000340000000000900020073797a310000000008000440000000030900010073797a3100000000140000001000010000000000000000000084000a000000000000"], 0xbe4}}, 0x0)

259.922745ms ago: executing program 2 (id=4205):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYRES8=r0], 0x7c}, 0x1, 0x0, 0x0, 0x200488c0}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000006000000000000000a2c000000050a03000000000000000000020000000c00024000000000000000010900010073797a30000000002c000000030a010200000000000000000200ffff0800010073797a30000000000900030573797a320000000020000000020a03"], 0xa0}}, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001580))
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r4, 0x400, 0x1)
fremovexattr(r4, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f0000000640), 0x1, 0x5bc, &(0x7f0000001440)="$eJzs3V2IXGcdB+D/md1N87E1H7Zqa2xWQ20gdGez2YREvLDEj1qTWlG8CIWwZKe7IbM7a3YD3algizeiIII3IggVe2FFNJCbSqntRYs3Ckr9oKIxoIIIRSsFEdSRdz620+akCe7uHJrzPHBm3/Oe2X3f2eE355w57zkngNIaSw9ZxGhEXIyI7Z3Z1z9hrPOjefDCXJqyaLU+/bes/byZgxfmek/t/d629DAcsTkidh3LYu/Ile0urTTPTtfrtXPd+ery/GJ1aaV595n56dnabG3h0JGpo5OHp45Mrd9rnfjZ1lv/fOf9l594/p///tZvDv8g9Xe0u6z/dayXsRjr/k9GYmdf/XAWcd96N1aQoc5bHXf21WXDBXaI69Zq7fp+ev/eHhF72/nfHkPRefNeevrBf2yPX91bdB+BjdPqyV/8Sgu4YVXa28BZZTwiOuVKZXy8sw1/S2yt1BtLy/sfapxfmOlsK++IkcpDZ+q1ie6+wo4YydL8gXb5tfnJN8wfjGhvA39paEt7fvx0oz4z6A87oG004tLFz53etO0N+f/LUCf/wI0r5f+XLzz1bCq/OlR0b4BBSvn/3qvznwj5h9KRfygv+Yfykn8oL/mH8pJ/KC/5h/KSfygv+Yfykn8or17+HzhxIh44caLV7J7/vtCYPXN2bvHo5MT4/PnT46cb5xbHZxuN2fYZO/PX/rv1RmPxwGScf7i6XFtari6tNE/NN84vLJ9qn9d/qpZzKQCgACcvb75v557nXsoi4tEPbGlPyabuclmFG1urlUXR5yADxbDrD+XlUm1QXvbxgewayzdfbUF9/fsCDEal6A4AhbnrNsf/oKx8/w/l5ft/KC/b+IDv/6F8fP8P5TV6lft/3dx3766JiHhbRPx0aOSm3r2+gLeU1+3qj0ZcuvSdz1ZX78OtoKCgsFoo7oMKGIzXQl90T4CizBy8MNebBtXmM7ODagnI8/I9nUFAKffN7tRZMrx6bGBkg8YJ7bwjPf7o94/vmxtKU3Q/hzagKSDHo49FxLvy1v9Z+9jAju7zdnWeFrdExK0R8Y6IeOca2/7GpyLG4oVaf538w+Bcb/5vi4i0ur49It4dEbsj4j1rbPsXF1P+f72lv07+oRw+/3zRPQCK8vGniu4BUJSTxhhAaX33kaJ7ABTl6R8W3QOgKF99segeQLk9d09ETOQd/6u0j/f3jHSvC3hT91oAWyJia0Rs655DeHP3HMHtfccMr+XUJyPG4o4f99c5/geD0xv/17xi/F9ldfzfUETsWUMbz3xw9Ct59dO7U/6feKQ3/i9Nqf3eWEBgY738WMTtufnPVsf8ZpFyGvHe/7ONsS9cfjKv/sX7098d+bn8QzFa3454f+TnvyeVqsvzi9Wllebd7ft4z9YWDh2ZOjp5eOrIVLV9iZBq70IhOY7//ZX9efW/m0z5/+Yh+YdipPX/1qvkv3/7/31raOPY1798Mq9+9I8p/7ufffP8V/66KftMe753X4KHp5eXzx2I2JQdv7J+cg0dhRtcLyO9DKX879ubv/+/q/s7af1/LCI+nLYXIuI/EfHfiPhIRHw0Ij4WEfe+SZtfu2v2cl79H55M+X/8rPU/FCPlf+Ya6//0819raGP/vp98Ma/+Q3tS/sd/+6fjDw6nSf4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1t/SSvPsdL1eO7eBhaJfIwAAAAAAAJTF/wIAAP//d8Uzog==")

217.517255ms ago: executing program 6 (id=4206):
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xa9, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file2/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='rpc_pipefs\x00', 0x0, 0x0)
ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000280)={&(0x7f00000002c0), &(0x7f00000001c0)=""/69, 0x45})
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="7a0a00ff000000007110bc00000000009100000000000000"], &(0x7f0000000480)='syzkaller\x00'}, 0x80)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000cc0)=ANY=[], 0xec}}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6, 0x0, 0x3}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

174.689576ms ago: executing program 2 (id=4207):
socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x1}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x20, &(0x7f00000000c0)={&(0x7f0000000140)=""/156, 0x9c, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x808010, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b2, &(0x7f0000001380)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj")
unshare(0x6020480)
r0 = socket(0x10, 0x803, 0x0)
write(r0, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1ffec0e90101c7bb0000b0", 0x21)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000d9bffc), 0x4)
r4 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'team0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x1, 0x0, 0x2000001, {0x0, 0x0, 0x0, r5, {0x1}, {0x0, 0xc}, {0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x220440c0)

87.677818ms ago: executing program 4 (id=4208):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2, 0x0, 0xfffffffffffffffc}, 0x18)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f0000000640), 0x1, 0x5bc, &(0x7f0000001440)="$eJzs3V2IXGcdB+D/md1N87E1H7Zqa2xWQ20gdGez2YREvLDEj1qTWlG8CIWwZKe7IbM7a3YD3algizeiIII3IggVe2FFNJCbSqntRYs3Ckr9oKIxoIIIRSsFEdSRdz620+akCe7uHJrzPHBm3/Oe2X3f2eE355w57zkngNIaSw9ZxGhEXIyI7Z3Z1z9hrPOjefDCXJqyaLU+/bes/byZgxfmek/t/d629DAcsTkidh3LYu/Ile0urTTPTtfrtXPd+ery/GJ1aaV595n56dnabG3h0JGpo5OHp45Mrd9rnfjZ1lv/fOf9l594/p///tZvDv8g9Xe0u6z/dayXsRjr/k9GYmdf/XAWcd96N1aQoc5bHXf21WXDBXaI69Zq7fp+ev/eHhF72/nfHkPRefNeevrBf2yPX91bdB+BjdPqyV/8Sgu4YVXa28BZZTwiOuVKZXy8sw1/S2yt1BtLy/sfapxfmOlsK++IkcpDZ+q1ie6+wo4YydL8gXb5tfnJN8wfjGhvA39paEt7fvx0oz4z6A87oG004tLFz53etO0N+f/LUCf/wI0r5f+XLzz1bCq/OlR0b4BBSvn/3qvznwj5h9KRfygv+Yfykn8oL/mH8pJ/KC/5h/KSfygv+Yfykn8or17+HzhxIh44caLV7J7/vtCYPXN2bvHo5MT4/PnT46cb5xbHZxuN2fYZO/PX/rv1RmPxwGScf7i6XFtari6tNE/NN84vLJ9qn9d/qpZzKQCgACcvb75v557nXsoi4tEPbGlPyabuclmFG1urlUXR5yADxbDrD+XlUm1QXvbxgewayzdfbUF9/fsCDEal6A4AhbnrNsf/oKx8/w/l5ft/KC/b+IDv/6F8fP8P5TV6lft/3dx3766JiHhbRPx0aOSm3r2+gLeU1+3qj0ZcuvSdz1ZX78OtoKCgsFoo7oMKGIzXQl90T4CizBy8MNebBtXmM7ODagnI8/I9nUFAKffN7tRZMrx6bGBkg8YJ7bwjPf7o94/vmxtKU3Q/hzagKSDHo49FxLvy1v9Z+9jAju7zdnWeFrdExK0R8Y6IeOca2/7GpyLG4oVaf538w+Bcb/5vi4i0ur49It4dEbsj4j1rbPsXF1P+f72lv07+oRw+/3zRPQCK8vGniu4BUJSTxhhAaX33kaJ7ABTl6R8W3QOgKF99segeQLk9d09ETOQd/6u0j/f3jHSvC3hT91oAWyJia0Rs655DeHP3HMHtfccMr+XUJyPG4o4f99c5/geD0xv/17xi/F9ldfzfUETsWUMbz3xw9Ct59dO7U/6feKQ3/i9Nqf3eWEBgY738WMTtufnPVsf8ZpFyGvHe/7ONsS9cfjKv/sX7098d+bn8QzFa3454f+TnvyeVqsvzi9Wllebd7ft4z9YWDh2ZOjp5eOrIVLV9iZBq70IhOY7//ZX9efW/m0z5/+Yh+YdipPX/1qvkv3/7/31raOPY1798Mq9+9I8p/7ufffP8V/66KftMe753X4KHp5eXzx2I2JQdv7J+cg0dhRtcLyO9DKX879ubv/+/q/s7af1/LCI+nLYXIuI/EfHfiPhIRHw0Ij4WEfe+SZtfu2v2cl79H55M+X/8rPU/FCPlf+Ya6//0819raGP/vp98Ma/+Q3tS/sd/+6fjDw6nSf4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1t/SSvPsdL1eO7eBhaJfIwAAAAAAAJTF/wIAAP//d8Uzog==")

12.70715ms ago: executing program 7 (id=4209):
perf_event_open(&(0x7f00000015c0)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x20511, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x5}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={0x28, r0, 0x10ada85e65c25359, 0xfffffff9, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x4, 0x72}}}}}, 0x28}}, 0x0)

3.972079ms ago: executing program 2 (id=4210):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2b, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=', @ANYRESHEX])
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[])

0s ago: executing program 4 (id=4211):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x200, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x78}, 0x1, 0x0, 0x0, 0x840}, 0x0)

kernel console output (not intermixed with test programs):

file or directory
[  300.066058][T13488] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.089326][T13480] tipc: Resetting bearer <eth:syzkaller0>
[  300.100571][T13480] tipc: Disabling bearer <eth:syzkaller0>
[  300.134126][T13492] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.147799][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.228168][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.291840][T13508] loop2: detected capacity change from 0 to 512
[  300.351240][T13508] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.366083][T13508] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  300.379303][T13518] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  300.449574][T13527] loop4: detected capacity change from 0 to 512
[  300.473744][T13530] loop6: detected capacity change from 0 to 1024
[  300.492346][T13528] bridge_slave_1: left allmulticast mode
[  300.498030][T13528] bridge_slave_1: left promiscuous mode
[  300.503861][T13528] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.514933][T13527] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.530280][T13528] bridge_slave_0: left allmulticast mode
[  300.535980][T13528] bridge_slave_0: left promiscuous mode
[  300.541718][T13528] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.554075][T13511] loop3: detected capacity change from 0 to 32768
[  300.562299][T13530] EXT4-fs: Ignoring removed nomblk_io_submit option
[  300.579734][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.592858][T13530] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  300.602404][T13530] System zones: 0-1, 3-36
[  300.610175][T13530] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.624010][ T3294]  loop3: p2 p3 < p5 > p4 < p6 >
[  300.630069][T13535] loop4: detected capacity change from 0 to 512
[  300.637425][ T3294] loop3: p2 size 117440512 extends beyond EOD, truncated
[  300.650284][ T3294] loop3: p5 size 33554432 extends beyond EOD, truncated
[  300.663617][ T3294] loop3: p6 size 117440512 extends beyond EOD, truncated
[  300.674479][T13535] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.681294][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.699995][T13511]  loop3: p2 p3 < p5 > p4 < p6 >
[  300.708983][T13511] loop3: p2 size 117440512 extends beyond EOD, truncated
[  300.717121][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.727531][T13511] loop3: p5 size 33554432 extends beyond EOD, truncated
[  300.748122][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.749194][T13511] loop3: p6 size 117440512 extends beyond EOD, truncated
[  300.775242][T13540] netlink: 'syz.6.3253': attribute type 3 has an invalid length.
