last executing test programs:

1m38.852297469s ago: executing program 2 (id=518):
socket$packet(0x11, 0x2, 0x300)
socket$nl_audit(0x10, 0x3, 0x9)
getpid()
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000009, 0x200000005c831, 0xffffffffffffffff, 0x78e2c000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000005000000ff00080000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x485e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000180)={0x2, &(0x7f0000000000)=[{0x50, 0x0, 0x0, 0xe}, {0x6, 0x0, 0x0, 0x8}]})

1m38.56653657s ago: executing program 2 (id=522):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000180)})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x20000000, 0x4000000000003, 0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x7667, &(0x7f0000000100)={0x0, 0x0, 0x13580}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x40, 0x1, r4, 0x0, 0x0, 0x0, 0x20, 0x1, {0x3}})
connect$vsock_stream(r4, &(0x7f0000000000), 0x10)
io_uring_enter(r1, 0x6256, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)="4c0000001200ff09ff3a150099a283ff07b8008000f0ffff000000060040150024001d00120511a09798bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab9d25bf46050d3c3a2b04", 0x4c}], 0x1}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x1}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'team_slave_0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r9, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfd, 0x2ffffffff}, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r9, 0x8933, &(0x7f0000000300)={'team0\x00', <r10=>0x0})
r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ppoll(&(0x7f0000000080)=[{r11}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r11, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r11, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r12 = syz_open_pts(r11, 0x0)
ioctl$TIOCSTI(r12, 0x5412, &(0x7f0000000280)=0x3)
r13 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r13, @ANYBLOB="0100ffffffff000000000100000008000100", @ANYRES32=r10, @ANYBLOB="b00002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r8], 0xcc}, 0x1, 0xf000}, 0x0)

1m37.652041815s ago: executing program 2 (id=535):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xd, 0xe, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae58e99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472ad529cefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc979ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa09acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b183940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2", @ANYRES32=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000240), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x0, 0x3, 0xfffffffd}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = io_uring_setup(0x30d5, &(0x7f00000001c0)={0x0, 0xb1d8, 0x400})
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r3, 0x0, 0x5, &(0x7f0000000000)={@dev={0xac, 0x14, 0x14, 0xb}, @multicast2, 0x0, "66c5aff8a7eb3af1f6cec2e7420000000000004000", 0x4, 0x0, 0x80}, 0x3c)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000000600)="f47c4b89fc0002aaac39", 0xa, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xe0ffffff00000000}}, 0x1c)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r4, 0x84, 0x21, &(0x7f0000000700)=0x5, 0x4)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r4, 0x84, 0x20, &(0x7f0000000000)=0x4a6a, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000005b40)=[{{0x0, 0x0, &(0x7f00000003c0)}, 0x80000000}, {{0x0, 0x0, 0x0}, 0xd2e6}], 0x2, 0x1, 0x0)
shutdown(r4, 0x1)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r5)
sendmsg$NLBL_MGMT_C_ADD(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="001c754ada69b8f87207c14c3c61f0780700b9787fe76158860ddb4be251", @ANYRES16=r6, @ANYBLOB="cd3c000000000200000001000000ce00010043ecf8a077157cd8bc73e1b93314cdcbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f175dd5d0f0a8ebd2679204020b006f64e62cd3404917f3be657330adc6bf2f2ab6286f91741293554bf4406edcdc8a3779814659bebb63d2c301a5e2568cb3696d7ed256da47bd6246c86e86ac9cfbdae22622b43a13e9096385b4cb17bf6d8436e77f709e436462ad3ba28f73bf36e8e358673326e220d60a9d3d7e3de5dc9007e74d9c3c932faf89062b965db52beeff385e442adbb8d87480d4000006000b0028000000080002000500000008000c000000000008000400ffffffff"], 0x104}, 0x1, 0x0, 0x0, 0x20084880}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000106, &(0x7f0000000300)=ANY=[@ANYRESHEX=r4], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
r8 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$P9_RWRITE(r8, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x1000840, &(0x7f0000000140)=ANY=[@ANYBLOB="757466383d302c756e695f786c6174653d312c756e695f786c6174653d312c696f636861727365743d6d616363656c7469632c696f636861727365743d6d6163696e7569742c756e695f786c6174653d302c636f6465706167653d313235312c73686f72746e616d653d6d697865642c756e695f786c6174653d312c726f6469722c756e695f786c6174653d312c757466383d302c00c6934d555b44384e2bd9c65667968e2e95a9b9539b70ea20f021f05a83fe9b602301671e866a0cd30582ec190e952f8bf591e86fd2175b4091851f8cf5b67737a680a49b858e6a"], 0x1, 0x357, &(0x7f0000000900)="$eJzs3U9om2UYAPAn+9KkHWztQRgKQvQmaFkrHvTUUjoY5qIS/HMQg+tUmjpoMNgdmtWL7Ch41JM3D3rwsLMIinjz4NUJMhUPutvA4StJvqRpk3adkM3i73cIT9/3efK+b/PRfP3a781rS7F+YSou3rx5I6anC1FcWlmKW4WYiyz6rsSo0pg2AOB4uJVS/Jl6jlhSmPCUAIAJ677/v3FqqOW9rw/LT979AeDYy3//nzksZ/qgjksTmRIAMGEj1/8f3dNd2vun/uLQfwUAAMfVCy+/8uxyNeL5SmU6YuP9Vq1Vi2d2+5cvxlvRiLU4G7NxO6J3otB5KHQfz52vrq6cjmjHL3NR61S0ahEb7Vatd6awnHXry7EQszGX1+dnGyml7NwX1dWFSldEXGl3x4+NQqs2FSfz8X88GWuxGJV4YKQ+4nx1dbGSP0Fto1/fjtjZvW7Rmf98zMb3r8elaMSF6NT2T2uqq9sLlcpKqu6pb9XK3byeA6+AAAAAAAAAAAAAAAAAAAAAAADAvzJfGZgb7H+TdvfvmZ8f09/dH6dXn+8PtNPbHyiVU6T0x7tP1K5mMdgf6OyY/XlatWKcuL9LBwAAAAAAAAAAAAAAAAAAgP+M5lYp6o3G2mZz6/L6cNDebG6diIhOy9vffvbVTIzm3CEo5mMMdVXypsvr9ZT1k1O2JycPss7g/ZZPrw1mPJxTHqxi7DTKB3c1Gqce+fmj3ZaHs/4z/z3ImYoYv8Bs3zSGg43TvSndzTdqECzeIed6Sumg8u1XR6uiEFG8+xfu8CB1gm9uvPngk80zT3Vbvkw9jz0+++L1Dz/5bb3e6Iwc3VewtNm8ndbr+dfjD7aDg2zo+ClELygMHwnFw8p39rbUsx9+f+mhD7472uip3mhczfeoaLwzJifrLefz/V2lXtCZ5r6umXFjTY05+CcQnPl4qX5t+6dfj1o19EPCRh0AAAAAAAAAAAAAAAAAAHBPDN0rnstv9p06rOrp5yY/MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4d3Y//38o2BlpOUrwVztGu8prm82I0v1eJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/3P/BAAA///NYmrm")
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffeca50000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='kmem_cache_free\x00', r9}, 0x10)
symlink(0x0, 0x0)
umount2(&(0x7f0000000180)='./file0/file0/..\x00', 0xc)
setsockopt$inet_MCAST_JOIN_GROUP(r7, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)

1m37.273131286s ago: executing program 2 (id=540):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0)
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_buf(r0, 0x6, 0xd, &(0x7f00000001c0)="84", 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0xfffd}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_ID={0x8}]}], {0x14, 0x10}}, 0x70}}, 0x0)
getsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, 0x0, &(0x7f00000003c0))
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f00000000c0)={[{@discard}, {@bsdgroups}, {@resuid}, {@noblock_validity}, {@minixdf}, {@errors_remount}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
setxattr$trusted_overlay_upper(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000280), &(0x7f0000000480)={0x0, 0xfb, 0xdf, 0x2, 0x4, "dc266e786745533af98d58fd0fa0c473", "0e2e0e5bdd94738ba534ba15969363859f74db53e60cd66158212d217f95e6726942064a6963069d445706c2de571fb1963ae2020004f50c588d34d1355f90a9759107721a05f312764096ecd573e0cba9ef44881732b8d557afead4a5b63d59f983ce361f7d74dd2f95de8158db90077645fa6500348683b70d097946656b008ec9548be3c5e1988e25da464e0bb677dd3a4b6483e988ca3ea24c36d63f9713b17cbb37c31e71fce67ed28978546ee82c27bb03831649d8c7b998f468e9a2cb891485ce84631fda0306"}, 0xdf, 0x1)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000200), &(0x7f0000000400)={0x0, 0xfb, 0x6c, 0x3, 0x1, "8ccaa77c0871db57e43377513f0445ee", "fa3046e066eeb7c652e601b37dcabfc29bd1bdc4ae10c53577a17bcac87bea12da0500fa11fca2afdd2ca1457272b2fb4d252915d0d67688b24b47a34859a16033f7afeda7263595a96f42aa543cfbe7465f00c2b87392"}, 0x6c, 0x1)
llistxattr(&(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
setsockopt$inet6_tcp_buf(r0, 0x6, 0xd, &(0x7f00000001c0)="84", 0x1) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0xfffd}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_ID={0x8}]}], {0x14, 0x10}}, 0x70}}, 0x0) (async)
getsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, 0x0, &(0x7f00000003c0)) (async)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f00000000c0)={[{@discard}, {@bsdgroups}, {@resuid}, {@noblock_validity}, {@minixdf}, {@errors_remount}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") (async)
setxattr$trusted_overlay_upper(&(0x7f0000000240)='./file0/../file0\x00', &(0x7f0000000280), &(0x7f0000000480)={0x0, 0xfb, 0xdf, 0x2, 0x4, "dc266e786745533af98d58fd0fa0c473", "0e2e0e5bdd94738ba534ba15969363859f74db53e60cd66158212d217f95e6726942064a6963069d445706c2de571fb1963ae2020004f50c588d34d1355f90a9759107721a05f312764096ecd573e0cba9ef44881732b8d557afead4a5b63d59f983ce361f7d74dd2f95de8158db90077645fa6500348683b70d097946656b008ec9548be3c5e1988e25da464e0bb677dd3a4b6483e988ca3ea24c36d63f9713b17cbb37c31e71fce67ed28978546ee82c27bb03831649d8c7b998f468e9a2cb891485ce84631fda0306"}, 0xdf, 0x1) (async)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) (async)
setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000200), &(0x7f0000000400)={0x0, 0xfb, 0x6c, 0x3, 0x1, "8ccaa77c0871db57e43377513f0445ee", "fa3046e066eeb7c652e601b37dcabfc29bd1bdc4ae10c53577a17bcac87bea12da0500fa11fca2afdd2ca1457272b2fb4d252915d0d67688b24b47a34859a16033f7afeda7263595a96f42aa543cfbe7465f00c2b87392"}, 0x6c, 0x1) (async)
llistxattr(&(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x0) (async)

1m37.078323087s ago: executing program 2 (id=541):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="62a02a3a340977770a89"], 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000200000000000000001809"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000010000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="1401000026000100000000000000000003"], 0x114}], 0x1}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffff55)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r6}, 0x10)
dup3(r3, r2, 0x0)

1m36.58143434s ago: executing program 2 (id=549):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xec)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r3}, &(0x7f0000000500), &(0x7f0000000540)=r2}, 0x20)
close(r1)

1m36.58066702s ago: executing program 32 (id=549):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xec)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x12, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r3}, &(0x7f0000000500), &(0x7f0000000540)=r2}, 0x20)
close(r1)

1m22.170867001s ago: executing program 1 (id=744):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000005000000ff00080000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x485e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000180)={0x2, &(0x7f0000000000)=[{0x50, 0x0, 0x0, 0xe}, {0x6, 0x0, 0x0, 0x8}]})