[  300.784508][T13542] batman_adv: batadv0: Removing interface: batadv_slave_0
[  300.805957][T13542] batman_adv: batadv0: Removing interface: batadv_slave_1
[  300.814955][T13542] batman_adv: batadv0: Interface deactivated: macvlan0
[  300.822014][T13542] batman_adv: batadv0: Removing interface: macvlan0
[  300.913685][T13549] loop4: detected capacity change from 0 to 2048
[  300.979398][T13549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.039638][ T9147] udevd[9147]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[  301.048451][T12551] udevd[12551]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[  301.052285][ T3539] udevd[3539]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  301.066087][ T3538] udevd[3538]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  301.080759][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  301.207170][ T9147] udevd[9147]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[  301.207203][ T3539] udevd[3539]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  301.240566][T12551] udevd[12551]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[  301.355738][T13580] loop2: detected capacity change from 0 to 128
[  301.375263][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  301.417008][ T3538] udevd[3538]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  301.429509][T13583] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  301.437358][T13583] FAT-fs (loop2): Filesystem has been set read-only
[  301.444070][T13583] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  301.451916][T13583] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  301.597159][T13573] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  301.605560][T13573] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  301.778757][T13582] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  302.100197][T13589] loop3: detected capacity change from 0 to 128
[  302.169891][T13588] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  302.177779][T13588] FAT-fs (loop3): Filesystem has been set read-only
[  302.184628][T13588] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  302.192623][T13588] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  302.220929][T13589] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  302.226444][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.229208][T13589] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  302.258353][T13592] __nla_validate_parse: 21 callbacks suppressed
[  302.258371][T13592] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  302.273194][T13592] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  302.306919][   T29] kauditd_printk_skb: 1138 callbacks suppressed
[  302.306935][   T29] audit: type=1400 audit(1757333658.169:15746): avc:  denied  { getopt } for  pid=13595 comm="syz.7.3271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  302.333169][   T29] audit: type=1400 audit(1757333658.169:15747): avc:  denied  { connect } for  pid=13595 comm="syz.7.3271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  302.353904][   T29] audit: type=1400 audit(1757333658.169:15748): avc:  denied  { name_connect } for  pid=13595 comm="syz.7.3271" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  302.484051][T13592] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  302.569413][T13592] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  302.578035][T13592] netlink: 84 bytes leftover after parsing attributes in process `+}[@'.
[  302.707765][   T29] audit: type=1326 audit(1757333658.569:15749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13609 comm="syz.3.3275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a242ebe9 code=0x7ffc0000
[  302.731701][   T29] audit: type=1326 audit(1757333658.569:15750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13609 comm="syz.3.3275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a242ebe9 code=0x7ffc0000
[  302.755395][   T29] audit: type=1326 audit(1757333658.569:15751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13609 comm="syz.3.3275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f81a242ebe9 code=0x7ffc0000
[  302.945996][T13623] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  302.968762][   T29] audit: type=1326 audit(1757333658.829:15752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13609 comm="syz.3.3275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a242ebe9 code=0x7ffc0000
[  302.992966][   T29] audit: type=1326 audit(1757333658.829:15753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13609 comm="syz.3.3275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a242ebe9 code=0x7ffc0000
[  303.036120][   T29] audit: type=1400 audit(1757333658.899:15754): avc:  denied  { append } for  pid=13632 comm="syz.4.3284" name="mISDNtimer" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  303.059918][   T29] audit: type=1400 audit(1757333658.909:15755): avc:  denied  { create } for  pid=13628 comm="syz.3.3283" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  303.186769][T13639] loop2: detected capacity change from 0 to 128
[  303.249503][T13641] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  303.257438][T13641] FAT-fs (loop2): Filesystem has been set read-only
[  303.264222][T13641] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  303.272086][T13641] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  303.428479][T13627] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  303.436814][T13627] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  303.556363][T13649] loop7: detected capacity change from 0 to 4096
[  303.574147][T13649] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  303.599894][T13649] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.813310][T13656] tipc: Started in network mode
[  303.818282][T13656] tipc: Node identity 7ae5050a0126, cluster identity 4711
[  303.825615][T13656] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  303.833800][ T9130] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.856328][T13656] syzkaller0: entered promiscuous mode
[  303.862038][T13656] syzkaller0: entered allmulticast mode
[  303.874951][T13656] tipc: Resetting bearer <eth:syzkaller0>
[  303.931999][T13655] tipc: Resetting bearer <eth:syzkaller0>
[  303.954407][T13655] tipc: Disabling bearer <eth:syzkaller0>
[  303.977595][T13662] tipc: Started in network mode
[  303.982609][T13662] tipc: Node identity 766d35298134, cluster identity 4711
[  303.989901][T13662] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  303.998746][T13662] syzkaller0: entered promiscuous mode
[  304.004330][T13662] syzkaller0: entered allmulticast mode
[  304.025102][T13666] loop7: detected capacity change from 0 to 128
[  304.045966][T13662] tipc: Resetting bearer <eth:syzkaller0>
[  304.053064][T13666] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  304.106121][T13666] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  304.126086][T13661] tipc: Resetting bearer <eth:syzkaller0>
[  304.139307][T13661] tipc: Disabling bearer <eth:syzkaller0>
[  304.150837][T13676] Invalid ELF header magic: != ELF
[  304.166021][T13666] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3294'.
[  304.188662][T13670] netlink: 'syz.6.3296': attribute type 13 has an invalid length.
[  304.215118][T13681] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3300'.
[  304.277711][T13684] loop2: detected capacity change from 0 to 4096
[  304.294228][T13670] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  304.306560][T13670] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  304.322211][T13684] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  304.352549][T13684] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.366929][T13670] batman_adv: batadv0: Interface deactivated: macvlan0
[  304.430450][ T3531] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.451442][T13696] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  304.460035][T13696] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  304.492071][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.527598][T13696] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  304.569279][ T3531] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.592841][   T56] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.620711][   T56] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.641924][T13713] loop6: detected capacity change from 0 to 2048
[  304.665429][T13713] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.764310][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.892153][T13733] can0: slcan on ttyS3.
[  305.055497][T13757] loop4: detected capacity change from 0 to 512
[  305.091869][T13757] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.112983][T13757] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.131623][T13765] pimreg: entered allmulticast mode
[  305.139984][T13765] pimreg: left allmulticast mode
[  305.160187][T13757] bridge_slave_1: left allmulticast mode
[  305.165904][T13757] bridge_slave_1: left promiscuous mode
[  305.171808][T13757] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.188600][T13757] bridge_slave_0: left allmulticast mode
[  305.194399][T13757] bridge_slave_0: left promiscuous mode
[  305.200148][T13757] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.383539][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.609277][T13723] can0 (unregistered): slcan off ttyS3.
[  305.649932][T13827] loop4: detected capacity change from 0 to 512
[  305.831205][T13827] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.195924][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.226028][T13849] netlink: 'syz.3.3366': attribute type 10 has an invalid length.
[  306.235141][T13840] loop6: detected capacity change from 0 to 128
[  306.242586][T13841] loop7: detected capacity change from 0 to 128
[  306.266440][T13840] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  306.274358][T13840] FAT-fs (loop6): Filesystem has been set read-only
[  306.281059][T13840] bio_check_eod: 58969 callbacks suppressed
[  306.281071][T13840] syz.6.3360: attempt to access beyond end of device
[  306.281071][T13840] loop6: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  306.300817][T13840] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  306.308644][T13840] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  306.316965][T13828] syz.6.3360: attempt to access beyond end of device
[  306.316965][T13828] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  306.330284][T13828] syz.6.3360: attempt to access beyond end of device
[  306.330284][T13828] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  306.343554][T13828] syz.6.3360: attempt to access beyond end of device
[  306.343554][T13828] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  306.356924][T13840] syz.6.3360: attempt to access beyond end of device
[  306.356924][T13840] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  306.370656][T13842] syz.6.3360: attempt to access beyond end of device
[  306.370656][T13842] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  306.384177][T13842] syz.6.3360: attempt to access beyond end of device
[  306.384177][T13842] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  306.397500][T13840] syz.6.3360: attempt to access beyond end of device
[  306.397500][T13840] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  306.411034][T13840] syz.6.3360: attempt to access beyond end of device
[  306.411034][T13840] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  306.424780][T13840] syz.6.3360: attempt to access beyond end of device
[  306.424780][T13840] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  306.424960][T13842] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  306.446746][T13842] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  306.447621][T13843] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  306.463235][T13843] FAT-fs (loop7): Filesystem has been set read-only
[  306.469966][T13843] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  306.477828][T13843] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  306.501013][T13856] netdevsim netdevsim7: loading /lib/firmware/. failed with error -22
[  306.509308][T13856] netdevsim netdevsim7: Direct firmware load for . failed with error -22
[  306.678164][T13855] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  306.836491][T13870] lo speed is unknown, defaulting to 1000
[  306.862328][T13873] loop4: detected capacity change from 0 to 512
[  306.915884][T13873] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.999711][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.093785][T13894] loop4: detected capacity change from 0 to 512
[  307.125855][T13893] loop7: detected capacity change from 0 to 4096
[  307.133315][T13893] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  307.163982][T13894] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.177078][T13893] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.199966][T13894] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.250529][T13905] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  307.270923][ T9130] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.307497][T13911] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13911 comm=syz.3.3389
[  307.323063][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.333436][T13917] loop2: detected capacity change from 0 to 512
[  307.362093][T13917] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.426168][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.453432][   T29] kauditd_printk_skb: 231 callbacks suppressed
[  307.453465][   T29] audit: type=1400 audit(1757333663.319:15987): avc:  denied  { relabelfrom } for  pid=13931 comm="syz.7.3398" name="" dev="pipefs" ino=40650 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  307.472045][T13934] loop4: detected capacity change from 0 to 4096
[  307.490708][T13930] tipc: Started in network mode
[  307.495607][T13930] tipc: Node identity 3a373ae3dbba, cluster identity 4711
[  307.502894][T13930] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  307.512101][T13934] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  307.512833][T13930] syzkaller0: entered promiscuous mode
[  307.527715][T13930] syzkaller0: entered allmulticast mode
[  307.544172][T13930] tipc: Resetting bearer <eth:syzkaller0>
[  307.551947][T13929] tipc: Resetting bearer <eth:syzkaller0>
[  307.566816][T13934] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.581234][T13929] tipc: Disabling bearer <eth:syzkaller0>
[  307.588494][T13936] __nla_validate_parse: 28 callbacks suppressed
[  307.588511][T13936] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  307.603483][T13936] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  307.617956][T13942] loop7: detected capacity change from 0 to 512
[  307.622881][T13936] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  307.633255][T13936] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  307.641939][T13936] netlink: 84 bytes leftover after parsing attributes in process `+}[@'.
[  307.660277][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.671444][T13942] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.686156][T13942] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.716356][ T9130] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.754233][T13949] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  307.844607][T13960] loop6: detected capacity change from 0 to 512
[  307.902192][T13960] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.956077][T13971] loop2: detected capacity change from 0 to 4096
[  308.011263][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.022885][T13974] loop7: detected capacity change from 0 to 128
[  308.058677][T13971] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  308.079929][T13971] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.095115][T13976] netdevsim netdevsim7: loading /lib/firmware/. failed with error -22
[  308.103366][T13976] netdevsim netdevsim7: Direct firmware load for . failed with error -22
[  308.278122][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.380830][T13995] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  308.413319][   T29] audit: type=1400 audit(1757333664.279:15988): avc:  denied  { lock } for  pid=13986 comm="+}[@" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=41263 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  308.440692][   T29] audit: type=1400 audit(1757333664.309:15989): avc:  denied  { connect } for  pid=13986 comm="+}[@" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  308.591803][T14064] loop6: detected capacity change from 0 to 4096
[  308.662325][T14064] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  308.723960][T14064] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.796835][T14070] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14070 comm=syz.7.3425
[  308.812103][T14071] loop2: detected capacity change from 0 to 128
[  308.855171][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.874846][T14076] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  308.883071][T14076] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  308.901593][T14075] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  308.929007][T14075] syzkaller0: entered promiscuous mode
[  308.934659][T14075] syzkaller0: entered allmulticast mode
[  308.982917][T14073] tipc: Resetting bearer <eth:syzkaller0>
[  308.992689][T14073] tipc: Disabling bearer <eth:syzkaller0>
[  309.060096][   T29] audit: type=1326 audit(1757333664.789:15990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14077 comm="syz.4.3429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08459aebe9 code=0x7ffc0000
[  309.083794][   T29] audit: type=1326 audit(1757333664.789:15991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14077 comm="syz.4.3429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08459aebe9 code=0x7ffc0000
[  309.107506][   T29] audit: type=1326 audit(1757333664.789:15992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14077 comm="syz.4.3429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f08459aebe9 code=0x7ffc0000
[  309.131018][   T29] audit: type=1326 audit(1757333664.789:15993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14077 comm="syz.4.3429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08459aebe9 code=0x7ffc0000
[  309.154716][   T29] audit: type=1326 audit(1757333664.789:15994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14077 comm="syz.4.3429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08459aebe9 code=0x7ffc0000
[  309.178419][   T29] audit: type=1326 audit(1757333664.789:15995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14077 comm="syz.4.3429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f08459aebe9 code=0x7ffc0000
[  309.202047][   T29] audit: type=1326 audit(1757333664.789:15996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14077 comm="syz.4.3429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08459aebe9 code=0x7ffc0000
[  309.238969][T14080] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  309.447647][T14096] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  309.456247][T14096] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  309.465251][T14096] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  309.534653][T14096] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  309.543238][T14096] netlink: 84 bytes leftover after parsing attributes in process `+}[@'.
[  309.560774][T14099] loop4: detected capacity change from 0 to 128
[  309.660678][T14104] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  309.669012][T14104] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  309.858487][T14108] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  309.868323][T14106] loop7: detected capacity change from 0 to 512
[  309.921643][T14106] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.984087][T14115] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  310.000427][ T9130] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.321127][T14135] loop2: detected capacity change from 0 to 128
[  310.342405][T14135] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  310.350631][T14135] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  310.658910][T14137] loop6: detected capacity change from 0 to 4096
[  310.680963][T14137] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  310.694856][T14137] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.764834][T14141] loop7: detected capacity change from 0 to 512
[  310.794157][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.823635][T14141] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.904428][T14147] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  310.931393][T14149] loop6: detected capacity change from 0 to 512
[  310.963511][T14149] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  310.996038][ T9130] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.018279][T14155] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  311.080309][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.163773][T14171] loop4: detected capacity change from 0 to 128
[  311.201707][T14171] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  311.291269][T14170] loop7: detected capacity change from 0 to 4096
[  311.520055][T14179] loop2: detected capacity change from 0 to 128
[  311.536898][T14170] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  311.574039][T14171] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  311.607034][T14179] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  311.615291][T14179] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  311.664558][T14171] team0 (unregistering): Failed to send port change of device team_slave_0 via netlink (err -105)
[  311.695326][T14171] team0 (unregistering): Port device team_slave_0 removed
[  311.711977][T14171] team0 (unregistering): Failed to send options change via netlink (err -105)
[  311.721165][T14171] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[  311.732097][T14171] team0 (unregistering): Port device team_slave_1 removed
[  311.764808][T14191] loop7: detected capacity change from 0 to 512
[  311.839971][T14198] loop4: detected capacity change from 0 to 512
[  311.905865][T14204] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  312.127104][T14222] loop4: detected capacity change from 0 to 512
[  312.248573][T14243] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  312.381378][T14259] netlink: 'syz.4.3495': attribute type 10 has an invalid length.
[  312.631554][T14273] loop2: detected capacity change from 0 to 128
[  312.678487][T14273] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  312.686713][T14273] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  312.847072][T14283] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  312.847604][T14285] __nla_validate_parse: 20 callbacks suppressed
[  312.847620][T14285] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3502'.
[  312.881591][T14285] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3502'.
[  312.884409][T14289] netlink: 87 bytes leftover after parsing attributes in process `syz.4.3504'.
[  312.913597][T14285] loop7: detected capacity change from 0 to 512
[  312.962766][T14295] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  312.971326][T14295] tipc: Resetting bearer <eth:syzkaller0>
[  312.978386][T14294] tipc: Disabling bearer <eth:syzkaller0>
[  312.992638][   T29] kauditd_printk_skb: 155 callbacks suppressed
[  312.992653][   T29] audit: type=1400 audit(1757333668.859:16152): avc:  denied  { map } for  pid=14298 comm="syz.4.3510" path="socket:[41645]" dev="sockfs" ino=41645 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  313.132495][T14315] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3516'.
[  313.154451][T14315] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3516'.
[  313.180663][T14320] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  313.211480][T14315] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3516'.
[  313.213283][T14326] netlink: 87 bytes leftover after parsing attributes in process `syz.4.3521'.
[  313.267545][T14331] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3523'.
[  313.288086][T14335] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3524'.
[  313.305360][T14331] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3523'.
[  313.324034][T14331] loop2: detected capacity change from 0 to 512
[  313.352657][   T29] audit: type=1326 audit(1757333669.219:16153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14342 comm="syz.6.3529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  313.376388][   T29] audit: type=1326 audit(1757333669.219:16154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14342 comm="syz.6.3529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  313.387047][T14343] 0ªî{X¹¦: renamed from gretap0
[  313.400454][   T29] audit: type=1326 audit(1757333669.219:16155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14342 comm="syz.6.3529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  313.428729][   T29] audit: type=1326 audit(1757333669.219:16156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14342 comm="syz.6.3529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  313.452522][   T29] audit: type=1326 audit(1757333669.219:16157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14342 comm="syz.6.3529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  313.479969][   T29] audit: type=1326 audit(1757333669.239:16158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14342 comm="syz.6.3529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  313.490616][T14343] 0ªî{X¹¦: entered allmulticast mode
[  313.503660][   T29] audit: type=1326 audit(1757333669.239:16159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14342 comm="syz.6.3529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  313.519448][T14343] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  313.532651][   T29] audit: type=1326 audit(1757333669.239:16160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14342 comm="syz.6.3529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  313.548706][T14351] tipc: Started in network mode
[  313.572012][   T29] audit: type=1326 audit(1757333669.239:16161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14342 comm="syz.6.3529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  313.576882][T14351] tipc: Node identity 661d14fdf23e, cluster identity 4711
[  313.607586][T14351] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  313.627032][T14337] tipc: Resetting bearer <eth:syzkaller0>
[  313.649488][T14336] tipc: Disabling bearer <eth:syzkaller0>
[  313.737151][T14363] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  313.811339][T14371] loop6: detected capacity change from 0 to 1024
[  313.864328][T14371] ext4 filesystem being mounted at /359/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.063069][T14399] loop4: detected capacity change from 0 to 512
[  314.072779][T14400] loop2: detected capacity change from 0 to 128
[  314.106926][T14400] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  314.115385][T14400] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  314.130700][T14399] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.252728][T14409] loop7: detected capacity change from 0 to 128
[  314.342628][T14411] syzkaller0: entered promiscuous mode
[  314.348157][T14411] syzkaller0: entered allmulticast mode
[  314.558856][T14401] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  314.566754][T14401] FAT-fs (loop7): Filesystem has been set read-only
[  314.573381][T14401] bio_check_eod: 8745 callbacks suppressed
[  314.573392][T14401] syz.7.3544: attempt to access beyond end of device
[  314.573392][T14401] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  314.592985][T14401] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  314.600900][T14401] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  314.608960][T14390] syz.7.3544: attempt to access beyond end of device
[  314.608960][T14390] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  314.622243][T14401] syz.7.3544: attempt to access beyond end of device
[  314.622243][T14401] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  314.635642][T14390] syz.7.3544: attempt to access beyond end of device
[  314.635642][T14390] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  314.648908][T14401] syz.7.3544: attempt to access beyond end of device
[  314.648908][T14401] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  314.649153][T14399] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  314.662351][T14401] syz.7.3544: attempt to access beyond end of device
[  314.662351][T14401] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  314.669736][T14399] batman_adv: batadv0: Removing interface: batadv_slave_0
[  314.682961][T14401] syz.7.3544: attempt to access beyond end of device
[  314.682961][T14401] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  314.682994][T14401] syz.7.3544: attempt to access beyond end of device
[  314.682994][T14401] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  314.716702][T14390] syz.7.3544: attempt to access beyond end of device
[  314.716702][T14390] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  314.729970][T14401] syz.7.3544: attempt to access beyond end of device
[  314.729970][T14401] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  314.880899][T14399] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  314.888444][T14399] batman_adv: batadv0: Removing interface: batadv_slave_1
[  315.009630][T14409] netdevsim netdevsim7: loading /lib/firmware/. failed with error -22
[  315.017843][T14409] netdevsim netdevsim7: Direct firmware load for . failed with error -22
[  315.063080][T14424] lo speed is unknown, defaulting to 1000
[  315.332024][T14458] loop7: detected capacity change from 0 to 512
[  315.535624][   T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x4
[  315.543409][   T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x2
[  315.642747][T14486] loop4: detected capacity change from 0 to 128
[  315.704381][T14489] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  315.712368][T14489] FAT-fs (loop4): Filesystem has been set read-only
[  315.719023][T14489] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  315.726897][T14489] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  315.915922][T14473] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  315.924169][T14473] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  315.948473][   T23] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x3
[  316.006276][   T23] hid-generic 0000:3000000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  316.113205][T14493] fido_id[14493]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  316.336765][T14515] loop6: detected capacity change from 0 to 128
[  316.343661][T14515] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  316.374136][T14515] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  316.426451][T14531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  316.431416][   T23] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x4
[  316.435206][T14531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  316.442614][   T23] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x2
[  316.477502][   T23] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x3
[  316.490430][T14537] loop2: detected capacity change from 0 to 512
[  316.505172][   T23] hid-generic 0000:3000000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  316.689838][T14567] syzkaller0: entered promiscuous mode
[  316.695341][T14567] syzkaller0: entered allmulticast mode
[  316.911239][T14574] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  316.963448][   T23] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x4
[  316.971350][   T23] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x2
[  316.984323][   T23] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x3
[  316.994726][   T23] hid-generic 0000:3000000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  317.044542][T14580] fido_id[14580]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  317.405035][T14604] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  317.665452][T14618] loop6: detected capacity change from 0 to 128
[  317.672110][T14614] loop7: detected capacity change from 0 to 512
[  317.674471][T14618] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  317.690287][T14619] loop4: detected capacity change from 0 to 128
[  317.706116][T14618] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  317.718538][T14619] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  317.726790][T14619] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  317.763320][T14621] syzkaller0: entered promiscuous mode
[  317.768965][T14621] syzkaller0: entered allmulticast mode
[  317.933424][T14640] loop7: detected capacity change from 0 to 1024
[  317.953428][T14638] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  317.963666][T14640] ext4 filesystem being mounted at /335/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  317.989719][T14640] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: comm syz.7.3623: lblock 0 mapped to illegal pblock 0 (length 1)
[  318.031023][T14640] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  318.043430][T14640] EXT4-fs (loop7): This should not happen!! Data will be lost
[  318.043430][T14640] 
[  318.101919][T14640] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: comm syz.7.3623: lblock 0 mapped to illegal pblock 0 (length 1)
[  318.133795][T14640] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  318.146146][T14640] EXT4-fs (loop7): This should not happen!! Data will be lost
[  318.146146][T14640] 
[  318.177843][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  318.177861][   T29] audit: type=1326 audit(1757333674.039:16198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.7.3623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54129ebe9 code=0x7ffc0000
[  318.216815][   T29] audit: type=1326 audit(1757333674.039:16199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.7.3623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54129ebe9 code=0x7ffc0000
[  318.240445][   T29] audit: type=1326 audit(1757333674.079:16200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.7.3623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7fa54129ebe9 code=0x7ffc0000
[  318.264071][   T29] audit: type=1326 audit(1757333674.079:16201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.7.3623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54129ebe9 code=0x7ffc0000
[  318.287677][   T29] audit: type=1326 audit(1757333674.079:16202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.7.3623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54129ebe9 code=0x7ffc0000
[  318.311277][   T29] audit: type=1326 audit(1757333674.079:16203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.7.3623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa54129ebe9 code=0x7ffc0000
[  318.334883][   T29] audit: type=1326 audit(1757333674.079:16204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.7.3623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54129ebe9 code=0x7ffc0000
[  318.358578][   T29] audit: type=1326 audit(1757333674.079:16205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.7.3623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54129ebe9 code=0x7ffc0000
[  318.382192][   T29] audit: type=1326 audit(1757333674.079:16206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.7.3623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fa54129ebe9 code=0x7ffc0000
[  318.405924][   T29] audit: type=1326 audit(1757333674.079:16207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14639 comm="syz.7.3623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54129ebe9 code=0x7ffc0000
[  318.432835][T14650] __nla_validate_parse: 17 callbacks suppressed
[  318.432888][T14650] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3625'.