1m21.950830223s ago: executing program 1 (id=749):
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0xd80, 0x0)
r0 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100, 0x0, 0x16a}, &(0x7f0000000140), &(0x7f0000000100)=<r1=>0x0)
r2 = syz_io_uring_setup(0x801864, &(0x7f0000000580)={0x0, 0x6998, 0x0, 0x5, 0x3}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r3, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r0, 0x184c, 0x0, 0x0, 0x0, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, 0x0, 0x0)
setsockopt$sock_int(r5, 0x1, 0x28, &(0x7f0000000040)=0x8004, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
recvmmsg(r5, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)=""/4096, 0x1000}}], 0x1, 0x0, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r6, &(0x7f0000001800)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r7=>0xffffffffffffffff}, 0x2}}, 0x20)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r7], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff})
ioctl$TUNDETACHFILTER(r9, 0x8903, 0x1000000000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x3c, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='kfree\x00', r10}, 0x18)
socket$kcm(0x21, 0x2, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYRESOCT=r2], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf, @void, @value}, 0x94)
finit_module(0xffffffffffffffff, &(0x7f0000000300)='\b\xeel2q&)+A\xdb\x9c\x1e\xd8\xd8\xad\x01}q\x00'/33, 0x1)
r11 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$USBDEVFS_IOCTL(r11, 0xc0105512, &(0x7f0000000200))
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000200)={0x3, 0x1b, 0xfa00, {{0xa, 0xfffc, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @empty, 0xfffffffc}, r7, 0x6}}, 0x48)
r12 = dup2(r0, 0xffffffffffffffff)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r12, &(0x7f00000008c0)={0x16, 0x98, 0xfa00, {0x0, 0x2, r7, 0x10, 0x0, @in={0x2, 0x4e22, @loopback}}}, 0xa0)

1m21.832217313s ago: executing program 1 (id=752):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="00000000f3ffffff23a50000000000007b8af8ff00000000bfa20000000007020000f8ffffffb703000008000000b704000000000000850000000300000095000000000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r3, 0x10e, 0x2, &(0x7f0000000100)=0x7, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r6, 0x10f, 0x81, &(0x7f0000000480), 0x4)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000940), 0x0, 0x0)
r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = dup(r7)
r9 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}})
recvmmsg(r6, &(0x7f0000006000)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/246, 0xf6}], 0x1}}], 0x1, 0x0, 0x0)
sendmsg$tipc(r6, &(0x7f0000000200)={&(0x7f0000000c00)=@id={0x1e, 0x3, 0x3, {0x4e20}}, 0x10, &(0x7f0000000340)}, 0x0)
fcntl$setstatus(r2, 0x4, 0x6000)
io_setup(0x200, &(0x7f0000000140)=<r10=>0x0)
r11 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x39)
write$binfmt_script(r11, &(0x7f0000000080), 0x208e24b)
r12 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$sock_int(r12, 0x1, 0x10, &(0x7f0000000000)=0x8, 0x4)
io_submit(r10, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r2, &(0x7f0000000000), 0x4000}])

1m21.461800535s ago: executing program 1 (id=756):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x40)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b900000000fffffffff2060000000000000200"})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x40000, 0x0)
getdents(r2, 0x0, 0x58)
accept4$unix(r0, &(0x7f00000000c0)=@abs, &(0x7f00000001c0)=0x6e, 0x80000)

1m21.051955117s ago: executing program 1 (id=763):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f00000000c0), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r4, r4, 0x0, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000001c0), 0x12)
readv(r4, &(0x7f0000000440)=[{&(0x7f0000000280)=""/153, 0x99}], 0x1)

1m20.49854611s ago: executing program 1 (id=772):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000000000181100", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000002c0)='rpm_return_int\x00', r3}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001100)=ANY=[@ANYBLOB="1e00000000000000010000000700000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000004f050000000000000000000089a748b9ac4e6024a50c5087e042f241ccaac6e228250d5cf711e19d84379a071d1839fe47e07f4c"], 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000000c0), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r7, r7, 0x0, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f00000001c0), 0x12)
readv(r7, &(0x7f0000000440)=[{&(0x7f0000000280)=""/153, 0x99}], 0x1)

1m20.4981172s ago: executing program 33 (id=772):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000000000181100", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000002c0)='rpm_return_int\x00', r3}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001100)=ANY=[@ANYBLOB="1e00000000000000010000000700000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000004f050000000000000000000089a748b9ac4e6024a50c5087e042f241ccaac6e228250d5cf711e19d84379a071d1839fe47e07f4c"], 0x48)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000000c0), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r7, r7, 0x0, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f00000001c0), 0x12)
readv(r7, &(0x7f0000000440)=[{&(0x7f0000000280)=""/153, 0x99}], 0x1)

14.734531097s ago: executing program 5 (id=2213):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00'}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x61, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGABS20(r1, 0x40044591, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000), 0xf)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x89f1, &(0x7f0000000040)={'ip6_vti0\x00', @random='\a\x00\x00 \x00'})

14.599290137s ago: executing program 5 (id=2216):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x20000000, 0x4000000000003, 0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x7667, &(0x7f0000000100)={0x0, 0x0, 0x13580}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x40, 0x1, r4, 0x0, 0x0, 0x0, 0x20, 0x1, {0x3}})
connect$vsock_stream(r4, &(0x7f0000000000), 0x10)
io_uring_enter(r1, 0x6256, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg(r5, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x1}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'team_slave_0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r9, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfd, 0x2ffffffff}, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r9, 0x8933, &(0x7f0000000300)={'team0\x00', <r10=>0x0})
r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ppoll(&(0x7f0000000080)=[{r11}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r11, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r11, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r12 = syz_open_pts(r11, 0x0)
ioctl$TIOCSTI(r12, 0x5412, &(0x7f0000000280)=0x3)
r13 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r13, @ANYBLOB="0100ffffffff000000000100000008000100", @ANYRES32=r10, @ANYBLOB="b00002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r8], 0xcc}, 0x1, 0xf000}, 0x0)

13.637004162s ago: executing program 5 (id=2234):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='mounts\x00')
preadv(r1, &(0x7f0000000700)=[{&(0x7f0000000280)=""/124, 0x7c}], 0x1, 0x59, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000480)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000014000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/11, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x14, &(0x7f0000000140)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x17}}, @call={0x85, 0x0, 0x0, 0x23}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{0x1, <r5=>0xffffffffffffffff}, &(0x7f00000005c0), &(0x7f0000000600)}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0500"/20, @ANYRES32, @ANYBLOB="0600"/20, @ANYRESHEX, @ANYRES32, @ANYBLOB="05000000020000000200"/27], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x11, 0x1e, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000400000000000000020000008500000069000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff0700008500000006000000850000004c0000008500000023000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000004000000850000000600000018010000646c6c250000000000202020c31c6ea18644bbbebfa100000000000007010000f8ffffffb702000008000000b70300000600000085000000060000009500000000000000", @ANYRES16], &(0x7f0000000300)='syzkaller\x00', 0x3, 0x19, &(0x7f0000000680)=""/25, 0x41100, 0xc9, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f00000004c0)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000500)={0x2, 0xa, 0x2, 0x1}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000700)=[r2, r3, r4, 0xffffffffffffffff, 0xffffffffffffffff, r5, r6, r0], &(0x7f0000000740), 0x10, 0x26b8, @void, @value}, 0x94)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
readv(r7, &(0x7f00000015c0)=[{&(0x7f0000000040)=""/20, 0x14}], 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r8=>0x0})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bind$unix(0xffffffffffffffff, &(0x7f0000000140)=@abs={0x1}, 0x6e)
listen(0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xc, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x100000, 0x5dd8, 0x3, 0x0, 0x0, 0x8, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000008c0)={0x0, 0x6, 0x1ff}, 0x8)
r9 = syz_clone(0x20940200, 0x0, 0x9, 0x0, 0x0, 0x0)
tgkill(r9, r9, 0x11)
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r8, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)

13.518287603s ago: executing program 5 (id=2237):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000980)={[{@nojournal_checksum}, {@errors_continue}, {@noblock_validity}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0xfeeb, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
kexec_load(0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r1 = syz_clone(0x4980500, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r2, 0x0, 0xfffffffffffffffd}, 0x18)
ptrace$setopts(0x4206, r1, 0x0, 0x0) (fail_nth: 6)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0xf2002)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0x40a85323, 0x0)
socket$inet(0x2, 0x5, 0x5)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000002780), 0x80000, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_dev$loop(0x0, 0x8, 0x42180)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000280)={'\x00', 0x2, 0x0, 0xb, 0x7, 0x7})
pwrite64(r4, 0x0, 0x0, 0x9000)
r6 = openat(0xffffffffffffff9c, 0x0, 0x107842, 0x42)
sendfile(r6, r6, 0x0, 0x80000000)
sendmsg$NFNL_MSG_CTHELPER_DEL(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x80, 0x2, 0x9, 0x5, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_TUPLE={0x48, 0x2, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x21}}, {0x8, 0x2, @broadcast}}}]}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x8}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x4}, @NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x9}]}, 0x80}, 0x1, 0x0, 0x0, 0x4028800}, 0x4)
geteuid()

12.579958458s ago: executing program 5 (id=2249):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b0800000000000000000000008000000000000081e7d8430eeff6b3cd4af9a691d4c3b24db27ae9edb7dedb131a46ba5652ec99703536646d37f7febfde0aed863d970fa922b69e4eaba83801dcd1c8aabe1eee52f0ec1af34615fd95ce46faaf1518cec0dfaacf1fc0b1339ac3bb9816766dae38b46ebcffad1ace87ce5ee931b6a50e388736205590af16233c00000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='mm_shrink_slab_start\x00', r1}, 0x18)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000240)='./file0\x00', 0x18000, &(0x7f0000002f40)=ANY=[@ANYRES8=0x0, @ANYRES64, @ANYRES16=0x0, @ANYRESDEC, @ANYRES32, @ANYRES32], 0x1, 0x2ee, &(0x7f0000001a80)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
sendmmsg(0xffffffffffffffff, &(0x7f0000007180)=[{{0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000001900)="8de8c41886d748485119944e427c5e7b046e4ac9e17ce6ae633a561e3f5235c35f0193e8f9534679a403805d5b096be66064aa0f5fa466a650c1b645b8d8ba49af2c53b9bc0020a352229f750de2b46f9dc5bc6042004eb462d53e1ddf255f7985c078fd79ed00424918734cf0b4e35941a1153d759107b9eafb3d4532c3ffafd488438af6ea00520213fb5f0a65eae413fa91b1a13e115eeb4bc57d27e5ec0b339985c0d03ebd0982faa1992c94f8b815500e76b26113765c7e33222ef8d6480924e9bc356f1bc24108bf28c53ff174b974b4c30f443e5d8ebdc7d5ca50838095f5f9d5f0f5c0bb7562f14c4b066795ca15ab9681b586aaf4e50d6bf0b3d176e4959234204babe86fb527775a9f2212d66135bac8735090ee5a8c2172fe424ffc20a9e24645c83211640a417aa916c719768b2c8852f838f7f83a4e1de37ce4cd4eb1a5951813633112235f6e84ce7381101fe99a57bd8076957d1439e6e1fefdb143eaac022c999dc25d2fde40e8db93998684635f2e4cd0800073313cfa5d60acce14941ebe1b64d9d3b7a0a1893787eeb8652c9854b145792a282085ab78eca47335617e7da9431d449762e02ab6501e6390128b916a05d6e276dcfacaf94260609ef4551c82964e4d81bbb1ca8081c7987f25893a84c1598232cc8b8ebaed747d674b89c06dd41b390feb6d0e39b34c809e2cfb7c919f5ab0a5ad88714ce664da614202816904d781f9210557723779d57b4c5c59ec111e17f66b4bde5f56b19842aab6011d7be9ea119db2b40137f267d0b885549eff754b442024f1851c10664bb06728eb1a27801fc0f14b35f0d61b2b730fe78a72dbe9d8269c0f5b5b4529a6c0e2a00e9a0ae3c0909862e56d487a256792b18fd3f3e19c81130447dd26817fd8aad9d35050de5b7c9d225ac20abc2db8fbc40fdc1a1e8b905aeb3963dba875654d3ca7d3e5ef370ad4f4483da905b636b032e07e813b23bcc25ab077c91bdc7e12ceda837822d22ac0540c9b579dd62ffb0e067ed3947f44ba619e09c4528f6a26db3c98bdb98d98b66fa2b57f261ea55ce8acb9999860f4d87842d3380d51dcea05fe8c41f3dd39a640869df4da8dc35578dee838f9b0f1f74d619720360beb671e9bf5d147dc365cbf98d30b74a786e81490da43bfb462203249f731c858c57841c900f1c1964a87b9bc9ac8a7e70137111cd0279270d2916830cb820b3c771ff757409a52437748afe6bc9100f21911738e69272b56bfd3e85e06162bc06b30c5c2f4de355c4598db1ebe68520ad1d1e2d1cb8a9ffc3ff981f0a873b05146cc5ef52100798d105ece6d4983c442cd22cdb33c51f9291eecd3f2fa8194b1b86249d0a3dcb01964a49ded49fd4d7e3cad5f9e5b83eb540f251eb4b86a6c32f4ee1672df518b3421cef1e98cc2297e28bed721b6c2e5d912432f5c4629b4879d23052bcafd30fb401f8ec96037c91fdc6e540ad46eb8d0d703a082e7fd92cfe2dfd80f2d36b9b562bc78cf2930a05b9425ebe0f477031367c516ad0c5072c0314756e8ac1352aa22715ae59677cff454420ae123b1966f1ebbd49f207529e9ea83a116f45221b4762a049faaa1fe5799d00c09755791bd8e56a7069754d3aaa81b2eee785439c90873d41f516ee6e346bfcec5373f225680371df72e24b30371fabcfcf84caa5fee8a2f71c6c49f24602d56d0d10bd8a02a20ba29b2732a85246d3168be20118ac180d1403a75a6fb446af11cc38578322d69ec7a13ca7d26281680afef39df68f1317fe0bf7598252db9fdf38dfedd1b8f0d0755c534378fcc6565ab06a6faf0ae068c6d054cdfea37d00484ac0521ecbe9bcf06937c144832aa48d883f741e2902c0f3cda84d4c1caf1e556e2c2b6fe6fc35a81937bbf0a817061849ead049ccad767cc2c326f181d19f40f82457347839bb42e1ea3c8acde59419622178fcf155f427294fb02ec3e6261894eee0212abc38c9bc0e0ace9bfb86b01dabc33c7194eee7b110cfc5a93bcac093137089be93bbdcb511ac7ac5c8889cfb6f9d66ddd3af4b7c0d50cb53a83178d248bbc7df156bbfaf4d20016435884966b234e50e8da0677bbb265439697fb9b8fea76d15da9dfd8576636112c0a2ce6fbf9e1beca0887aae366d44ef70be74c3a8e351e627321285470c7def28cae1ff4078bee7a5d7a51d9897704b29a18a1fc00cf18dc81f886ee9afd984d80a0a7615d1f86915b881803e0fb50f59148a45c6f4c5107aee0c8a647b7c8b0e164c5a76ef7d7cc61ade743bdfae7c859911846838717dffa33aef5e1ba0d3c2345be0cb341b46711651465e7c2a41a33641605dae767d3b6e2296f26cae5cc16718fbf07a364ce2392b5cc603c410eab985f79ded09b8c30fcfbcc84cc2da1e9a5581c84e22b0d44205342200e1bef6769ad804d68f529b2da152de9bff638db990bdf463f33a8f5f5659bf2299ae75061f9eefce1dca690e09ecc8e5d0e5fc48674efc9b37f4531c931473d497cd1facf64261e4f61f6e700b6ce", 0x701}], 0x1}}], 0x1, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
bind$can_raw(r3, &(0x7f00000005c0), 0x10)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r3, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)
sendmsg$can_raw(r3, &(0x7f0000000240)={&(0x7f0000000780), 0x10, &(0x7f0000000200)={&(0x7f00000007c0)=@can={{0x2, 0x0, 0x1, 0x1}, 0x1, 0x2, 0x0, 0x0, "b97003b8750e5566"}, 0x10}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x13, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fdatasync(r4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x0, 0xffffffff, 0xfffffffffffffd8a, 0x0, 0x41000, 0x4a, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
write$binfmt_misc(r5, &(0x7f00000000c0), 0xfdef)

12.449052238s ago: executing program 5 (id=2254):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x61, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGABS20(r2, 0x40044591, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000), 0xf)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x89f1, &(0x7f0000000040)={'ip6_vti0\x00', @random='\a\x00\x00 \x00'})

12.448903748s ago: executing program 34 (id=2254):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x61, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGABS20(r2, 0x40044591, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000), 0xf)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x89f1, &(0x7f0000000040)={'ip6_vti0\x00', @random='\a\x00\x00 \x00'})

2.13205724s ago: executing program 6 (id=2436):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYRESOCT=r0, @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000140), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000400)=@gcm_128={{0x303, 0x38}, "be00", "00000c70423a000000000000ffff00", "ec69d337", "df02000000000ece"}, 0x28)

2.057837889s ago: executing program 6 (id=2437):
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0xd80, 0x0)
r0 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100, 0x0, 0x16a}, &(0x7f0000000140), &(0x7f0000000100)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r0, 0x184c, 0x0, 0x0, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
recvmmsg(r2, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)=""/4096, 0x1000}}], 0x1, 0x0, 0x0)

1.859295521s ago: executing program 0 (id=2443):
r0 = syz_io_uring_setup(0x10c, &(0x7f0000000680)={0x0, 0x83f4, 0x10, 0x1, 0xfffffffd}, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000040))
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r2, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x18, 0x110, 0xd, {[@timestamp_addr={0x44, 0x4}]}}}], 0x38}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0xa, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r6=>r5, {0x6}}, './file0\x00'})
ioctl$SG_GET_COMMAND_Q(r6, 0x2270, &(0x7f0000000240))
syz_emit_ethernet(0x32, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x2f, 0x0, @dev, @multicast1}, {{0x0, 0x6558, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "d8621b", 0x0, "2c17a9"}}}}}}, 0x0)
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.804340731s ago: executing program 0 (id=2446):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
semop(0x0, &(0x7f0000000240)=[{0x0, 0x8001}], 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000ec0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f}}, 0x20)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80125, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x9, 0x71}, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xfffffffdffffffff, 0xffffffffffffffff, 0x2)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, 0xffffffffffffffff, 0x1}}, 0x18)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), r1)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x28, r3, 0x1, 0x80000, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xc0}]}]}, 0x28}}, 0x40000)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r4, 0x84, 0x8, &(0x7f0000000080)=0x8, 0x4)
r5 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xc}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xfffffffc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1000}]}]}]}}]}, 0x44}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.311655684s ago: executing program 4 (id=2455):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x485e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x50, 0x0, 0x0, 0xe}]})

1.203191074s ago: executing program 6 (id=2459):
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0xd80, 0x0)
r0 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100, 0x0, 0x16a}, &(0x7f0000000140), &(0x7f0000000100)=<r1=>0x0)
syz_io_uring_setup(0x801864, &(0x7f0000000580)={0x0, 0x6998, 0x0, 0x5, 0x3}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r0, 0x184c, 0x0, 0x0, 0x0, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$sock_int(r4, 0x1, 0x28, &(0x7f0000000040)=0x8004, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
recvmmsg(r4, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)=""/4096, 0x1000}}], 0x1, 0x0, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r5, &(0x7f0000001800)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r6=>0xffffffffffffffff}, 0x2}}, 0x20)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES32=r6], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='kfree\x00'}, 0x18)
socket$kcm(0x21, 0x2, 0x2)
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000200)={0x3, 0x1b, 0xfa00, {{0xa, 0xfffc, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @empty, 0xfffffffc}, r6, 0x6}}, 0x48)