[  318.461670][T14654] loop4: detected capacity change from 0 to 1024
[  318.469388][T14029] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: comm kworker/u8:48: lblock 0 mapped to illegal pblock 0 (length 1)
[  318.508161][T14029] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  318.520521][T14029] EXT4-fs (loop7): This should not happen!! Data will be lost
[  318.520521][T14029] 
[  318.539803][T14022] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: block 4: comm kworker/u8:41: lblock 4 mapped to illegal pblock 4 (length 2)
[  318.575325][T14654] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 305:freeing already freed block (bit 19); block bitmap corrupt.
[  318.596315][T14666] syzkaller0: entered promiscuous mode
[  318.601860][T14666] syzkaller0: entered allmulticast mode
[  318.602168][T14022] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 2 with error 117
[  318.619814][T14022] EXT4-fs (loop7): This should not happen!! Data will be lost
[  318.619814][T14022] 
[  318.642398][T14668] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  318.721826][T14675] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3636'.
[  318.769513][T14675] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3636'.
[  318.836203][T14675] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3636'.
[  318.852158][T14687] loop6: detected capacity change from 0 to 4096
[  318.870027][T14687] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  318.893033][T14687] EXT4-fs mount: 26 callbacks suppressed
[  318.893046][T14687] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.975490][T14701] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3645'.
[  319.007950][T14701] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3645'.
[  319.019394][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.044583][T14701] loop4: detected capacity change from 0 to 512
[  319.113702][T14701] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.155079][T14710] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  319.206591][T14712] loop7: detected capacity change from 0 to 512
[  319.229909][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.260663][T14712] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #15: comm syz.7.3648: casefold flag without casefold feature
[  319.279763][T14712] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.3648: couldn't read orphan inode 15 (err -117)
[  319.292189][T14714] syzkaller0: entered promiscuous mode
[  319.297732][T14714] syzkaller0: entered allmulticast mode
[  319.329581][T14712] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.412444][T14726] loop2: detected capacity change from 0 to 128
[  319.443807][T14726] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  319.468717][T14726] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  319.502307][T14726] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3654'.
[  319.565150][T14739] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  319.685626][T14754] netlink: 87 bytes leftover after parsing attributes in process `syz.6.3666'.
[  319.702116][T14760] loop2: detected capacity change from 0 to 128
[  319.709303][T14760] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  319.724889][T14760] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  319.755097][T14760] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3669'.
[  319.838214][T14776] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3676'.
[  319.909929][T14779] loop2: detected capacity change from 0 to 128
[  319.916683][T14779] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  319.930378][T14779] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  320.400527][   T23] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x4
[  320.420861][   T23] hid-generic 0000:3000000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  320.462110][T14806] fido_id[14806]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  320.553472][T14812] loop2: detected capacity change from 0 to 128
[  320.773235][T14816] loop4: detected capacity change from 0 to 512
[  320.826099][T14804] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  320.834066][T14804] FAT-fs (loop2): Filesystem has been set read-only
[  320.840774][T14804] bio_check_eod: 24430 callbacks suppressed
[  320.840790][T14804] syz.2.3682: attempt to access beyond end of device
[  320.840790][T14804] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  320.860495][T14804] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  320.868315][T14804] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  320.876462][T14804] syz.2.3682: attempt to access beyond end of device
[  320.876462][T14804] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  320.889942][T14804] syz.2.3682: attempt to access beyond end of device
[  320.889942][T14804] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  320.898160][T14816] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.903439][T14804] syz.2.3682: attempt to access beyond end of device
[  320.903439][T14804] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  320.929002][T14804] syz.2.3682: attempt to access beyond end of device
[  320.929002][T14804] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  320.942448][T14797] syz.2.3682: attempt to access beyond end of device
[  320.942448][T14797] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  320.955895][T14797] syz.2.3682: attempt to access beyond end of device
[  320.955895][T14797] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  320.969171][T14804] syz.2.3682: attempt to access beyond end of device
[  320.969171][T14804] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  320.982468][T14804] syz.2.3682: attempt to access beyond end of device
[  320.982468][T14804] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  320.995742][T14797] syz.2.3682: attempt to access beyond end of device
[  320.995742][T14797] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  321.009848][T14812] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  321.018047][T14812] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  321.028340][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.499974][T14866] loop2: detected capacity change from 0 to 128
[  321.799921][T14863] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  321.808013][T14863] FAT-fs (loop2): Filesystem has been set read-only
[  321.815504][T14863] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  321.823615][T14863] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  322.126586][T14866] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  322.134846][T14866] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  322.178109][T14877] loop6: detected capacity change from 0 to 128
[  322.187364][T14877] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  322.195347][T14877] FAT-fs (loop6): Filesystem has been set read-only
[  322.202051][T14877] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  322.209910][T14877] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  322.238680][T14878] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  322.246964][T14878] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  322.423481][ T3391] hid_parser_main: 2 callbacks suppressed
[  322.423499][ T3391] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x4
[  322.437497][ T3391] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x2
[  322.512520][T14890] loop4: detected capacity change from 0 to 512
[  322.566080][ T3391] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x3
[  322.570568][T14890] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.584124][T14897] loop6: detected capacity change from 0 to 512
[  322.603715][ T3391] hid-generic 0000:3000000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  322.630177][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.643009][T14901] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14901 comm=syz.7.3720
[  322.680764][T14902] fido_id[14902]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  322.695540][T14897] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.713499][T14897] ext4 filesystem being mounted at /394/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  322.742851][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.853528][T14922] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  322.862621][T14922] tipc: Resetting bearer <eth:syzkaller0>
[  322.873414][T14921] tipc: Disabling bearer <eth:syzkaller0>
[  322.952864][T14925] loop2: detected capacity change from 0 to 128
[  322.959993][T14925] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  322.975354][T14925] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  323.666455][ T2957] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x4
[  323.674288][ T2957] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x2
[  323.686261][ T2957] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x3
[  323.702841][ T2957] hid-generic 0000:3000000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  323.714178][T14949] loop4: detected capacity change from 0 to 512
[  323.741647][T14950] fido_id[14950]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  323.771382][T14949] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.794269][T14949] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  323.812058][T14956] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  323.821819][T14960] loop6: detected capacity change from 0 to 128
[  323.829801][T14949] __nla_validate_parse: 18 callbacks suppressed
[  323.829820][T14949] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3734'.
[  323.832756][T14960] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  323.857743][T14960] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  323.862657][T14956] tipc: Resetting bearer <eth:syzkaller0>
[  323.880987][T14955] tipc: Disabling bearer <eth:syzkaller0>
[  323.893637][   T29] kauditd_printk_skb: 105 callbacks suppressed
[  323.893655][   T29] audit: type=1326 audit(1757333679.759:16313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14961 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  323.925959][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.927597][   T29] audit: type=1326 audit(1757333679.779:16314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14961 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  323.958898][   T29] audit: type=1326 audit(1757333679.779:16315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14961 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  323.968573][T14960] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3738'.
[  323.982660][   T29] audit: type=1326 audit(1757333679.779:16316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14961 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  324.015264][   T29] audit: type=1326 audit(1757333679.779:16317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14961 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  324.039053][   T29] audit: type=1326 audit(1757333679.779:16318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14961 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  324.062929][   T29] audit: type=1326 audit(1757333679.779:16319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14961 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  324.086795][   T29] audit: type=1326 audit(1757333679.779:16320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14961 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  324.110678][   T29] audit: type=1326 audit(1757333679.779:16321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14961 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  324.134388][   T29] audit: type=1326 audit(1757333679.779:16322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14961 comm="syz.2.3739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  324.547743][T14983] loop6: detected capacity change from 0 to 128
[  324.571228][T14983] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  324.579457][T14983] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  324.767440][T14987] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14987 comm=syz.3.3746
[  324.808502][   T23] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x4
[  324.816414][   T23] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x2
[  324.831042][   T23] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x3
[  324.840290][   T23] hid-generic 0000:3000000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  324.874034][T14997] loop2: detected capacity change from 0 to 512
[  324.900380][T14995] fido_id[14995]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  324.900613][T14997] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.926912][T14997] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  324.946467][T14997] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3750'.
[  324.970137][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.991454][T15002] loop2: detected capacity change from 0 to 512
[  325.005624][T14991] loop4: detected capacity change from 0 to 32768
[  325.032185][T15002] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.055959][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.066065][ T3294]  loop4: p1 p3 < >
[  325.088941][T14991]  loop4: p1 p3 < >
[  325.230190][T15012] netlink: 87 bytes leftover after parsing attributes in process `syz.6.3754'.
[  325.450755][T15020] loop2: detected capacity change from 0 to 128
[  325.522296][T15021] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  325.530242][T15021] FAT-fs (loop2): Filesystem has been set read-only
[  325.536875][T15021] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  325.544763][T15021] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  325.579164][T15013] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  325.587480][T15013] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  325.616679][ T3538] udevd[3538]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  325.718411][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  325.742517][ T3538] udevd[3538]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  325.752679][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  325.849014][T15021] bio_check_eod: 36391 callbacks suppressed
[  325.849033][T15021] syz.2.3752: attempt to access beyond end of device
[  325.849033][T15021] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  325.868221][T15021] syz.2.3752: attempt to access beyond end of device
[  325.868221][T15021] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  325.881494][T15021] syz.2.3752: attempt to access beyond end of device
[  325.881494][T15021] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  325.894745][T15021] syz.2.3752: attempt to access beyond end of device
[  325.894745][T15021] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  325.907999][T15021] syz.2.3752: attempt to access beyond end of device
[  325.907999][T15021] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  325.921314][T15021] syz.2.3752: attempt to access beyond end of device
[  325.921314][T15021] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  325.934561][T15021] syz.2.3752: attempt to access beyond end of device
[  325.934561][T15021] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  325.948006][T15021] syz.2.3752: attempt to access beyond end of device
[  325.948006][T15021] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  326.055617][T15041] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3765'.
[  326.064963][T15041] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3765'.
[  326.314786][T15053] loop2: detected capacity change from 0 to 128
[  326.549895][T15046] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  326.558244][T15046] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  326.976672][T15064] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  327.092047][T15068] netlink: 'syz.6.3773': attribute type 1 has an invalid length.
[  327.184907][T15064] blktrace: Concurrent blktraces are not allowed on loop8
[  327.254558][T15064] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3772'.
[  327.285957][T15075] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3776'.
[  327.299784][T15075] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3776'.