1.097419895s ago: executing program 3 (id=2461):
mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0/file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
dup(r0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000400000001000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="101300000000008ddd8912c5a7c76300"/28], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000ff0f020005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
syz_emit_ethernet(0x1040, &(0x7f0000001040)={@multicast, @multicast, @val={@void, {0x8100, 0x1, 0x0, 0x4}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "491e08", 0x1006, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @echo_reply={0x81, 0x0, 0x0, 0x8, 0x6, "cce22a996d11f79f8a640c9340ba30751be7a3db1ab23e0bc7382d3724e4e32a71c020959e196fd1deae37d8bd98ce557c4c31f05f12a36d05c0ee5c87aa468ee78f6dbd21cb763538ded7ea89ebc48f171ff2c4c9cbada79b7dca98dee7946cbb4ad472937156289f57e5824dd8164f938e794934876b18c889d23037b74c6ff1f0244b1b1a7ffcddffafbffd084cb35d74fcccd381935400923f9c4e39eb628e861f238c757a8f970e2a43edc0083264b185e858b1ba2a63a606dbf909335e47e893d8ad3c49a0bddbf38ac3f5d9e6ef4497d45ba7133a02aa5104da94f5ab96337d8e32d6c14670b619f5870fa5b16e7147610342804a2320e9a1db0677e30f6d978f44afb51726980f69b85910a300a7a9f0480acb8cfa6ace50a00e9436f369c53263610ee3aee373802fdecff78cda37628b0d93f9916c46f1ec54367c05befc2dbf02a5338fbc8b83e4e72bdebd08186b3480a5b70637d7503eb515a0b5d330e0c05f5a98b710649d6b042f27a27ae6a39012a9ac3fd15af5e0ba44e700d60b893621d0e452ed445e63ba03ee30b19e5dac0db65fe2f61391827ba4d8d2f889c0238fbd90e5f73e2490963f9a77a26ea50a4fa41b11b1aa1b498daff68bb7e2ca3dafdb03f426d951ed5a6178e7c76374c98861c0140f646359b8ea21fbce7254c792cc62e91b20c6a29aebd7ac609394c65e0a0a022cce9b4c3d5974f215d41d90b0a1293a30193c7e0ab23547cbab87317ef5c5e53e72e7aefd5175884c11d138ab0dc6ec33f11da7c0a61411daf1d8787d783db717f19d1c784ffd194b496c628b4a2f6d64b123028298849501934857647bf285397d0046e92af7c1e8a2867c2b1f2f1b12cb180a6f2b318759af4a93ff6a21d1e54889814f2fa1e7c20f85bd00e4875b77aa188eae0fc13331c76a9cda8ed6a5414acb08a948eb7d9e6fbf282342ee3db9e09c7c460bbcf7c4bc528cd036580eaf8f1d0c2502fae54c15011761784473f733f7f45fdd428405011651a9c7a48cc756100839ca52690c127f8e49843ec0c4ce616ca66b4796f79a46d65be6ccf428b76e008efd795dcc831f0941eea2182d6fbc5b546fbd2577fd2dce4adb04cf410c1246b269f91ddaa458c37a1fb3a0d9c836dd88e341b91f216d794be50f713d37ccb29d6b3d488f6924af3ac3e8f3d10c79adc22abe6f60ac4cafe2d66e4f57058d2a7965a8f22c91d7f70c7ca18a94a23559568d2b9e6ad8eb9147b81a9aea636c279fa51e9b4c8c12aca1e21804456577685046bb7c1e259b9350fa76f4a168966cc42a157f2f5f876c410e1e9231c42eb3338806f49609a43fceda492615091f5292e7c18f28a57db2e669ee69734dfb223c4ca574cbf0a514c00db816ceed13b23846dd19908f3837228e1a91d025b9ca0b28fb04076abf8d44a86735d35550dd107e3d3f1fb8bed593ecccc3334d48044028741ccb718e6fae5d0053c248b8490b4bfb7507413bdda94dd02ba992f96da72a51c1814e6ee0253b33c2053c22eec7aadf0f2b73e9ff45aecf2b9104da669d74189ddc233082ba44c515c26d59b606361cd3447d3dfd510c119f68948497dcafac749db4c256edd161dffd7c5133abcb1578b03b10969e0ea44d8b070b2ccdb3b6f88c25048f25df9a2ff6e382f0b74e5f06c58b8727de7f67dba5c56a180549bf171377b7ebe733935810310b18dd2b49ee971d86d05ffef55bf22e148e7dc36e1b3e73387c1c083ad3b1fccf4a51dd33678450ada6f948692fc0e67bc1c2fa7a0fe0fa2c12c6f8335cdb9c2e6313f7a69973c793e2d033e6211570d297e8cd7602fc72448e0cecfa7c53505a6e073a0ec131cd88f0e7f2d0f786ba3c18264ecf01761e93e5a54eda9781b99a3337fa945dd401dcb86563fbf89066a9c85a0f40d7aa724a44e611a2f8e2ff05686317d1e421fb2d71715c5cf2847ec9ae26c45b94d1714c88d855dc52ab7bda3700d6cd8719f5783d75a1723aa83459d917ed8534991db45c7cad7fe18558baa8980afc4662b0d43e530ed26b3c6f90441a75bdbfb3123a6afe4ccfbfe132f0e37dae3beca8eb6fc36788bd28fb468b62a508c9b3c782aece887998dfbe5e55b3349b5ebba75120da5f340d8039296420900c59518c1fe3fda06f3c0a97565240ebd77aa96f67666d20e58b65210a4f62eb19eb3ca3180761bd1959fb2b35c2647eaa5c9fa779242af7fb566dca4e7296bbacafd9b1d7e149fd9f089ee4996c755e04675f91ae56b573c0dfabbd3b83a65c32fe9bc8948e2160cc98cf4ee144b947984e5f8f6847de30b2d5d6462b044591d8339d56af6bdbce71af1e3b3dc7d4f9223963d60c4ff6d6a88085e5a4e8816151984ed588d59d79a9637777ca222183f6fcb1a8821dfa0a4cd810e660be581db1a7d86992338f82182394d99525967a3749013df10f8b760feb385365cacc932a22d8a06b415d95c968bba44c79372ebb817aefd7184cdc2dc724e7c98a2267eb94ebe0ace145b9f9640363bb191c6ef0131fdd1447c17d084ae2d0016f5889abef8e2126534ea0b33d9b962c222d8d3508825a29e8675fb3744b293fc44027edc59b12e0f6403332cf086a9998c373ef13332a5e7ddb9166cec984605a2e70d814485abdc11caea71dbb47ec9e979d02cc72625b775e5447edae3f20782d86be9a4ad1d3f654cb2b2f2926a09a0b7f9f9a656adfa053ce9e6935d97855ee22c923b0816af1f544b040023e80d8207bf6af6c4fb2403a0175a1f4de21937d30c3cea723f2c7030cad44bb10ebc82270ee95c9d49703a5ebdf0ba813a2434c5ad6cb1a738a79e8e1536297b32e9dcaa360b23cce19a8b7fe070410effd269124b4ef1a98a43495fa5b0e4d7ca272232d6331f69cb5ea34538b65a173f4ff33922bb0c732177e450e4cc82b15c0e5ed06c598977991eabad75edc38e1228fc83657e8d00408f771e1f89333aa7ef2f8dc86a86ced32ba567540b30831cfb929d0cd41a0530d5c1e4bce716620d7a04606eb8283afc12ae102390c3ec5974f8ab1893f6f8a6abd3478ae4218e40285f7d7e35d42c4f6feee502199f977993655b72e794b3c4c289df2d73c4ece46eeb4f28a29b55fd71f65b5245bfe3dc22634537a917701ded3a0079a44f0d523dbdb157e235d0f6bd1f8b6e1838be714305afba48cec783f73d2169afe47e5da763d6e9439a126c2804f9162d8473c9cb0fe1c3bae87c4a4b62161627f7cdb121fa9882165979db59e3ee1d36cf5ad3bfb8fd4d43c9b88d0446d4d76203e36998a7a6adb2cedb842a3f554fa841c91e08d7818299d3902bbef80843f1980855b59bd83b7d2d8a71d55d49ea81c7afd34a15ae470718818ce777450da4416c34aeb2719e3ed1eb59acfda2795b142678f302af2f579a4aa030fcb953fd5a36be8c4dcbfb90b999973d11ce7edfa6c58a842ade49c7f7023bb3731201f290493105caa44cb62a3aaba28b904c1a0c1ae29755f8c06d2837320f4ce0dd2dfa3ebdb5ac33720ecf4d3783d28e8f54984104e50629ab0c9f53006c09c24e50baa2b8120b0fa9509f7cb199241707fd0d7c03bc999069245bb0b18b7c500d26417c714bd2bf5cca8fe3a04dfb89703565e9d6f8f4f6d56c8898a64b8aaec268e7ce0765e6b7e6a9d10328c752f4c581e33e17ae5e55036f6a078322a8548b691384a2eab31d8ca666b52ab73ed878850087eabec7e7173d26a7cdcb3502fadf5991d6f58cebd15670d3e0302caffb57bb70ac37e7d53c9ab1f3634dfde26efc1c7034d7c36ef8a8cf33595bee7297178b7c5fab0fb34a88910a291e4b2147b20a4eb4aa11e338c096ca3dd12ac71d3285bd34c392d78856cb6b106d873887627c1984e6f7b4a0f8a82449d02f6081a10a43a3a660b4c768f775e90acb5d62a0e2d8695462845f8f38eeb2ef410bdbddf824362d6d8df73e14544f3b68519adce9f1dafefbb232f47a4922b7e6de95cd1a1daee4910a68643a9dd0ea5e652dbf32c81784ba4ce91b3d8f55b5d6e8c6fb1759110d05a0f0a561650a55e8bca4ba0040e57b7537a8ad81c62f982bce721fecdd4fa2dc76c87522a1009cdd45007052c1b9d55749fd70b6f1f1a1b94239ca2a2d418fe2ca3fab1f0dd8371504120f4b250953de95980b76461d92934d9ab0b53a790c595608dc38fae2415422743f2fd131fb734b20680312ef865835a31f51dd98ca4868fa515223b1b516287b5eaeca5bf74521165a3215081e0ff093ab98f50c8786271c4b3348554699836ddbd7c8cff1725c5581029eb2fad94a2d19766d6c9422ac5c569164a225f1430e7c272929f0d1ba341168bff6cadbb47ba6e7cc8930f7cc2f6b2bac587fa8b40c9ffbc7d34b18131937b17211a368ddb9b5f037ad2dae5559886e4dfb5f78153971addf7b1c1caef1902212fe3e7cf0b9a22613fd7f1bee6bf45e3351abe828e4b39c6e29226229315868c2eefc164d8a665a29baaedc3ca686095d4d7c507bbb119821833847c96410be37d53b3bea85f54d52d367b8e1f4f202f968c5e72ea6be3558252c29e5fc6f9163a22129dcb774c70a9009d28a88470fc0ee148953050ca138d315a629cf6b254253ee65118026cf5af243cc71cbc85d955305f07efca01bcddcdff68ecfeb7e9c9433b930aae9583763dfa4bcd4e69b3bad0e1c20fc37582b178e776b7ce320cf45ccfd1e8594395becbcc85a010f8c892d8df36326f7b07cb380e598b4c78f758c87d02a5516d3af7e33ffef7c00bd9a7ced00db8e9c9e699c1fa20dd48277212d3c6b53f321a5d3fcd89a03ed05e4615e668007cda3940102e9314ed2d64d80fb388a8de60ed13b42ca3cca9d7be649ad4d5143fcbd3e61ae64fbc547e4155f1314651776c27aa93e98d9487ec575b89dbdf7d094963622de58af518f76c832818494694e939b850b01a2e26b1f1091f07f662a4d0a4670dfe743dffb3f4901729766b31d2f39f2c8b5efe5d4de790d7968e27720db5bd8aed0d9647d320e7b37f6438b3fa1ea94da36260f5b08d660ede8563d6fcaca8a22d72ac524d8097ab1f533cf305e14f0f56fe771bccf06d2846bf5686d245e954321edeeb4431484973d8e870ebffcbd0439a801e3e80fe4cc161b3df63cdfa390e09045708eaf609556373de4f50a0afdcebbfe5465f719572e8f69d01a4acfc4ce92de1555c5eb3c2a2b0baeb5602d31faa550ba0e8295f093fc871de1d6b4766add46024efe07ed161b1b09fcf4eb8f5cca454db62200ae9b39ae9914a1f5c55b47cad890e873f71aaeb182baaa23a1ea370b55edba29de79bd791cdb01b4a76d2ae44ad3e20f8e16bcf090a723f11fbc13fa56049c868dc31311d4a550cd2b008f43f683164e48a543687c6e2e2f4067b2de66702b77312f24fa39750a0fb0f41c226eec7c888207b50da226c55a840561a31c24a8e78f3b4838dbe196e816ab99a6ece2116ab0f98d759f3c7f50d91fa3a9a711e8779a87ac7b371a8dc99d0ac877ed6284a4187556b6275e64338345ad653c0bba4c6ea17733754d201189752a28e185353ce6444d050e0966378c9d2893dda1dee3792f9d51f36f3213ae27935a1839841f2dd0ce419df18144f8765a5956bfe96af4fde199b7a85690fb315a9ed7b4d75f4d19ff2cd03ee89ece6f5f24d0bd0236ea87127c5526cbad1cd33919e1937eb5525907a387fe16448ed437c860211d9f4cdf5ab9adcf08d2661b716bee7b53afaae2ea89e45f5e9f55f4490e197c4ba40c3085e80eb2910c77efb9425"}}}}}}, 0x0)

1.026253445s ago: executing program 3 (id=2462):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x485e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x50, 0x0, 0x0, 0xe}]})

1.026003155s ago: executing program 4 (id=2463):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x2c41, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', '', [], 0xa, "65ed9f941f9c7b058e4f0a55"}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0)
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x6, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$packet_add_memb(r1, 0x107, 0x1, 0x0, 0x0)

720.516697ms ago: executing program 7 (id=2466):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
getegid()

701.280946ms ago: executing program 4 (id=2467):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d40)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0x8, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'wg2\x00', <r3=>0x0})
sendto$packet(r1, &(0x7f0000000180)='7', 0x2, 0x0, &(0x7f0000000040)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @random="bf73a9e561c5"}, 0x14)

684.470976ms ago: executing program 7 (id=2468):
r0 = syz_io_uring_setup(0x10c, &(0x7f0000000680)={0x0, 0x83f4, 0x10, 0x1, 0xfffffffd}, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r3, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x18, 0x110, 0xd, {[@timestamp_addr={0x44, 0x4}]}}}], 0x38}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0xa, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r7=>r6, {0x6}}, './file0\x00'})
ioctl$SG_GET_COMMAND_Q(r7, 0x2270, &(0x7f0000000240))
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7ff, 0x1000})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

656.918667ms ago: executing program 3 (id=2469):
r0 = socket$packet(0x11, 0x3, 0x300)
socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00'})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000480)={0x1b, 0x0, 0x0, 0x40eb, 0x0, r5, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
stat(&(0x7f0000000040)='./file0\x00', &(0x7f00000006c0))
bind$packet(r0, &(0x7f0000000300)={0x11, 0x16, 0x0, 0x1, 0x5}, 0x14)

648.317887ms ago: executing program 4 (id=2470):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000340)=@framed={{}, [@printk={@li}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfdb}}, @TCA_CT_MARK={0x8, 0x10}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x10000000) (fail_nth: 3)

613.268847ms ago: executing program 7 (id=2471):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = fcntl$dupfd(r2, 0x0, r1)
accept4$packet(r3, 0x0, 0x0, 0x80800)

575.995037ms ago: executing program 4 (id=2472):
r0 = openat$ttyS3(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe)
ioctl$TCFLSH(r0, 0x540b, 0x2)
r1 = socket$kcm(0x11, 0x2, 0x300)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000580)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12t\x02\x006\xe3\xd7\\b\x00\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x01\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(\x04\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x02\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x04.\x9aL\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX\xf73\xa1\xa2\'\x00\x00\x00\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')

575.329747ms ago: executing program 3 (id=2473):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1000052, &(0x7f0000000240)=ANY=[], 0xfd, 0x120c, &(0x7f0000004500)="$eJzs3E9rXFUYB+A349Skqfmj1mq70ANuXF2aLFwJEiQFyYBSG6EVhFsz0SHXmZA7BEbE6sptP4drd4LfIBs/g7tsXHYhXum9jc3UadTFZESfZzH35Zzz49wzDAN3OGeO37r/+d5ume3mw2jNzUVrPyI9SJGiFSde3Wqut+9sbXQ6mzdTurFxa+3NlNLyaz9+9OV8RFz68PvlH+bjaPXj41/Wfz66cnT1+Ldbn/XK1CtTfzBMebo7GAzzu0U37fTKvSyl94tuXnZTr192D8b6d4vB/v4o5f2dpcX9g25Zprw/Snv384hBGh6MUv5p3uunLMvS0mLwVBf+esj2dw+qqoqoqgvxbFRVVV2MxbgUz8VSLMfXEfF8vBAvxuV4Ka7Ey/FKXK1HncftAwAAAAAAAAAAAAAAAAAAwP/H6fP/ETF2/n8lVp3/BwAAAAAAAAAAAAAAAAAAgHPwwe07WxudzubNlBYiim8Ptw+3m2vTv7EbvSiiG9djJX6N+vR/o6lvvNvZvJ5qq/FNce9R/t7h9jNN/uHLw/xa/XcCj/Ltuu8kv9bk03h+PhZPz78eK3F58vzrE/ML8cbrp/JZrMRPn8Qgitip536c/2otpXfe6zyRv1aPAwAAgP+CLP1h4vN7lj2tv8n/7d8H2vHE83U7rrVnu3YiytEXe3mr6B7URXFSLPypRXFGMT/e0prSXK04e8zctBbY/pe8z4rpFRdjvGXW30ych8cfg1nfCQAAAAAAAAAAAP/ElPcVtmPCzrK3Z7NUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5nB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMFQAA//8TZ8Qf")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0xe}, 0x18)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000300)={'ip_vti0\x00', &(0x7f0000000680)={'syztnl2\x00', <r3=>0x0, 0x10, 0x7800, 0x0, 0x3, {{0x48, 0x4, 0x0, 0x9, 0x120, 0x65, 0x0, 0x2, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x19}, @rand_addr=0x64010100, {[@ra={0x94, 0x4, 0x8}, @timestamp={0x44, 0x24, 0xea, 0x0, 0x1, [0x7, 0x6, 0x9, 0x5, 0x7, 0x400, 0x4, 0x80000000]}, @ra={0x94, 0x4}, @lsrr={0x83, 0x17, 0x23, [@rand_addr=0x64010100, @rand_addr=0x64010102, @multicast1, @empty, @dev={0xac, 0x14, 0x14, 0x23}]}, @cipso={0x86, 0x64, 0x3, [{0x6, 0x9, "79f0732495d63a"}, {0x6, 0xd, "69b89e6bcdbd403658dc7e"}, {0x1, 0x11, "9135204e4db03fa27e57dfda48e11a"}, {0x2, 0x8, "91818c6dd5f7"}, {0x1, 0x6, "c3aa40b4"}, {0x2, 0x2}, {0x4, 0xb, "3dce2438322b397369"}, {0x0, 0xc, "b5b747a03c9bb1d6f4df"}, {0x6, 0xd, "5a916418722af9609a585d"}, {0x6, 0x3, "d6"}]}, @timestamp_addr={0x44, 0x24, 0xf5, 0x1, 0xc, [{@dev={0xac, 0x14, 0x14, 0x17}, 0x608c}, {@loopback, 0xe}, {@dev={0xac, 0x14, 0x14, 0x21}, 0x8}, {@broadcast, 0x7}]}, @timestamp_addr={0x44, 0x2c, 0x4d, 0x1, 0x7, [{@rand_addr=0x64010100, 0x5}, {@multicast2, 0x4}, {@private=0xa010100, 0x200}, {@dev={0xac, 0x14, 0x14, 0x3f}, 0x6d3}, {@dev={0xac, 0x14, 0x14, 0x34}, 0xc9}]}, @ssrr={0x89, 0x13, 0xab, [@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @dev={0xac, 0x14, 0x14, 0x27}, @local]}, @noop]}}}}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f00000007c0)={'syztnl2\x00', &(0x7f00000004c0)={'erspan0\x00', r3, 0x40, 0x8000, 0x3, 0x5, {{0x2c, 0x4, 0x1, 0x22, 0xb0, 0x68, 0x0, 0x1, 0x29, 0x0, @multicast1, @multicast1, {[@lsrr={0x83, 0xf, 0x88, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast]}, @timestamp_addr={0x44, 0xc, 0xa, 0x1, 0xa, [{@loopback, 0x1ff}]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x14, 0x63, 0x1, 0x6, [{@private=0xa010100, 0xf}, {@multicast2, 0x7}]}, @timestamp_prespec={0x44, 0x2c, 0x34, 0x3, 0x5, [{@multicast2, 0xfff}, {@dev={0xac, 0x14, 0x14, 0x2b}, 0x3}, {@remote, 0x1}, {@multicast1, 0x8}, {@local, 0x6}]}, @timestamp={0x44, 0x8, 0x45, 0x0, 0x1, [0x74cf069c]}, @timestamp_addr={0x44, 0x34, 0xb1, 0x1, 0xa, [{@loopback, 0xff}, {@private=0xa010101, 0x5}, {@remote, 0x9}, {@remote, 0x80000001}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8}, {@remote}]}]}}}}})
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000000)='./file0\x00')
chroot(&(0x7f00000001c0)='./file0/../file0/../file0\x00')
umount2(&(0x7f0000000240)='./file0/../file0/../file0\x00', 0x3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r5}, 0x10)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r6, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xa0bf83d7d46f2cbb})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x40505330, &(0x7f00000000c0)={0x800000, 0x0, 0x0, 0x0, 0x0, 0x6})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r7, 0x541b, &(0x7f0000000000)={<r8=>0xffffffffffffffff, 0xffffffffffffff00})
sendmsg$tipc(r8, &(0x7f0000000480)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x1}}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000240)="23bee3e2095b653cd218060f1ee79f09347d717aa45d306405fd6a4e33ba9c2d9668abdc98bb56d1ceab868686e4dfaeb3fcb77a5b0484c00ad1f37176164e9552c2ee4626d70d0dc57ac8ede19511e32b67ad469bbcc5c7b3d4e5489ec297cd13d7edbdbf3a903ec15d44eb058ac41b944f70089096674cf02231f29f1d532ac53fdca6f535b1cf3a40a5668af228d17f711fbdee7ec0991386622976a98e635b538f955ea2a5eb17ed801450e9a819650e091402", 0xb5}, {&(0x7f0000000300)}, {&(0x7f0000000340)="a1425eb692a3c3890bc2ec1ca704988e35c559800efc4912ea42810f32b6fff40d8de88a1cf3fc353eb23474299290bfe58fbf5df0fafdbb8ebbb3fa1aa1f0b240e1585a902e42a4f3d166c657db12a8f41e1eacd7273f2b271e7d460a0bd48d12d751fbff05abdb13ec3e7a3a9883cf3d68371d1a9d242e491fff94e00f3ea5d7a2cbbd835f1227f2f46913b761b4cdfe8f7ba0402ffdb4389ad2873b80f2f6b13d83df", 0xa4}], 0x3, &(0x7f0000000440)="5292e52dd5", 0x5, 0x14}, 0x4008890)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x1e, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x0, 0x0, 0x4e20, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x6, 0x0, 0x0, 0x5, 0xffffffffffffffff, 0x1}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)
mq_notify(0xffffffffffffffff, 0xfffffffffffffffe)
close_range(r8, 0xffffffffffffffff, 0x0)