[  327.327283][T15079] loop6: detected capacity change from 0 to 2048
[  327.371721][T15079] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.394788][T15079] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  327.468420][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.784103][T15114] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  327.794246][T15114] tipc: Resetting bearer <eth:syzkaller0>
[  327.801734][T15113] tipc: Disabling bearer <eth:syzkaller0>
[  327.905532][T15124] loop4: detected capacity change from 0 to 128
[  327.933328][T15122] netlink: 87 bytes leftover after parsing attributes in process `syz.2.3791'.
[  327.968190][T15125] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  327.976455][T15125] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  328.165926][T15136] FAULT_INJECTION: forcing a failure.
[  328.165926][T15136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.179119][T15136] CPU: 0 UID: 0 PID: 15136 Comm: syz.2.3794 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  328.179248][T15136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  328.179259][T15136] Call Trace:
[  328.179264][T15136]  <TASK>
[  328.179271][T15136]  __dump_stack+0x1d/0x30
[  328.179289][T15136]  dump_stack_lvl+0xe8/0x140
[  328.179384][T15136]  dump_stack+0x15/0x1b
[  328.179398][T15136]  should_fail_ex+0x265/0x280
[  328.179419][T15136]  should_fail+0xb/0x20
[  328.179437][T15136]  should_fail_usercopy+0x1a/0x20
[  328.179487][T15136]  _copy_to_user+0x20/0xa0
[  328.179515][T15136]  simple_read_from_buffer+0xb5/0x130
[  328.179535][T15136]  proc_fail_nth_read+0x10e/0x150
[  328.179559][T15136]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  328.179656][T15136]  vfs_read+0x1a5/0x770
[  328.179674][T15136]  ? __rcu_read_unlock+0x4f/0x70
[  328.179750][T15136]  ? __fget_files+0x184/0x1c0
[  328.179773][T15136]  ksys_read+0xda/0x1a0
[  328.179832][T15136]  __x64_sys_read+0x40/0x50
[  328.179851][T15136]  x64_sys_call+0x27bc/0x2ff0
[  328.179870][T15136]  do_syscall_64+0xd2/0x200
[  328.179897][T15136]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  328.179919][T15136]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  328.180014][T15136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.180033][T15136] RIP: 0033:0x7fe66625d5fc
[  328.180046][T15136] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  328.180062][T15136] RSP: 002b:00007fe664cc7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  328.180078][T15136] RAX: ffffffffffffffda RBX: 00007fe666495fa0 RCX: 00007fe66625d5fc
[  328.180089][T15136] RDX: 000000000000000f RSI: 00007fe664cc70a0 RDI: 0000000000000006
[  328.180100][T15136] RBP: 00007fe664cc7090 R08: 0000000000000000 R09: 0000000000000000
[  328.180142][T15136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.180153][T15136] R13: 00007fe666496038 R14: 00007fe666495fa0 R15: 00007ffe51300cb8
[  328.180169][T15136]  </TASK>
[  328.411327][ T3412] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x4
[  328.419066][ T3412] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x2
[  328.433306][ T3412] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x3
[  328.464178][ T3412] hid-generic 0000:3000000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  329.233525][T15196] loop6: detected capacity change from 0 to 128
[  329.267257][T15189] Set syz1 is full, maxelem 65536 reached
[  329.300467][T15197] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  329.308703][T15197] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  329.413968][T15199] __nla_validate_parse: 8 callbacks suppressed
[  329.414006][T15199] netlink: 87 bytes leftover after parsing attributes in process `syz.2.3817'.
[  329.465002][T15201] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  329.568538][T15209] loop2: detected capacity change from 0 to 128
[  329.603673][T15209] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  329.626611][T15209] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  329.727481][T15209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3821'.
[  329.853707][T15232] loop2: detected capacity change from 0 to 4096
[  330.084275][T15232] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  330.230120][T15232] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.275557][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.340473][T15246] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3834'.
[  330.350108][T15244] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  330.355434][T15243] netlink: 87 bytes leftover after parsing attributes in process `syz.3.3833'.
[  330.385533][T15246] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3834'.
[  330.423521][T15246] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3834'.
[  330.453335][   T29] kauditd_printk_skb: 66 callbacks suppressed
[  330.453361][   T29] audit: type=1326 audit(1757333686.319:16389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15257 comm="syz.2.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  330.484032][   T29] audit: type=1326 audit(1757333686.319:16390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15257 comm="syz.2.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  330.507696][   T29] audit: type=1326 audit(1757333686.319:16391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15257 comm="syz.2.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  330.531356][   T29] audit: type=1326 audit(1757333686.319:16392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15257 comm="syz.2.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  330.554998][   T29] audit: type=1326 audit(1757333686.319:16393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15257 comm="syz.2.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  330.578504][   T29] audit: type=1326 audit(1757333686.319:16394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15257 comm="syz.2.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  330.602192][   T29] audit: type=1326 audit(1757333686.319:16395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15257 comm="syz.2.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  330.626103][   T29] audit: type=1326 audit(1757333686.319:16396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15257 comm="syz.2.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  330.649704][   T29] audit: type=1326 audit(1757333686.319:16397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15257 comm="syz.2.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  330.673378][   T29] audit: type=1326 audit(1757333686.319:16398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15257 comm="syz.2.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  330.747393][T15270] loop4: detected capacity change from 0 to 4096
[  330.754797][T15262] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3840'.
[  330.763801][T15262] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3840'.
[  330.791056][T15270] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  330.821655][T15270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.836368][T15262] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3840'.
[  330.892091][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.914315][T15262] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3840'.
[  330.987927][T15282] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  331.050953][T15292] loop4: detected capacity change from 0 to 512
[  331.077997][T15292] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.124169][T15301] FAULT_INJECTION: forcing a failure.
[  331.124169][T15301] name failslab, interval 1, probability 0, space 0, times 0
[  331.126060][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.136989][T15301] CPU: 0 UID: 0 PID: 15301 Comm: syz.2.3855 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  331.137058][T15301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  331.137073][T15301] Call Trace:
[  331.137080][T15301]  <TASK>
[  331.137089][T15301]  __dump_stack+0x1d/0x30
[  331.137115][T15301]  dump_stack_lvl+0xe8/0x140
[  331.137192][T15301]  dump_stack+0x15/0x1b
[  331.137211][T15301]  should_fail_ex+0x265/0x280
[  331.137240][T15301]  should_failslab+0x8c/0xb0
[  331.137328][T15301]  kmem_cache_alloc_noprof+0x50/0x310
[  331.137388][T15301]  ? getname_flags+0x80/0x3b0
[  331.137422][T15301]  getname_flags+0x80/0x3b0
[  331.137527][T15301]  __se_sys_quotactl+0x16a/0x670
[  331.137584][T15301]  __x64_sys_quotactl+0x55/0x70
[  331.137607][T15301]  x64_sys_call+0x15d6/0x2ff0
[  331.137633][T15301]  do_syscall_64+0xd2/0x200
[  331.137735][T15301]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  331.137764][T15301]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  331.137798][T15301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.137823][T15301] RIP: 0033:0x7fe66625ebe9
[  331.137839][T15301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.137935][T15301] RSP: 002b:00007fe664cc7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  331.138022][T15301] RAX: ffffffffffffffda RBX: 00007fe666495fa0 RCX: 00007fe66625ebe9
[  331.138040][T15301] RDX: 0000000000000000 RSI: 0000200000004080 RDI: ffffffff80000200
[  331.138057][T15301] RBP: 00007fe664cc7090 R08: 0000000000000000 R09: 0000000000000000
[  331.138074][T15301] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  331.138091][T15301] R13: 00007fe666496038 R14: 00007fe666495fa0 R15: 00007ffe51300cb8
[  331.138117][T15301]  </TASK>
[  331.433228][T15321] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  331.445179][T15315] loop4: detected capacity change from 0 to 4096
[  331.469883][T15315] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  331.546499][T15315] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.607476][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.648862][T15335] loop2: detected capacity change from 0 to 1024
[  331.656815][T15335] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  331.682361][T15343] FAULT_INJECTION: forcing a failure.
[  331.682361][T15343] name failslab, interval 1, probability 0, space 0, times 0
[  331.695218][T15343] CPU: 0 UID: 0 PID: 15343 Comm: syz.4.3868 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  331.695246][T15343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  331.695258][T15343] Call Trace:
[  331.695265][T15343]  <TASK>
[  331.695272][T15343]  __dump_stack+0x1d/0x30
[  331.695290][T15343]  dump_stack_lvl+0xe8/0x140
[  331.695309][T15343]  dump_stack+0x15/0x1b
[  331.695326][T15343]  should_fail_ex+0x265/0x280
[  331.695476][T15343]  should_failslab+0x8c/0xb0
[  331.695564][T15343]  kmem_cache_alloc_noprof+0x50/0x310
[  331.695588][T15343]  ? getname_flags+0x80/0x3b0
[  331.695655][T15343]  ? kstrtoull+0x111/0x140
[  331.695680][T15343]  getname_flags+0x80/0x3b0
[  331.695703][T15343]  vfs_fstatat+0x43/0x170
[  331.695755][T15343]  __se_sys_newfstatat+0x55/0x260
[  331.695838][T15343]  ? __fget_files+0x184/0x1c0
[  331.696034][T15343]  ? fput+0x8f/0xc0
[  331.696107][T15343]  ? ksys_write+0x192/0x1a0
[  331.696131][T15343]  __x64_sys_newfstatat+0x55/0x70
[  331.696184][T15343]  x64_sys_call+0x135a/0x2ff0
[  331.696207][T15343]  do_syscall_64+0xd2/0x200
[  331.696414][T15343]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  331.696440][T15343]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  331.696471][T15343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.696560][T15343] RIP: 0033:0x7f08459aebe9
[  331.696577][T15343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.696620][T15343] RSP: 002b:00007f084440f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000106
[  331.696717][T15343] RAX: ffffffffffffffda RBX: 00007f0845be5fa0 RCX: 00007f08459aebe9
[  331.696731][T15343] RDX: 0000200000000700 RSI: 0000200000002880 RDI: ffffffffffffff9c
[  331.696745][T15343] RBP: 00007f084440f090 R08: 0000000000000000 R09: 0000000000000000
[  331.696759][T15343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.696773][T15343] R13: 00007f0845be6038 R14: 00007f0845be5fa0 R15: 00007ffce017b628
[  331.696795][T15343]  </TASK>
[  331.733658][T15343] loop4: detected capacity change from 0 to 2048
[  331.770133][T15343]  loop4: p1 < > p4
[  331.779059][T15343] loop4: p4 size 8388608 extends beyond EOD, truncated
[  331.814838][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  331.820272][ T3539] udevd[3539]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  331.840828][T15352] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  331.991384][T15369] loop6: detected capacity change from 0 to 128
[  332.009902][T15369] FAULT_INJECTION: forcing a failure.
[  332.009902][T15369] name failslab, interval 1, probability 0, space 0, times 0
[  332.009927][T15369] CPU: 0 UID: 0 PID: 15369 Comm: syz.6.3880 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  332.009963][T15369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  332.009977][T15369] Call Trace:
[  332.009983][T15369]  <TASK>
[  332.010021][T15369]  __dump_stack+0x1d/0x30
[  332.010043][T15369]  dump_stack_lvl+0xe8/0x140
[  332.010060][T15369]  dump_stack+0x15/0x1b
[  332.010078][T15369]  should_fail_ex+0x265/0x280
[  332.010104][T15369]  should_failslab+0x8c/0xb0
[  332.010150][T15369]  kmem_cache_alloc_noprof+0x50/0x310
[  332.010182][T15369]  ? security_file_alloc+0x32/0x100
[  332.010217][T15369]  security_file_alloc+0x32/0x100
[  332.010323][T15369]  init_file+0x5c/0x1d0
[  332.010388][T15369]  alloc_empty_file+0x8b/0x200
[  332.010456][T15369]  path_openat+0x68/0x2170
[  332.010479][T15369]  ? _parse_integer_limit+0x170/0x190
[  332.010506][T15369]  ? kstrtoull+0x111/0x140
[  332.010532][T15369]  ? kstrtouint+0x76/0xc0
[  332.010558][T15369]  do_filp_open+0x109/0x230
[  332.010618][T15369]  do_sys_openat2+0xa6/0x110
[  332.010656][T15369]  __x64_sys_openat+0xf2/0x120
[  332.010689][T15369]  x64_sys_call+0x2e9c/0x2ff0
[  332.010769][T15369]  do_syscall_64+0xd2/0x200
[  332.010802][T15369]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  332.010828][T15369]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  332.011014][T15369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.011129][T15369] RIP: 0033:0x7f5c32b6ebe9
[  332.011146][T15369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.011167][T15369] RSP: 002b:00007f5c315d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  332.011188][T15369] RAX: ffffffffffffffda RBX: 00007f5c32da5fa0 RCX: 00007f5c32b6ebe9
[  332.011202][T15369] RDX: 00000000001c1042 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  332.011217][T15369] RBP: 00007f5c315d7090 R08: 0000000000000000 R09: 0000000000000000
[  332.011247][T15369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.011261][T15369] R13: 00007f5c32da6038 R14: 00007f5c32da5fa0 R15: 00007ffdd9fe3a48
[  332.011283][T15369]  </TASK>
[  333.174585][T15460] loop6: detected capacity change from 0 to 128
[  333.239791][T15461] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  333.247672][T15461] FAT-fs (loop6): Filesystem has been set read-only
[  333.254321][T15461] syz.6.3906: attempt to access beyond end of device
[  333.254321][T15461] loop6: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  333.268102][T15461] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  333.276126][T15461] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  333.284438][T15461] syz.6.3906: attempt to access beyond end of device
[  333.284438][T15461] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  333.297710][T15461] syz.6.3906: attempt to access beyond end of device
[  333.297710][T15461] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  333.311331][T15461] syz.6.3906: attempt to access beyond end of device
[  333.311331][T15461] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  333.324639][T15461] syz.6.3906: attempt to access beyond end of device
[  333.324639][T15461] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  333.337906][T15461] syz.6.3906: attempt to access beyond end of device
[  333.337906][T15461] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  333.351285][T15450] syz.6.3906: attempt to access beyond end of device
[  333.351285][T15450] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  333.364576][T15450] syz.6.3906: attempt to access beyond end of device
[  333.364576][T15450] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  333.377838][T15450] syz.6.3906: attempt to access beyond end of device
[  333.377838][T15450] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  333.392974][T15461] syz.6.3906: attempt to access beyond end of device
[  333.392974][T15461] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  333.433710][T15456] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  333.442073][T15456] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  333.567340][T15464] netlink: 'syz.4.3909': attribute type 1 has an invalid length.
[  333.932790][T15501] loop4: detected capacity change from 0 to 512
[  334.031825][T15501] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.084824][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.470583][T15566] loop4: detected capacity change from 0 to 512
[  334.521373][T15566] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.544399][T15566] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.563628][T15572] can0: slcan on ttyS3.
[  334.568712][T15566] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm ’: iget: bad i_size value: 2533274857506816
[  334.629906][T15572] can0 (unregistered): slcan off ttyS3.
[  334.772854][T15577] __nla_validate_parse: 31 callbacks suppressed
[  334.772874][T15577] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  334.787878][T15577] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  334.809104][T15577] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  334.836397][T15577] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  334.844993][T15577] netlink: 84 bytes leftover after parsing attributes in process `+}[@'.
[  334.993062][T15592] FAULT_INJECTION: forcing a failure.
[  334.993062][T15592] name failslab, interval 1, probability 0, space 0, times 0
[  335.005804][T15592] CPU: 1 UID: 0 PID: 15592 Comm: syz.7.3947 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  335.005881][T15592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  335.005893][T15592] Call Trace:
[  335.005899][T15592]  <TASK>
[  335.005906][T15592]  __dump_stack+0x1d/0x30
[  335.005926][T15592]  dump_stack_lvl+0xe8/0x140
[  335.005947][T15592]  dump_stack+0x15/0x1b
[  335.005979][T15592]  should_fail_ex+0x265/0x280
[  335.006009][T15592]  should_failslab+0x8c/0xb0
[  335.006111][T15592]  kmem_cache_alloc_node_noprof+0x57/0x320
[  335.006167][T15592]  ? __alloc_skb+0x101/0x320
[  335.006189][T15592]  __alloc_skb+0x101/0x320
[  335.006207][T15592]  ? audit_log_start+0x365/0x6c0
[  335.006240][T15592]  audit_log_start+0x380/0x6c0
[  335.006321][T15592]  audit_seccomp+0x48/0x100
[  335.006353][T15592]  ? __seccomp_filter+0x68c/0x10d0
[  335.006376][T15592]  __seccomp_filter+0x69d/0x10d0
[  335.006473][T15592]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  335.006507][T15592]  ? vfs_write+0x7e8/0x960
[  335.006543][T15592]  __secure_computing+0x82/0x150
[  335.006567][T15592]  syscall_trace_enter+0xcf/0x1e0
[  335.006593][T15592]  do_syscall_64+0xac/0x200
[  335.006631][T15592]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  335.006661][T15592]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  335.006698][T15592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.006795][T15592] RIP: 0033:0x7fa54129ebe9
[  335.006814][T15592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.006897][T15592] RSP: 002b:00007fa53fd07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  335.006963][T15592] RAX: ffffffffffffffda RBX: 00007fa5414d5fa0 RCX: 00007fa54129ebe9
[  335.006975][T15592] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  335.006987][T15592] RBP: 00007fa53fd07090 R08: 0000000000000000 R09: 0000000000000000
[  335.007059][T15592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.007074][T15592] R13: 00007fa5414d6038 R14: 00007fa5414d5fa0 R15: 00007ffec72c5258
[  335.007099][T15592]  </TASK>
[  335.252987][T15594] loop6: detected capacity change from 0 to 4096
[  335.262098][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.284937][T15594] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  335.325206][T15598] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  335.325916][T15594] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.510617][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.617763][T15624] netlink: 87 bytes leftover after parsing attributes in process `syz.6.3959'.
[  335.739935][T15630] can0: slcan on ttyS3.
[  335.825532][   T29] kauditd_printk_skb: 228 callbacks suppressed
[  335.825563][   T29] audit: type=1326 audit(1757333691.689:16625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15628 comm="syz.6.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  335.857449][T15635] vhci_hcd: invalid port number 254
[  335.890350][   T29] audit: type=1326 audit(1757333691.719:16626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15628 comm="syz.6.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  335.913997][   T29] audit: type=1326 audit(1757333691.719:16627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15628 comm="syz.6.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  335.937704][   T29] audit: type=1326 audit(1757333691.729:16628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15628 comm="syz.6.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  335.961313][   T29] audit: type=1326 audit(1757333691.739:16629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15628 comm="syz.6.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  335.999372][T15630] can0 (unregistered): slcan off ttyS3.
[  336.005994][   T29] audit: type=1326 audit(1757333691.869:16630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15628 comm="syz.6.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  336.029801][   T29] audit: type=1326 audit(1757333691.869:16631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15628 comm="syz.6.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c32b6ebe9 code=0x7ffc0000
[  336.149877][T15648] FAULT_INJECTION: forcing a failure.
[  336.149877][T15648] name failslab, interval 1, probability 0, space 0, times 0
[  336.162524][T15648] CPU: 1 UID: 0 PID: 15648 Comm: syz.2.3966 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  336.162618][T15648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  336.162628][T15648] Call Trace:
[  336.162634][T15648]  <TASK>
[  336.162640][T15648]  __dump_stack+0x1d/0x30
[  336.162659][T15648]  dump_stack_lvl+0xe8/0x140
[  336.162680][T15648]  dump_stack+0x15/0x1b
[  336.162721][T15648]  should_fail_ex+0x265/0x280
[  336.162742][T15648]  should_failslab+0x8c/0xb0
[  336.162767][T15648]  kmem_cache_alloc_noprof+0x50/0x310
[  336.162792][T15648]  ? getname_flags+0x80/0x3b0
[  336.162892][T15648]  getname_flags+0x80/0x3b0
[  336.162915][T15648]  user_path_at+0x28/0x130
[  336.162986][T15648]  __se_sys_mount+0x25b/0x2e0
[  336.163009][T15648]  ? fput+0x8f/0xc0
[  336.163036][T15648]  __x64_sys_mount+0x67/0x80
[  336.163088][T15648]  x64_sys_call+0x2b4d/0x2ff0
[  336.163107][T15648]  do_syscall_64+0xd2/0x200
[  336.163212][T15648]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  336.163234][T15648]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  336.163260][T15648]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.163362][T15648] RIP: 0033:0x7fe66625ebe9
[  336.163378][T15648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.163480][T15648] RSP: 002b:00007fe664cc7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  336.163499][T15648] RAX: ffffffffffffffda RBX: 00007fe666495fa0 RCX: 00007fe66625ebe9
[  336.163517][T15648] RDX: 0000200000000040 RSI: 0000200000000080 RDI: 0000000000000000
[  336.163528][T15648] RBP: 00007fe664cc7090 R08: 0000200000000400 R09: 0000000000000000
[  336.163542][T15648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.163556][T15648] R13: 00007fe666496038 R14: 00007fe666495fa0 R15: 00007ffe51300cb8
[  336.163621][T15648]  </TASK>
[  336.411088][T15658] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3969'.
[  336.450301][T15658] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3969'.
[  336.494673][ T3610] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x4
[  336.500133][   T29] audit: type=1326 audit(1757333692.359:16632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15666 comm="syz.3.3972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a242ebe9 code=0x7ffc0000
[  336.502407][ T3610] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x2
[  336.526135][   T29] audit: type=1326 audit(1757333692.359:16633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15666 comm="syz.3.3972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f81a242ebe9 code=0x7ffc0000
[  336.557334][   T29] audit: type=1326 audit(1757333692.359:16634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15666 comm="syz.3.3972" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f81a242ebe9 code=0x7ffc0000
[  336.561496][T15658] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3969'.
[  336.590639][ T3610] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x3
[  336.634765][ T3610] hid-generic 0000:3000000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  336.708440][T15677] fido_id[15677]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  336.750563][T15683] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3977'.
[  336.910476][T15694] loop2: detected capacity change from 0 to 512
[  337.010000][T15699] loop6: detected capacity change from 0 to 512
[  337.041147][T15700] loop4: detected capacity change from 0 to 128
[  337.082317][T15699] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  337.104294][T15705] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  337.112176][T15705] FAT-fs (loop4): Filesystem has been set read-only
[  337.118786][T15705] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  337.126750][T15705] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  337.297541][T15692] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  337.305783][T15692] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  337.324205][T15694] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  337.349088][T15699] ext4 filesystem being mounted at /454/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.359702][T15694] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.537581][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.633656][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.718830][ T3610] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x4
[  337.726625][ T3610] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x2
[  337.780750][ T3610] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x3
[  337.808699][ T3610] hid-generic 0000:3000000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  337.848858][T15740] fido_id[15740]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  337.973401][T15751] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  337.980727][T15751] syzkaller0: entered promiscuous mode
[  337.986234][T15751] syzkaller0: entered allmulticast mode
[  338.020951][T15751] tipc: Resetting bearer <eth:syzkaller0>
[  338.027926][T15750] tipc: Resetting bearer <eth:syzkaller0>
[  338.057042][T15750] tipc: Disabling bearer <eth:syzkaller0>
[  338.112078][   T36] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x4
[  338.119788][   T36] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x2
[  338.155985][   T36] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x3
[  338.189011][T15779] can0: slcan on ttyS3.
[  338.200181][   T36] hid-generic 0000:3000000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  338.379146][T15779] can0 (unregistered): slcan off ttyS3.
[  338.629527][T15794] fido_id[15794]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  338.932484][T15819] FAULT_INJECTION: forcing a failure.