574.749227ms ago: executing program 0 (id=2474):
mknodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0/file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
dup(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000ff0f020005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x10)
syz_emit_ethernet(0x1040, &(0x7f0000001040)={@multicast, @multicast, @val={@void, {0x8100, 0x1, 0x0, 0x4}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "491e08", 0x1006, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @echo_reply={0x81, 0x0, 0x0, 0x8, 0x6, "cce22a996d11f79f8a640c9340ba30751be7a3db1ab23e0bc7382d3724e4e32a71c020959e196fd1deae37d8bd98ce557c4c31f05f12a36d05c0ee5c87aa468ee78f6dbd21cb763538ded7ea89ebc48f171ff2c4c9cbada79b7dca98dee7946cbb4ad472937156289f57e5824dd8164f938e794934876b18c889d23037b74c6ff1f0244b1b1a7ffcddffafbffd084cb35d74fcccd381935400923f9c4e39eb628e861f238c757a8f970e2a43edc0083264b185e858b1ba2a63a606dbf909335e47e893d8ad3c49a0bddbf38ac3f5d9e6ef4497d45ba7133a02aa5104da94f5ab96337d8e32d6c14670b619f5870fa5b16e7147610342804a2320e9a1db0677e30f6d978f44afb51726980f69b85910a300a7a9f0480acb8cfa6ace50a00e9436f369c53263610ee3aee373802fdecff78cda37628b0d93f9916c46f1ec54367c05befc2dbf02a5338fbc8b83e4e72bdebd08186b3480a5b70637d7503eb515a0b5d330e0c05f5a98b710649d6b042f27a27ae6a39012a9ac3fd15af5e0ba44e700d60b893621d0e452ed445e63ba03ee30b19e5dac0db65fe2f61391827ba4d8d2f889c0238fbd90e5f73e2490963f9a77a26ea50a4fa41b11b1aa1b498daff68bb7e2ca3dafdb03f426d951ed5a6178e7c76374c98861c0140f646359b8ea21fbce7254c792cc62e91b20c6a29aebd7ac609394c65e0a0a022cce9b4c3d5974f215d41d90b0a1293a30193c7e0ab23547cbab87317ef5c5e53e72e7aefd5175884c11d138ab0dc6ec33f11da7c0a61411daf1d8787d783db717f19d1c784ffd194b496c628b4a2f6d64b123028298849501934857647bf285397d0046e92af7c1e8a2867c2b1f2f1b12cb180a6f2b318759af4a93ff6a21d1e54889814f2fa1e7c20f85bd00e4875b77aa188eae0fc13331c76a9cda8ed6a5414acb08a948eb7d9e6fbf282342ee3db9e09c7c460bbcf7c4bc528cd036580eaf8f1d0c2502fae54c15011761784473f733f7f45fdd428405011651a9c7a48cc756100839ca52690c127f8e49843ec0c4ce616ca66b4796f79a46d65be6ccf428b76e008efd795dcc831f0941eea2182d6fbc5b546fbd2577fd2dce4adb04cf410c1246b269f91ddaa458c37a1fb3a0d9c836dd88e341b91f216d794be50f713d37ccb29d6b3d488f6924af3ac3e8f3d10c79adc22abe6f60ac4cafe2d66e4f57058d2a7965a8f22c91d7f70c7ca18a94a23559568d2b9e6ad8eb9147b81a9aea636c279fa51e9b4c8c12aca1e21804456577685046bb7c1e259b9350fa76f4a168966cc42a157f2f5f876c410e1e9231c42eb3338806f49609a43fceda492615091f5292e7c18f28a57db2e669ee69734dfb223c4ca574cbf0a514c00db816ceed13b23846dd19908f3837228e1a91d025b9ca0b28fb04076abf8d44a86735d35550dd107e3d3f1fb8bed593ecccc3334d48044028741ccb718e6fae5d0053c248b8490b4bfb7507413bdda94dd02ba992f96da72a51c1814e6ee0253b33c2053c22eec7aadf0f2b73e9ff45aecf2b9104da669d74189ddc233082ba44c515c26d59b606361cd3447d3dfd510c119f68948497dcafac749db4c256edd161dffd7c5133abcb1578b03b10969e0ea44d8b070b2ccdb3b6f88c25048f25df9a2ff6e382f0b74e5f06c58b8727de7f67dba5c56a180549bf171377b7ebe733935810310b18dd2b49ee971d86d05ffef55bf22e148e7dc36e1b3e73387c1c083ad3b1fccf4a51dd33678450ada6f948692fc0e67bc1c2fa7a0fe0fa2c12c6f8335cdb9c2e6313f7a69973c793e2d033e6211570d297e8cd7602fc72448e0cecfa7c53505a6e073a0ec131cd88f0e7f2d0f786ba3c18264ecf01761e93e5a54eda9781b99a3337fa945dd401dcb86563fbf89066a9c85a0f40d7aa724a44e611a2f8e2ff05686317d1e421fb2d71715c5cf2847ec9ae26c45b94d1714c88d855dc52ab7bda3700d6cd8719f5783d75a1723aa83459d917ed8534991db45c7cad7fe18558baa8980afc4662b0d43e530ed26b3c6f90441a75bdbfb3123a6afe4ccfbfe132f0e37dae3beca8eb6fc36788bd28fb468b62a508c9b3c782aece887998dfbe5e55b3349b5ebba75120da5f340d8039296420900c59518c1fe3fda06f3c0a97565240ebd77aa96f67666d20e58b65210a4f62eb19eb3ca3180761bd1959fb2b35c2647eaa5c9fa779242af7fb566dca4e7296bbacafd9b1d7e149fd9f089ee4996c755e04675f91ae56b573c0dfabbd3b83a65c32fe9bc8948e2160cc98cf4ee144b947984e5f8f6847de30b2d5d6462b044591d8339d56af6bdbce71af1e3b3dc7d4f9223963d60c4ff6d6a88085e5a4e8816151984ed588d59d79a9637777ca222183f6fcb1a8821dfa0a4cd810e660be581db1a7d86992338f82182394d99525967a3749013df10f8b760feb385365cacc932a22d8a06b415d95c968bba44c79372ebb817aefd7184cdc2dc724e7c98a2267eb94ebe0ace145b9f9640363bb191c6ef0131fdd1447c17d084ae2d0016f5889abef8e2126534ea0b33d9b962c222d8d3508825a29e8675fb3744b293fc44027edc59b12e0f6403332cf086a9998c373ef13332a5e7ddb9166cec984605a2e70d814485abdc11caea71dbb47ec9e979d02cc72625b775e5447edae3f20782d86be9a4ad1d3f654cb2b2f2926a09a0b7f9f9a656adfa053ce9e6935d97855ee22c923b0816af1f544b040023e80d8207bf6af6c4fb2403a0175a1f4de21937d30c3cea723f2c7030cad44bb10ebc82270ee95c9d49703a5ebdf0ba813a2434c5ad6cb1a738a79e8e1536297b32e9dcaa360b23cce19a8b7fe070410effd269124b4ef1a98a43495fa5b0e4d7ca272232d6331f69cb5ea34538b65a173f4ff33922bb0c732177e450e4cc82b15c0e5ed06c598977991eabad75edc38e1228fc83657e8d00408f771e1f89333aa7ef2f8dc86a86ced32ba567540b30831cfb929d0cd41a0530d5c1e4bce716620d7a04606eb8283afc12ae102390c3ec5974f8ab1893f6f8a6abd3478ae4218e40285f7d7e35d42c4f6feee502199f977993655b72e794b3c4c289df2d73c4ece46eeb4f28a29b55fd71f65b5245bfe3dc22634537a917701ded3a0079a44f0d523dbdb157e235d0f6bd1f8b6e1838be714305afba48cec783f73d2169afe47e5da763d6e9439a126c2804f9162d8473c9cb0fe1c3bae87c4a4b62161627f7cdb121fa9882165979db59e3ee1d36cf5ad3bfb8fd4d43c9b88d0446d4d76203e36998a7a6adb2cedb842a3f554fa841c91e08d7818299d3902bbef80843f1980855b59bd83b7d2d8a71d55d49ea81c7afd34a15ae470718818ce777450da4416c34aeb2719e3ed1eb59acfda2795b142678f302af2f579a4aa030fcb953fd5a36be8c4dcbfb90b999973d11ce7edfa6c58a842ade49c7f7023bb3731201f290493105caa44cb62a3aaba28b904c1a0c1ae29755f8c06d2837320f4ce0dd2dfa3ebdb5ac33720ecf4d3783d28e8f54984104e50629ab0c9f53006c09c24e50baa2b8120b0fa9509f7cb199241707fd0d7c03bc999069245bb0b18b7c500d26417c714bd2bf5cca8fe3a04dfb89703565e9d6f8f4f6d56c8898a64b8aaec268e7ce0765e6b7e6a9d10328c752f4c581e33e17ae5e55036f6a078322a8548b691384a2eab31d8ca666b52ab73ed878850087eabec7e7173d26a7cdcb3502fadf5991d6f58cebd15670d3e0302caffb57bb70ac37e7d53c9ab1f3634dfde26efc1c7034d7c36ef8a8cf33595bee7297178b7c5fab0fb34a88910a291e4b2147b20a4eb4aa11e338c096ca3dd12ac71d3285bd34c392d78856cb6b106d873887627c1984e6f7b4a0f8a82449d02f6081a10a43a3a660b4c768f775e90acb5d62a0e2d8695462845f8f38eeb2ef410bdbddf824362d6d8df73e14544f3b68519adce9f1dafefbb232f47a4922b7e6de95cd1a1daee4910a68643a9dd0ea5e652dbf32c81784ba4ce91b3d8f55b5d6e8c6fb1759110d05a0f0a561650a55e8bca4ba0040e57b7537a8ad81c62f982bce721fecdd4fa2dc76c87522a1009cdd45007052c1b9d55749fd70b6f1f1a1b94239ca2a2d418fe2ca3fab1f0dd8371504120f4b250953de95980b76461d92934d9ab0b53a790c595608dc38fae2415422743f2fd131fb734b20680312ef865835a31f51dd98ca4868fa515223b1b516287b5eaeca5bf74521165a3215081e0ff093ab98f50c8786271c4b3348554699836ddbd7c8cff1725c5581029eb2fad94a2d19766d6c9422ac5c569164a225f1430e7c272929f0d1ba341168bff6cadbb47ba6e7cc8930f7cc2f6b2bac587fa8b40c9ffbc7d34b18131937b17211a368ddb9b5f037ad2dae5559886e4dfb5f78153971addf7b1c1caef1902212fe3e7cf0b9a22613fd7f1bee6bf45e3351abe828e4b39c6e29226229315868c2eefc164d8a665a29baaedc3ca686095d4d7c507bbb119821833847c96410be37d53b3bea85f54d52d367b8e1f4f202f968c5e72ea6be3558252c29e5fc6f9163a22129dcb774c70a9009d28a88470fc0ee148953050ca138d315a629cf6b254253ee65118026cf5af243cc71cbc85d955305f07efca01bcddcdff68ecfeb7e9c9433b930aae9583763dfa4bcd4e69b3bad0e1c20fc37582b178e776b7ce320cf45ccfd1e8594395becbcc85a010f8c892d8df36326f7b07cb380e598b4c78f758c87d02a5516d3af7e33ffef7c00bd9a7ced00db8e9c9e699c1fa20dd48277212d3c6b53f321a5d3fcd89a03ed05e4615e668007cda3940102e9314ed2d64d80fb388a8de60ed13b42ca3cca9d7be649ad4d5143fcbd3e61ae64fbc547e4155f1314651776c27aa93e98d9487ec575b89dbdf7d094963622de58af518f76c832818494694e939b850b01a2e26b1f1091f07f662a4d0a4670dfe743dffb3f4901729766b31d2f39f2c8b5efe5d4de790d7968e27720db5bd8aed0d9647d320e7b37f6438b3fa1ea94da36260f5b08d660ede8563d6fcaca8a22d72ac524d8097ab1f533cf305e14f0f56fe771bccf06d2846bf5686d245e954321edeeb4431484973d8e870ebffcbd0439a801e3e80fe4cc161b3df63cdfa390e09045708eaf609556373de4f50a0afdcebbfe5465f719572e8f69d01a4acfc4ce92de1555c5eb3c2a2b0baeb5602d31faa550ba0e8295f093fc871de1d6b4766add46024efe07ed161b1b09fcf4eb8f5cca454db62200ae9b39ae9914a1f5c55b47cad890e873f71aaeb182baaa23a1ea370b55edba29de79bd791cdb01b4a76d2ae44ad3e20f8e16bcf090a723f11fbc13fa56049c868dc31311d4a550cd2b008f43f683164e48a543687c6e2e2f4067b2de66702b77312f24fa39750a0fb0f41c226eec7c888207b50da226c55a840561a31c24a8e78f3b4838dbe196e816ab99a6ece2116ab0f98d759f3c7f50d91fa3a9a711e8779a87ac7b371a8dc99d0ac877ed6284a4187556b6275e64338345ad653c0bba4c6ea17733754d201189752a28e185353ce6444d050e0966378c9d2893dda1dee3792f9d51f36f3213ae27935a1839841f2dd0ce419df18144f8765a5956bfe96af4fde199b7a85690fb315a9ed7b4d75f4d19ff2cd03ee89ece6f5f24d0bd0236ea87127c5526cbad1cd33919e1937eb5525907a387fe16448ed437c860211d9f4cdf5ab9adcf08d2661b716bee7b53afaae2ea89e45f5e9f55f4490e197c4ba40c3085e80eb2910c77efb9425"}}}}}}, 0x0)

570.047657ms ago: executing program 4 (id=2475):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x20000000, 0x4000000000003, 0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x7667, &(0x7f0000000100)={0x0, 0x0, 0x13580}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x40, 0x1, r4, 0x0, 0x0, 0x0, 0x20, 0x1, {0x3}})
connect$vsock_stream(r4, &(0x7f0000000000), 0x10)
io_uring_enter(r1, 0x6256, 0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000280)}], 0x1}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x1}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'team_slave_0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r9, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfd, 0x2ffffffff}, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r9, 0x8933, &(0x7f0000000300)={'team0\x00', <r10=>0x0})
r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ppoll(&(0x7f0000000080)=[{r11}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCPKT(r11, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r11, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r12 = syz_open_pts(r11, 0x0)
ioctl$TIOCSTI(r12, 0x5412, &(0x7f0000000280)=0x3)
r13 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r13, @ANYBLOB="0100ffffffff000000000100000008000100", @ANYRES32=r10, @ANYBLOB="b00002803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r8], 0xcc}, 0x1, 0xf000}, 0x0)

540.015677ms ago: executing program 7 (id=2476):
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x271c, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002) (fail_nth: 7)

538.195657ms ago: executing program 0 (id=2477):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$unix(r0, &(0x7f0000000600)=@file={0x1, './file0\x00'}, 0x6e)
r2 = fsopen(&(0x7f0000000000)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000300)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000180)='%pB    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000340)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYRES8=r1, @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c40)='sys_enter\x00', r5}, 0x10)
rename(0x0, 0x0)
r6 = fsmount(r2, 0x0, 0x0)
r7 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
sendmmsg(r7, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmsg$unix(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/210, 0xd2}], 0x1}, 0x121)
bind$tipc(r7, 0x0, 0x0)
statx(r6, 0x0, 0x1000, 0x40, &(0x7f0000000180))
write$binfmt_elf32(r6, &(0x7f0000000200)=ANY=[], 0xffffffffffffff89)
recvmsg$unix(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x10040)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='id_resolver\x00', 0x0, &(0x7f0000000380)="1c0405abae81709ae40d3d59", 0xc, r8)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000c00)=@mangle={'mangle\x00', 0xc061, 0x6, 0x5c0, 0xd0, 0x420, 0x420, 0xd0, 0x420, 0x4f0, 0x4f0, 0x4f0, 0x4f0, 0x4f0, 0x6, 0x0, {[{{@ipv6={@private1, @private1, [], [], 'ip_vti0\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x3a010000}}, @HL={0x28}}, {{@ipv6={@private1, @remote, [], [], 'pim6reg1\x00', 'hsr0\x00'}, 0x0, 0x118, 0x148, 0x0, {}, [@common=@hbh={{0x48}, {0x0, 0x0, 0xa31be25524e8eba3}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@SET2={0x30}}, {{@ipv6={@mcast2, @mcast2, [], [], 'pimreg0\x00', 'lo\x00'}, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@private, @ipv6=@dev}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, [], [], 'team0\x00', 'ip6gretap0\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4, 'vlan0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@TOS={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x620)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000058000000060a010400000000000000000100000008000b4000000000300004802c000180090001007866726d000000001c0002800500030006000000080001400000000008000240000000050900010073797a300000"], 0xcc}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18)
mq_unlink(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00"/20, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000500000004000000000000006755263fd26d715824d78291165f00000000000000000000f70014cefb61a04adac45c9eca0911be136e88a88368734e4e1728490db5e01fbee54d180b57a40b9619ab7f1c6d497eceb527dd8819160b0b0212b47d98183ecda70d5be556e4009601d129a42f48c385e250cebfe2bb8d0a43c177656e142d10815302204384f3752a91072b2e48f6101ef1f4e20000000000003f493830bc058246d11507507535cf5827d824f123eab997174b2bfc220fce3dedcf64e2b4b0474325f1bd92ae56743fe88f771b618e35f5fbf0bcba955da633874b68"], 0x50)
flock(0xffffffffffffffff, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