[  338.932484][T15819] name failslab, interval 1, probability 0, space 0, times 0
[  338.945231][T15819] CPU: 1 UID: 0 PID: 15819 Comm: syz.3.4023 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  338.945258][T15819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  338.945272][T15819] Call Trace:
[  338.945279][T15819]  <TASK>
[  338.945287][T15819]  __dump_stack+0x1d/0x30
[  338.945387][T15819]  dump_stack_lvl+0xe8/0x140
[  338.945429][T15819]  dump_stack+0x15/0x1b
[  338.945448][T15819]  should_fail_ex+0x265/0x280
[  338.945469][T15819]  should_failslab+0x8c/0xb0
[  338.945564][T15819]  __kmalloc_noprof+0xa5/0x3e0
[  338.945594][T15819]  ? security_prepare_creds+0x52/0x120
[  338.945618][T15819]  security_prepare_creds+0x52/0x120
[  338.945650][T15819]  prepare_creds+0x34a/0x4c0
[  338.945677][T15819]  copy_creds+0x8f/0x3f0
[  338.945726][T15819]  copy_process+0x658/0x2000
[  338.945753][T15819]  ? kstrtouint+0x76/0xc0
[  338.945781][T15819]  ? __rcu_read_unlock+0x4f/0x70
[  338.945860][T15819]  kernel_clone+0x16c/0x5c0
[  338.945891][T15819]  ? vfs_write+0x7e8/0x960
[  338.945915][T15819]  __x64_sys_clone+0xe6/0x120
[  338.945954][T15819]  x64_sys_call+0x119c/0x2ff0
[  338.945979][T15819]  do_syscall_64+0xd2/0x200
[  338.946112][T15819]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  338.946141][T15819]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  338.946235][T15819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.946310][T15819] RIP: 0033:0x7f81a242ebe9
[  338.946325][T15819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.946345][T15819] RSP: 002b:00007f81a0e8efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  338.946367][T15819] RAX: ffffffffffffffda RBX: 00007f81a2665fa0 RCX: 00007f81a242ebe9
[  338.946382][T15819] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400
[  338.946397][T15819] RBP: 00007f81a0e8f090 R08: 0000000000000000 R09: 0000000000000000
[  338.946449][T15819] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  338.946463][T15819] R13: 00007f81a2666038 R14: 00007f81a2665fa0 R15: 00007fffc562a3d8
[  338.946485][T15819]  </TASK>
[  339.435908][T15846] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  339.442971][T15846] syzkaller0: entered promiscuous mode
[  339.448476][T15846] syzkaller0: entered allmulticast mode
[  339.457911][T15846] tipc: Resetting bearer <eth:syzkaller0>
[  339.464725][T15845] tipc: Resetting bearer <eth:syzkaller0>
[  339.474173][T15845] tipc: Disabling bearer <eth:syzkaller0>
[  339.979239][T15853] loop2: detected capacity change from 0 to 128
[  340.042254][T15851] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  340.050132][T15851] FAT-fs (loop2): Filesystem has been set read-only
[  340.056788][T15851] bio_check_eod: 27464 callbacks suppressed
[  340.056804][T15851] syz.2.4034: attempt to access beyond end of device
[  340.056804][T15851] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  340.076510][T15851] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  340.084362][T15851] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  340.092487][T15851] syz.2.4034: attempt to access beyond end of device
[  340.092487][T15851] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  340.092543][T15851] syz.2.4034: attempt to access beyond end of device
[  340.092543][T15851] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  340.092638][T15851] syz.2.4034: attempt to access beyond end of device
[  340.092638][T15851] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  340.092714][T15851] syz.2.4034: attempt to access beyond end of device
[  340.092714][T15851] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  340.092801][T15851] syz.2.4034: attempt to access beyond end of device
[  340.092801][T15851] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  340.092845][T15851] syz.2.4034: attempt to access beyond end of device
[  340.092845][T15851] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  340.092930][T15851] syz.2.4034: attempt to access beyond end of device
[  340.092930][T15851] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  340.092973][T15847] syz.2.4034: attempt to access beyond end of device
[  340.092973][T15847] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  340.093005][T15847] syz.2.4034: attempt to access beyond end of device
[  340.093005][T15847] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  340.212890][T15853] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  340.221120][T15853] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  340.691623][T15871] lo speed is unknown, defaulting to 1000
[  340.776270][T15877] __nla_validate_parse: 25 callbacks suppressed
[  340.776328][T15877] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4045'.
[  340.877823][T15877] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4045'.
[  340.939275][T15877] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4045'.
[  341.082414][T15890] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  341.090968][T15890] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  341.149040][T15890] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  341.170263][T15890] netlink: 108 bytes leftover after parsing attributes in process `+}[@'.
[  341.178814][T15890] netlink: 84 bytes leftover after parsing attributes in process `+}[@'.
[  341.317467][T15909] 9pnet_fd: Insufficient options for proto=fd
[  341.436786][T15917] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4062'.
[  341.488387][T15917] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4062'.
[  341.867948][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  341.867964][   T29] audit: type=1326 audit(1757333697.729:16786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15950 comm="syz.7.4073" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa54129ebe9 code=0x0
[  341.938825][T15947] loop6: detected capacity change from 0 to 8192
[  341.939787][   T29] audit: type=1326 audit(1757333697.809:16787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15952 comm="syz.2.4074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  341.970425][   T29] audit: type=1326 audit(1757333697.839:16788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15952 comm="syz.2.4074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  341.990534][ T3538]  loop6: p1 p2 < > p3 p4 < p5 >
[  341.994011][   T29] audit: type=1326 audit(1757333697.839:16789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15952 comm="syz.2.4074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  341.998969][ T3538] loop6: partition table partially beyond EOD, truncated
[  342.022568][   T29] audit: type=1326 audit(1757333697.839:16790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15952 comm="syz.2.4074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  342.063918][T15953] loop2: detected capacity change from 0 to 164
[  342.066241][   T29] audit: type=1326 audit(1757333697.919:16791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15952 comm="syz.2.4074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  342.070853][T15953] iso9660: Unknown parameter '18446744073709551615'
[  342.093733][   T29] audit: type=1326 audit(1757333697.919:16792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15952 comm="syz.2.4074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  342.124125][   T29] audit: type=1326 audit(1757333697.919:16793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15952 comm="syz.2.4074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  342.125457][ T3538] loop6: p1 size 100663296 extends beyond EOD, truncated
[  342.147706][   T29] audit: type=1326 audit(1757333697.929:16794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15952 comm="syz.2.4074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  342.178299][   T29] audit: type=1326 audit(1757333697.929:16795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15952 comm="syz.2.4074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  342.216421][ T3538] loop6: p2 start 591104 is beyond EOD, truncated
[  342.222985][ T3538] loop6: p3 start 33572980 is beyond EOD, truncated
[  342.272264][ T3538] loop6: p5 size 100663296 extends beyond EOD, truncated
[  342.283924][T15947]  loop6: p1 p2 < > p3 p4 < p5 >
[  342.289052][T15947] loop6: partition table partially beyond EOD, truncated
[  342.304634][T15947] loop6: p1 size 100663296 extends beyond EOD, truncated
[  342.318039][T15947] loop6: p2 start 591104 is beyond EOD, truncated
[  342.324591][T15947] loop6: p3 start 33572980 is beyond EOD, truncated
[  342.343156][T15947] loop6: p5 size 100663296 extends beyond EOD, truncated
[  342.415576][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  342.420494][ T3539] udevd[3539]: inotify_add_watch(7, /dev/loop6p5, 10) failed: No such file or directory
[  342.426751][ T3538] udevd[3538]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  342.485669][ T3539] udevd[3539]: inotify_add_watch(7, /dev/loop6p5, 10) failed: No such file or directory
[  342.497425][ T3294] udevd[3294]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  342.508472][ T3538] udevd[3538]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  342.653996][T16001] netlink: 'syz.3.4093': attribute type 3 has an invalid length.
[  342.785431][T16017] loop2: detected capacity change from 0 to 1024
[  342.805595][T16017] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  342.818355][T16017] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  342.844677][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.956749][T16034] loop4: detected capacity change from 0 to 1024
[  342.963565][T16034] ext4: Unknown parameter 'uid<00000000000000000000'
[  343.522064][T16081] loop6: detected capacity change from 0 to 128
[  343.545897][T16081] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  343.554054][T16081] FAT-fs (loop6): Filesystem has been set read-only
[  343.560689][T16081] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  343.568489][T16081] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  343.740967][T16073] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  343.749444][T16073] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  344.064173][T16103] FAULT_INJECTION: forcing a failure.
[  344.064173][T16103] name failslab, interval 1, probability 0, space 0, times 0
[  344.076976][T16103] CPU: 1 UID: 0 PID: 16103 Comm: syz.3.4128 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  344.076999][T16103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  344.077010][T16103] Call Trace:
[  344.077017][T16103]  <TASK>
[  344.077025][T16103]  __dump_stack+0x1d/0x30
[  344.077112][T16103]  dump_stack_lvl+0xe8/0x140
[  344.077135][T16103]  dump_stack+0x15/0x1b
[  344.077197][T16103]  should_fail_ex+0x265/0x280
[  344.077224][T16103]  should_failslab+0x8c/0xb0
[  344.077277][T16103]  kmem_cache_alloc_noprof+0x50/0x310
[  344.077310][T16103]  ? skb_clone+0x151/0x1f0
[  344.077391][T16103]  skb_clone+0x151/0x1f0
[  344.077419][T16103]  __netlink_deliver_tap+0x2c9/0x500
[  344.077445][T16103]  netlink_unicast+0x66b/0x690
[  344.077495][T16103]  netlink_sendmsg+0x58b/0x6b0
[  344.077531][T16103]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.077560][T16103]  __sock_sendmsg+0x142/0x180
[  344.077590][T16103]  ____sys_sendmsg+0x31e/0x4e0
[  344.077623][T16103]  ___sys_sendmsg+0x17b/0x1d0
[  344.077667][T16103]  __x64_sys_sendmsg+0xd4/0x160
[  344.077729][T16103]  x64_sys_call+0x191e/0x2ff0
[  344.077748][T16103]  do_syscall_64+0xd2/0x200
[  344.077785][T16103]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  344.077875][T16103]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  344.077909][T16103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.077934][T16103] RIP: 0033:0x7f81a242ebe9
[  344.077951][T16103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.078050][T16103] RSP: 002b:00007f81a0e8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  344.078136][T16103] RAX: ffffffffffffffda RBX: 00007f81a2665fa0 RCX: 00007f81a242ebe9
[  344.078150][T16103] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  344.078166][T16103] RBP: 00007f81a0e8f090 R08: 0000000000000000 R09: 0000000000000000
[  344.078182][T16103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  344.078196][T16103] R13: 00007f81a2666038 R14: 00007f81a2665fa0 R15: 00007fffc562a3d8
[  344.078217][T16103]  </TASK>
[  344.532067][T16114] netlink: 'syz.6.4134': attribute type 1 has an invalid length.
[  344.571296][T16114] SELinux:  Context Ü is not valid (left unmapped).
[  344.582290][T16114] bond0: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  344.606843][T16114] bond0 (unregistering): (slave ip6gretap1): Releasing backup interface
[  344.646887][T16114] bond0 (unregistering): Released all slaves
[  344.980516][T16137] can0: slcan on ttyS3.
[  345.068994][T16137] can0 (unregistered): slcan off ttyS3.
[  345.195082][T16147] loop6: detected capacity change from 0 to 128
[  345.263804][T16152] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  345.271693][T16152] FAT-fs (loop6): Filesystem has been set read-only
[  345.279162][T16152] bio_check_eod: 33327 callbacks suppressed
[  345.279186][T16152] syz.6.4141: attempt to access beyond end of device
[  345.279186][T16152] loop6: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  345.369001][T16132] syz.6.4141: attempt to access beyond end of device
[  345.369001][T16132] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  345.382971][T16152] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  345.390917][T16152] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  345.399901][T16132] syz.6.4141: attempt to access beyond end of device
[  345.399901][T16132] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  345.432099][T16147] syz.6.4141: attempt to access beyond end of device
[  345.432099][T16147] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  345.457341][   T36] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x4
[  345.465123][   T36] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x2
[  345.476499][T16147] syz.6.4141: attempt to access beyond end of device
[  345.476499][T16147] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  345.477483][T16154] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  345.492665][T16132] syz.6.4141: attempt to access beyond end of device
[  345.492665][T16132] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  345.498335][   T36] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x3
[  345.520393][T16154] syzkaller0: entered promiscuous mode
[  345.525882][T16154] syzkaller0: entered allmulticast mode
[  345.533271][   T36] hid-generic 0000:3000000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  345.562525][T16154] tipc: Resetting bearer <eth:syzkaller0>
[  345.573679][T16153] tipc: Resetting bearer <eth:syzkaller0>
[  345.584970][T16153] tipc: Disabling bearer <eth:syzkaller0>
[  345.616584][T16152] syz.6.4141: attempt to access beyond end of device
[  345.616584][T16152] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  345.640232][T16147] syz.6.4141: attempt to access beyond end of device
[  345.640232][T16147] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  345.674121][T16162] fido_id[16162]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  345.740170][T16147] syz.6.4141: attempt to access beyond end of device
[  345.740170][T16147] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  345.795415][T16152] syz.6.4141: attempt to access beyond end of device
[  345.795415][T16152] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128
[  345.797278][T16176] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  345.816886][T16176] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  346.152828][T16186] __nla_validate_parse: 35 callbacks suppressed
[  346.152901][T16186] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4157'.
[  346.177531][T16186] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4157'.
[  346.207853][T16186] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4157'.
[  346.216860][T16189] hub 6-0:1.0: USB hub found
[  346.225427][T16189] hub 6-0:1.0: 8 ports detected
[  346.250185][T16189] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4158'.
[  346.259205][T16189] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4158'.
[  346.300001][   T36] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x4
[  346.307697][   T36] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x2
[  346.326662][   T36] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x3
[  346.336737][   T36] hid-generic 0000:3000000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  346.347535][T16203] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4163'.
[  346.366722][T16203] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4163'.
[  346.385357][T16204] fido_id[16204]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  346.415133][T16203] loop4: detected capacity change from 0 to 512
[  346.449465][T16203] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.464107][T16201] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  346.473104][T16208] loop2: detected capacity change from 0 to 128
[  346.480671][T16208] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  346.506556][T16201] syzkaller0: entered promiscuous mode
[  346.512172][T16201] syzkaller0: entered allmulticast mode
[  346.520527][T16201] tipc: Resetting bearer <eth:syzkaller0>
[  346.526862][T16200] tipc: Resetting bearer <eth:syzkaller0>
[  346.533665][T16200] tipc: Disabling bearer <eth:syzkaller0>
[  346.540136][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.560506][T16208] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  346.640839][T16208] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4165'.
[  347.471334][ T3398] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x4
[  347.479199][ T3398] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x2
[  347.490813][ T3398] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x3
[  347.499357][ T3398] hid-generic 0000:3000000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  347.518618][T16243] loop6: detected capacity change from 0 to 512
[  347.544899][T16241] fido_id[16241]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  347.552271][T16243] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.573517][T16243] ext4 filesystem being mounted at /486/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  347.608868][ T8706] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.653019][T16253] loop4: detected capacity change from 0 to 128
[  347.660271][T16253] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  347.680688][T16253] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  347.691411][ T3391] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x4
[  347.712791][ T3391] hid-generic 0000:3000000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  347.745476][T16261] fido_id[16261]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  347.760415][T16253] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4179'.
[  347.924845][   T29] kauditd_printk_skb: 459 callbacks suppressed
[  347.924862][   T29] audit: type=1400 audit(1757333703.789:17255): avc:  denied  { block_suspend } for  pid=16270 comm="syz.2.4185" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  347.960059][T16271] FAULT_INJECTION: forcing a failure.
[  347.960059][T16271] name failslab, interval 1, probability 0, space 0, times 0
[  347.972839][T16271] CPU: 1 UID: 0 PID: 16271 Comm: syz.2.4185 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  347.972868][T16271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  347.972883][T16271] Call Trace:
[  347.972890][T16271]  <TASK>
[  347.972898][T16271]  __dump_stack+0x1d/0x30
[  347.972940][T16271]  dump_stack_lvl+0xe8/0x140
[  347.973027][T16271]  dump_stack+0x15/0x1b
[  347.973044][T16271]  should_fail_ex+0x265/0x280
[  347.973115][T16271]  should_failslab+0x8c/0xb0
[  347.973142][T16271]  kmem_cache_alloc_node_noprof+0x57/0x320
[  347.973177][T16271]  ? __alloc_skb+0x101/0x320
[  347.973203][T16271]  __alloc_skb+0x101/0x320
[  347.973240][T16271]  alloc_uevent_skb+0x5c/0x120
[  347.973277][T16271]  kobject_uevent_net_broadcast+0x23c/0x410
[  347.973310][T16271]  kobject_uevent_env+0x43d/0x570
[  347.973342][T16271]  kobject_uevent+0x1d/0x30
[  347.973425][T16271]  device_del+0x710/0x790
[  347.973455][T16271]  ? __try_to_del_timer_sync+0x152/0x170
[  347.973492][T16271]  device_unregister+0x15/0x40
[  347.973558][T16271]  wakeup_source_sysfs_remove+0x25/0x30
[  347.973599][T16271]  wakeup_source_unregister+0xf0/0x330
[  347.973626][T16271]  ep_destroy_wakeup_source+0x3a/0x50
[  347.973677][T16271]  ep_modify+0xb0/0x450
[  347.973721][T16271]  do_epoll_ctl+0x611/0x8a0
[  347.973755][T16271]  __x64_sys_epoll_ctl+0xcb/0x100
[  347.973822][T16271]  x64_sys_call+0x706/0x2ff0
[  347.973847][T16271]  do_syscall_64+0xd2/0x200
[  347.973929][T16271]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  347.973986][T16271]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  347.974021][T16271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.974046][T16271] RIP: 0033:0x7fe66625ebe9
[  347.974063][T16271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.974109][T16271] RSP: 002b:00007fe664cc7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  347.974129][T16271] RAX: ffffffffffffffda RBX: 00007fe666495fa0 RCX: 00007fe66625ebe9
[  347.974143][T16271] RDX: 0000000000000004 RSI: 0000000000000003 RDI: 0000000000000003
[  347.974157][T16271] RBP: 00007fe664cc7090 R08: 0000000000000000 R09: 0000000000000000
[  347.974171][T16271] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.974186][T16271] R13: 00007fe666496038 R14: 00007fe666495fa0 R15: 00007ffe51300cb8
[  347.974208][T16271]  </TASK>
[  348.263790][T16278] loop2: detected capacity change from 0 to 512
[  348.307488][T16278] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.321230][T16278] ext4 filesystem being mounted at /224/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  348.357241][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.458564][T16294] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4193'.
[  348.491499][T16299] loop2: detected capacity change from 0 to 512
[  348.501443][T16300] loop6: detected capacity change from 0 to 128
[  348.522130][T16299] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.567505][T16303] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  348.575480][T16303] FAT-fs (loop6): Filesystem has been set read-only
[  348.582208][T16303] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  348.590037][T16303] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  348.721774][T16288] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  348.729980][T16288] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  348.791613][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.840013][   T29] audit: type=1400 audit(1757333704.679:17256): avc:  denied  { create } for  pid=16305 comm="syz.4.4195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  349.139493][   T29] audit: type=1326 audit(1757333704.999:17257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.2.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  349.172748][   T29] audit: type=1326 audit(1757333705.029:17258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.2.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  349.179501][T16325] vhci_hcd: invalid port number 96
[  349.196408][   T29] audit: type=1326 audit(1757333705.029:17259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.2.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  349.196436][   T29] audit: type=1326 audit(1757333705.029:17260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.2.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  349.196466][   T29] audit: type=1326 audit(1757333705.029:17261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.2.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  349.196496][   T29] audit: type=1326 audit(1757333705.029:17262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.2.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  349.201622][T16325] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  349.225149][   T29] audit: type=1326 audit(1757333705.029:17263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.2.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  349.303916][T16324] vlan2: entered allmulticast mode
[  349.326470][   T29] audit: type=1326 audit(1757333705.029:17264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16323 comm="syz.2.4196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe66625ebe9 code=0x7ffc0000
[  349.355430][T16324] dummy0: entered allmulticast mode
[  349.443380][T16337] loop2: detected capacity change from 0 to 512
[  349.482333][T16337] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.506346][T12481] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.541005][T16344] loop2: detected capacity change from 0 to 128
[  349.562111][T16344] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  349.595446][T16344] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  349.621680][T16346] loop4: detected capacity change from 0 to 512
[  349.655665][T16346] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.681069][T12919] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.693665][T16348] ==================================================================
[  349.701776][T16348] BUG: KCSAN: data-race in __bpf_get_stackid / bcmp
[  349.704933][T16355] 9pnet: Could not find request transport: 0xffffffffffffffff
[  349.708393][T16348] 
[  349.708402][T16348] write to 0xffff88811a20c310 of 120 bytes by task 16355 on cpu 0:
[  349.726089][T16348]  __bpf_get_stackid+0x761/0x800
[  349.731042][T16348]  bpf_get_stackid+0xee/0x120
[  349.735808][T16348]  bpf_get_stackid_raw_tp+0xf6/0x120
[  349.741097][T16348]  bpf_prog_e6fc920cfeff8120+0x2a/0x32
[  349.746547][T16348]  bpf_trace_run2+0x107/0x1c0
[  349.751235][T16348]  __traceiter_kfree+0x2b/0x50
[  349.756000][T16348]  kfree+0x27b/0x320
[  349.759904][T16348]  vfree+0x295/0x3a0
[  349.763806][T16348]  bpf_prog_calc_tag+0x37c/0x3c0
[  349.768746][T16348]  resolve_pseudo_ldimm64+0x45/0x740
[  349.774036][T16348]  bpf_check+0x1074/0xd9e0
[  349.778538][T16348]  bpf_prog_load+0xedd/0x1070
[  349.783223][T16348]  __sys_bpf+0x462/0x7b0
[  349.787468][T16348]  __x64_sys_bpf+0x41/0x50
[  349.791886][T16348]  x64_sys_call+0x2aea/0x2ff0
[  349.796561][T16348]  do_syscall_64+0xd2/0x200
[  349.801068][T16348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.806959][T16348] 
[  349.809280][T16348] read to 0xffff88811a20c348 of 8 bytes by task 16348 on cpu 1:
[  349.816903][T16348]  bcmp+0x23/0x90
[  349.820545][T16348]  __bpf_get_stackid+0x371/0x800
[  349.825482][T16348]  bpf_get_stackid+0xee/0x120
[  349.830157][T16348]  bpf_get_stackid_raw_tp+0xf6/0x120
[  349.835440][T16348]  bpf_prog_e6fc920cfeff8120+0x2a/0x32
[  349.840891][T16348]  bpf_trace_run2+0x107/0x1c0
[  349.845570][T16348]  __traceiter_kfree+0x2b/0x50
[  349.850331][T16348]  kfree+0x27b/0x320
[  349.854229][T16348]  ___sys_recvmsg+0x135/0x370
[  349.858915][T16348]  do_recvmmsg+0x1ef/0x540
[  349.863349][T16348]  __x64_sys_recvmmsg+0xe5/0x170
[  349.868299][T16348]  x64_sys_call+0x27a6/0x2ff0
[  349.872976][T16348]  do_syscall_64+0xd2/0x200
[  349.877504][T16348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.883390][T16348] 
[  349.885706][T16348] value changed: 0xffffffff844aaff5 -> 0xffffffff816485e5
[  349.892804][T16348] 
[  349.895120][T16348] Reported by Kernel Concurrency Sanitizer on:
[  349.901267][T16348] CPU: 1 UID: 0 PID: 16348 Comm: syz.6.4206 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  349.911149][T16348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  349.921200][T16348] ==================================================================
[  349.983419][T16358] loop6: detected capacity change from 0 to 128
[  350.046123][T16359] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  350.054373][T16359] netdevsim netdevsim6: Direct firmware load for . failed with error -22