220.044159ms ago: executing program 6 (id=2478):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x2c41, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', '', [], 0xa, "65ed9f941f9c7b058e4f0a55"}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0)
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x6, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$packet_add_memb(r1, 0x107, 0x1, 0x0, 0x0)

219.525679ms ago: executing program 7 (id=2479):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
getegid()

218.828339ms ago: executing program 3 (id=2480):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000027c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000078000000030a01010000000000000000010000000900030073797a310000000028000480080002400000000008000140000000051400030076657468315f746f5f626174616476000900010073797a300000000008000a4000000002"], 0xc0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) (async)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000380)={0x7}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000380)={0x7, <r6=>0x0}, 0x8)
r7 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000880)=@o_path={&(0x7f0000000440)='./mnt\x00', 0x0, 0x0, r1}, 0x18)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000008c0)={r1, <r8=>0xffffffffffffffff}, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000900)={r1}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000900)={r1, <r9=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x16, 0x4, &(0x7f0000000ac0)=ANY=[@ANYBLOB="00a9a009a200efffff0600000085000000000000ee00007c42ee3f626c61df7e1fdda13e470c2c000000000100000069a2e0e070d1121783cec6e8c692701db423f4a0ec269d9dcc548f4fb7f67441a95aa570fb7a3eddbbd5c6b581abeb285c9ed9a5b7bc7398439eed05cf0e3924d605b0fd0fe011949f386b101024b5f95c8ea587c94ca660de65d55789dc80417072b70ae9bedfea97a73f896742f253b0fbe2e4c2bce216f1342d78c33e5bdf042f468d2371cda1f79c1f2c23a5de504413e9a74d515dbba33fa2cfe7df3cab6288161ccc7785f447958942341297376c9f76e3911fedeab597cd5ae8c25f37e245735c2a0f2ed36fef2e7794f108d95583319dcf73d462741765880dc2b9236bca0746b8495068f5"], &(0x7f0000000100)='GPL\x00', 0x8, 0x2d, &(0x7f0000000140)=""/45, 0x41100, 0x4, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000300)={0x0, 0xd, 0x0, 0x5}, 0x10, r6, r3, 0x5, &(0x7f0000000940)=[r1, r1, r1, r7, r8, r9, r1], &(0x7f0000000980)=[{0x5, 0x5, 0xa, 0xc}, {0x2, 0x5, 0xe, 0x4}, {0x3, 0x3, 0x4, 0x6}, {0x0, 0x2, 0x6, 0x1}, {0x3, 0x1, 0x0, 0x2}], 0x10, 0x3, @void, @value}, 0x94)
ioctl$TIOCGPGRP(r5, 0x540f, &(0x7f00000000c0)) (async)
ioctl$TIOCGPGRP(r5, 0x540f, &(0x7f00000000c0))
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000040)={[{@nobh}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r10 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r10, 0xc0c0583b, 0x0) (async)
ioctl$FS_IOC_GETFSMAP(r10, 0xc0c0583b, 0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000000400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

187.016349ms ago: executing program 7 (id=2481):
sched_setscheduler(0x0, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x485e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000180)={0x2, &(0x7f0000000000)=[{0x50, 0x0, 0x0, 0xe}, {0x6, 0x0, 0x0, 0x8}]})

139.828209ms ago: executing program 0 (id=2482):
r0 = syz_io_uring_setup(0x10c, &(0x7f0000000680)={0x0, 0x83f4, 0x10, 0x1, 0xfffffffd}, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r3, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x18, 0x110, 0xd, {[@timestamp_addr={0x44, 0x4}]}}}], 0x38}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0xa, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000200)={{0x1, 0x1, 0x18, r6, {0x6}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_STATX={0x15, 0xa, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x7ff, 0x1000})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

68.35424ms ago: executing program 3 (id=2483):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2010480, &(0x7f00000001c0), 0x45, 0x775, &(0x7f0000001cc0)="$eJzs3d9rW2UfAPDvSdt17fa+7Qsv6LwqCFoYS+2sm4IXEy9EcDDQa7eQZmU2bUaTjrUU3BDBG0HFC0Fvdu2PeeetP271v1CQjandcOKFVE6atOmadGltEqGfD5z2+5xzkud8c87znCc5hySAA2ss/ZOJOBYR7yURI7X5SUQMVKP+iDPr691fXcmnUxJra6/+mlTXube6ko+Gx6SO1AqPRsS3b0ccz2yvt7y0PJsrFgsLtfJEZe7yRHlp+cSludxMYaYwf2pyaurk6WdOn9q/XH//Yfno7fdfevKLM3++9cjNd79L4kwcrS1rzGO/jMVY7TUZSF/CLV7c78p6LOn1BrAnadPsW2/lcSxGoq8atTDUzS0DADrlzYhYAwAOmMT5HwAOmPrnAPdWV/L1qbefSHTXnRci4vB6/vXrm+tL+mvX7A5Xr4MO30u2XBlJImJ0H+ofi4hPvnr9s3SKDl2HBGjm2vWIuDA6tr3/T7bds7BbT7WxztgDZf0fdM/X6fjn2Wbjv8zG+CeajH8Gm7TdvXh4+8/c2odqWkrHf8833Nt2vyH/mtG+Wuk/1THfQHLxUrGQ9m3/jYjxGBhMy5M71DF+96+7W2YMbIaN47/fPnjj07T+9P/mGplb/YNbn286V8n907zr7lyPeKy/Wf7Jxv5PWox/z7VZx8vPvfNxq2Vp/mm+9Wl7/p21diPiiab7f/OOtmTH+xMnqofDRP2gaOLLHz8ablV/4/5Pp7T++nuBbkj3//DO+Y8mjfdrlndfx/c3Rr5ptezh+Tc//g8lr1XjQ7V5V3OVysJkxKHkle3zT24+tl6ur5/mP/548/a/0/GfNuELbebff/uXz/eef2el+U/vav+3F/xUe3A65+b92b5W9be3/6eq0XhtTjv9X7tbutfXDQAAAAAAAAAAAAAAAAAAAAAAAAB2IxMRRyPJZDfiTCabXf8N7//HcKZYKleOXywtzk9H9beyR2MgU/+qy5GG70OdrH0ffr188oHy0xHxv4j4cHCoWs7mS8XpXicPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADVHWvz+f+rnwV5vHQDQMYd7vQEAQNc5/wPAwbO78/9Qx7YDAOge7/8B4OBx/geAg8f5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA47d/ZsOq39sbqST8vTV5YWZ0tXTkwXyrPZucV8Nl9auJydKZVmioVsvjTX8omurf8rlkqXp2J+8epEpVCuTJSXls/PlRbnK+cvzeVmCucLA13LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADaV15ans0Vi4UFgUAg2Agae4mh3nVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9yfwcAAP//8p8oTQ==")
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/address_bits', 0x8001, 0x0)
getdents(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1400c, &(0x7f0000000840)={[{@stripe={'stripe', 0x3d, 0x3d}}, {@init_itable}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x44c, &(0x7f0000000340)="$eJzs28tvG1UXAPAzdpx++dKSUMqr5REoiIpH0qQFumABCCQWRUKCBSyjJK1C3QQ1QaJVJFIWZYUQEnvEkn+BFWwQYoXEFvaoUoWyoWVlNPZMYru2m6R2XOrfT5r23Hnk3uOZa9+ZawcwsCbSf5KI/RHxe0SM1YqNO0zU/ru+sTZ3Y2NtLolK5d2/kup+f2+szeW75seN1hciiSMt6l25eOncbLm8cCErT62e/2hq5eKlFxbPz55dOLuwNHPq1MkT0y+/NPNiV/IcjUIWvfXBV2+f/qIh/6Y8umSi08anK5UuV9dfB+riZKiPDWFHihGRnq5Stf+PRTG2Tt5YvPlZXxsH9FSlUqmMtt+8XgHuYkk0lnV5GBT5B316/5svzYOAV3s3/Oi7a6/VboDSvK9nS23L0OYTg1LT/W03TUTE++v/fJMu0ZvnEAAADX5Ixz/Pp6Od5vFfIR6o2++ebG5oPCLujYiDEXFfLMWhiLg/orrvgxHx0A7rb54kuXn8U7i6q8S2KR3/vZLNbTWO//LRX4wXs9KBav6l5MxieeF49poci9K+tDzdoY4f3/jty3bb6sd/6ZLWn48Fs3ZcHdrXeMz87Ors7eRc79rliMNDrfJPNmcCkoh4OCIO77KOxWe/e6Tdtlvn30EX5pkq30Y8Uzv/69GUfy7pPD859b8oLxyfyq+Km/3y65V32tV/W/l3QXr+/9/y+t/Mfzypn69d2XkdV/74vO09zW6v/+HkvWo8nK37ZHZ19cJ0xHByutbo+vUzW8fm5Xz/NP9jR1v3/4Ox9UociYj0In40Ih6LiMeztj8REU9GxNEO+f/8+lMfNq8b2Xb+vZXmP7+j878VDEfzmtZB8dxP3zdUOr4VZvnf6Hz+T1ajY9ma7bz/baddu7uaAQAA4L+nEBH7IylMbsaFwuRk7Tv8hyIK5eWV1efOLH+8NF/7jcB4lAr5k66xuueh09ltfa18OSJqXy3It5+IQvW58dfFkWp5cm65PN/v5GHAjbbp/6k/i/1uHdBzfq8Fg0v/h8Gl/8Pg2ln/39ezdgB7r0X/H+lHO4C91+rz/9M+tAPYe03937QfDBDP/2Bw6f8wuPR/GEgrI3HrH8l3DPK/tMvD79ogSndEM3oWROGOaIagR0F/35cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65d8AAAD//9S+3I8=")
r4 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r5, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c00)={0x18, 0x38, &(0x7f0000000980)=@raw=[@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x200}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9e2}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x10}, @map_val={0x18, 0x8, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0xc}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}], &(0x7f0000000000)='syzkaller\x00', 0x7be5faad, 0x20, &(0x7f0000000080)=""/32, 0x41100, 0x6a, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000140)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x4, 0x0, 0x6, 0x1}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000000280)=[r2, r2, r1], &(0x7f0000000b40)=[{0x1, 0x3, 0xd, 0xa}, {0x2, 0x4, 0xd, 0x6}, {0x2, 0x3, 0x5}, {0x1, 0x5, 0x8, 0x7}, {0x5, 0x5, 0xf, 0xc}, {0x1, 0x1, 0x3, 0x2}, {0x0, 0x3, 0x0, 0x5}, {0x0, 0x1, 0xa, 0x5}, {0x4, 0x4, 0xf, 0x5}], 0x10, 0x5, @void, @value}, 0x94)
ioctl$F2FS_IOC_GET_COMPRESS_OPTION(r6, 0x8002f515, &(0x7f00000002c0))
setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f0000000940)={{}, {0x1, 0x2}, [], {0x4, 0x1}, [], {0x10, 0x4}, {0x20, 0x6}}, 0x24, 0x2)
sendfile(r3, r3, 0x0, 0x80000000)

44.40623ms ago: executing program 0 (id=2484):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000050000001e0001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000f1ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getrlimit(0x9, &(0x7f0000000080))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="001a0000000000000000000000000000000000004824cdeb726d041cd5e5c93ec7fae54a51507f5f398f809dcc42eb3d5b36993702e3dd53cdd95cfe29aa0af161b490ff3fe8eb7572791fb4c9058da72a99188f412a877008fd2995f8ba31fbd7a06d6d730e3d72e42b65ae08d05c70c73db0adef6526d0180ba1795bba6ee2459481d06144b4275c675d9ff2ddedfdf6960a661b1f5bf1893292e57d5587ccf904bfc356673b816d50831ab975f997eeeb5e75998735599a3fb27814241de33148f9ad955de1e68a95d7de73a865b07b83152caf15a4080d3bab9f9a0991f8d0e5cd7b16b850cc8add5d9e8628d86b425cb67cfe2099c6e86c566fe733a21e4613e44b6c8dfd4fc25314edb97343acbce0491e9c8c64506ddf7aeb67059833c36e2ed5a210d88a3c2f593b52f67e9ed715effb821078c6725c7c0878dbd4e68cc15273167a9e497a01754efe69870fe3e699f5a5af12ca001fb4efcb222edfe386e32304fab0204459f688b7e6ddb598", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000480), &(0x7f0000000040)='%pS    \x00'}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000002280)='asymmetric\x00', &(0x7f0000002200)={'syz', 0x2}, &(0x7f0000002240)='vfat\x00', 0xffffffffffffffff)
syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002}, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000980)={r5}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x18, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000080007b8af8ff00000000b7080000800000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r9 = socket$caif_stream(0x25, 0x1, 0x0)
sendmmsg$inet(r9, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000000)="92", 0x1}], 0x1}}], 0x2, 0x0)

34.40332ms ago: executing program 6 (id=2485):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
semop(0x0, &(0x7f0000000240)=[{0x0, 0x8001}], 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000ec0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
perf_event_open(0x0, 0x0, 0xfffffffdffffffff, 0xffffffffffffffff, 0x2)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r3, 0x1}}, 0x18)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000100), r1)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x28, r4, 0x1, 0x80000, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xc0}]}]}, 0x28}}, 0x40000)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r5, 0x84, 0x8, &(0x7f0000000080)=0x8, 0x4)
r6 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xc}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xfffffffc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1000}]}]}]}}]}, 0x44}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)

0s ago: executing program 6 (id=2486):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="070000000400000000070000000700002c000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00170300"/25], 0x48)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00'})
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="000000a0393808dfbc238db90700000000e7ffffffffffffff0000000000182781c342cb2db848ef901d105c2ec47998154272e25447a9db1096e5b68ae7db352c42632378e84aabeba54204f7bbb4cdc5b9b67a5a3c4bb604cc85184299b73cc265a7", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000540)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, @loopback={0xff00000000000000}, 0x0, 0x10}})
sendfile(0xffffffffffffffff, r3, 0x0, 0x3ffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x6f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = socket$packet(0x11, 0x3, 0x300)
unshare(0x2c040400)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYRES8=r8], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r9}, 0x10)
setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
setsockopt$packet_rx_ring(r7, 0x107, 0x5, &(0x7f0000000100)=@req3={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x861}, 0x1c)
setresuid(0x0, 0x0, 0xee00)

kernel console output (not intermixed with test programs):

a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.491959][ T8486] syz.3.1696[8486] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  128.521632][ T3330] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.569547][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.589007][ T8493] IPVS: Error joining to the multicast group
[  128.685746][   T29] kauditd_printk_skb: 469 callbacks suppressed
[  128.685766][   T29] audit: type=1326 audit(1732728032.098:8597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8502 comm="syz.4.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  128.695698][ T8501] loop6: detected capacity change from 0 to 2048
[  128.726257][   T29] audit: type=1326 audit(1732728032.098:8598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8502 comm="syz.4.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  128.749811][   T29] audit: type=1326 audit(1732728032.138:8599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8502 comm="syz.4.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  128.773238][   T29] audit: type=1326 audit(1732728032.138:8600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8502 comm="syz.4.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  128.796761][   T29] audit: type=1326 audit(1732728032.138:8601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8502 comm="syz.4.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  128.820397][   T29] audit: type=1326 audit(1732728032.138:8602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8502 comm="syz.4.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  128.837800][ T8503] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1702'.
[  128.843855][   T29] audit: type=1326 audit(1732728032.138:8603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8502 comm="syz.4.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  128.876376][   T29] audit: type=1326 audit(1732728032.138:8604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8502 comm="syz.4.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  128.900032][   T29] audit: type=1326 audit(1732728032.138:8605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8502 comm="syz.4.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  128.923557][   T29] audit: type=1326 audit(1732728032.138:8606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8502 comm="syz.4.1702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  128.975910][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.989348][ T8501] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.030536][ T2303] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  129.048380][ T8517] loop0: detected capacity change from 0 to 512
[  129.055454][ T2303] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  129.067844][ T2303] EXT4-fs (loop6): This should not happen!! Data will be lost
[  129.067844][ T2303] 
[  129.077691][ T2303] EXT4-fs (loop6): Total free blocks count 0
[  129.083804][ T2303] EXT4-fs (loop6): Free/Dirty block details
[  129.089745][ T2303] EXT4-fs (loop6): free_blocks=2415919104
[  129.095541][ T2303] EXT4-fs (loop6): dirty_blocks=32
[  129.100699][ T2303] EXT4-fs (loop6): Block reservation details
[  129.106696][ T2303] EXT4-fs (loop6): i_reserved_data_blocks=2
[  129.116638][ T8517] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  129.134683][   T50] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  129.172047][ T8517] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.180564][ T8525] loop6: detected capacity change from 0 to 512
[  129.192471][ T8517] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.1705: corrupted inode contents
[  129.211922][ T8517] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz.0.1705: mark_inode_dirty error
[  129.212747][ T8528] loop3: detected capacity change from 0 to 512
[  129.232567][ T8517] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.1705: corrupted inode contents
[  129.232978][ T8528] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  129.260455][ T8525] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  129.273369][ T8528] EXT4-fs (loop3): 1 truncate cleaned up
[  129.280383][ T8528] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.300337][ T8525] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.315940][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.334692][ T8537] loop4: detected capacity change from 0 to 512
[  129.342541][ T8537] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  129.373444][ T8537] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.382546][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.418562][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.453229][ T8548] IPVS: Error joining to the multicast group
[  129.470835][ T3330] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.473202][ T8546] loop6: detected capacity change from 0 to 512
[  129.540546][ T8552] netlink: 'syz.5.1719': attribute type 29 has an invalid length.
[  129.548521][ T8552] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1719'.
[  129.562619][ T8546] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  129.584116][ T8546] EXT4-fs (loop6): 1 truncate cleaned up
[  129.591771][ T8546] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.595450][ T8559] loop3: detected capacity change from 0 to 128
[  129.662436][ T8559] syz.3.1721: attempt to access beyond end of device
[  129.662436][ T8559] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  129.690744][ T8559] syz.3.1721: attempt to access beyond end of device
[  129.690744][ T8559] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[  129.704870][ T8559] syz.3.1721: attempt to access beyond end of device
[  129.704870][ T8559] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  129.718225][ T8559] syz.3.1721: attempt to access beyond end of device
[  129.718225][ T8559] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  129.780679][ T8569] loop3: detected capacity change from 0 to 1024
[  129.789346][ T8569] EXT4-fs: Ignoring removed oldalloc option
[  129.801492][ T8569] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  129.825144][ T8569] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.868865][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.898710][ T8577] loop3: detected capacity change from 0 to 2048
[  129.909875][ T8577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.976071][ T8582] loop0: detected capacity change from 0 to 2048
[  129.989954][ T8582] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.016626][ T2303] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  130.031714][ T2303] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  130.044098][ T2303] EXT4-fs (loop0): This should not happen!! Data will be lost
[  130.044098][ T2303] 
[  130.053770][ T2303] EXT4-fs (loop0): Total free blocks count 0
[  130.059898][ T2303] EXT4-fs (loop0): Free/Dirty block details
[  130.065873][ T2303] EXT4-fs (loop0): free_blocks=2415919104
[  130.071684][ T2303] EXT4-fs (loop0): dirty_blocks=32
[  130.076812][ T2303] EXT4-fs (loop0): Block reservation details
[  130.082822][ T2303] EXT4-fs (loop0): i_reserved_data_blocks=2
[  130.089170][   T36] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  130.122753][ T8587] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1727'.
[  130.138050][ T8587] loop0: detected capacity change from 0 to 1024
[  130.145201][ T8587] EXT4-fs: Ignoring removed oldalloc option
[  130.152227][ T8587] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  130.168653][ T8587] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.207833][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.227786][ T8591] FAULT_INJECTION: forcing a failure.
[  130.227786][ T8591] name failslab, interval 1, probability 0, space 0, times 0
[  130.240541][ T8591] CPU: 1 UID: 0 PID: 8591 Comm: syz.0.1728 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  130.250942][ T8591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  130.261062][ T8591] Call Trace:
[  130.264360][ T8591]  <TASK>
[  130.267299][ T8591]  dump_stack_lvl+0xf2/0x150
[  130.271915][ T8591]  dump_stack+0x15/0x20
[  130.276111][ T8591]  should_fail_ex+0x223/0x230
[  130.280859][ T8591]  should_failslab+0x8f/0xb0
[  130.285662][ T8591]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  130.292096][ T8591]  ? sidtab_sid2str_get+0xb8/0x140
[  130.297280][ T8591]  kmemdup_noprof+0x2a/0x60
[  130.301879][ T8591]  sidtab_sid2str_get+0xb8/0x140
[  130.306900][ T8591]  security_sid_to_context_core+0x1eb/0x2f0
[  130.312874][ T8591]  security_sid_to_context+0x27/0x30
[  130.318343][ T8591]  avc_audit_post_callback+0x9d/0x530
[  130.323827][ T8591]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  130.329826][ T8591]  common_lsm_audit+0x90f/0x1010
[  130.334821][ T8591]  ? avc_denied+0xf1/0x110
[  130.339255][ T8591]  slow_avc_audit+0xf9/0x140
[  130.343859][ T8591]  avc_has_perm+0x129/0x160
[  130.348405][ T8591]  selinux_file_open+0x34a/0x3b0
[  130.353441][ T8591]  security_file_open+0x33/0x70
[  130.358363][ T8591]  do_dentry_open+0x1fa/0xa20
[  130.363059][ T8591]  vfs_open+0x38/0x1f0
[  130.367141][ T8591]  path_openat+0x1ac2/0x1fa0
[  130.371814][ T8591]  ? _parse_integer_limit+0x167/0x180
[  130.377209][ T8591]  ? kstrtouint_from_user+0xb0/0xe0
[  130.382427][ T8591]  do_filp_open+0x107/0x230
[  130.386979][ T8591]  do_sys_openat2+0xab/0x120
[  130.391610][ T8591]  __x64_sys_openat+0xf3/0x120
[  130.396450][ T8591]  x64_sys_call+0x2b30/0x2dc0
[  130.401209][ T8591]  do_syscall_64+0xc9/0x1c0
[  130.405722][ T8591]  ? clear_bhb_loop+0x55/0xb0
[  130.410409][ T8591]  ? clear_bhb_loop+0x55/0xb0
[  130.415094][ T8591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.421123][ T8591] RIP: 0033:0x7fea6a0a0809
[  130.425545][ T8591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.445212][ T8591] RSP: 002b:00007fea68717058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  130.453667][ T8591] RAX: ffffffffffffffda RBX: 00007fea6a265fa0 RCX: 00007fea6a0a0809
[  130.461653][ T8591] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffffffffffff9c
[  130.469633][ T8591] RBP: 00007fea687170a0 R08: 0000000000000000 R09: 0000000000000000
[  130.477647][ T8591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  130.485770][ T8591] R13: 0000000000000000 R14: 00007fea6a265fa0 R15: 00007ffecde11408
[  130.493756][ T8591]  </TASK>
[  130.503209][ T8591] random: crng reseeded on system resumption
[  130.593493][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.608581][ T8595] loop5: detected capacity change from 0 to 128
[  130.643218][ T8597] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=50 sclass=netlink_xfrm_socket pid=8597 comm=syz.6.1729
[  130.669060][ T8597] syz.6.1729[8597] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  130.673470][ T8599] loop0: detected capacity change from 0 to 512
[  130.693536][ T8599] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  130.710724][ T8599] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.734157][ T8601] loop5: detected capacity change from 0 to 128
[  130.742779][ T8599] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.1732: corrupted inode contents
[  130.755595][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.771133][ T8599] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz.0.1732: mark_inode_dirty error
[  130.802955][ T8599] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.1732: corrupted inode contents
[  130.844815][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.853389][ T8615] loop4: detected capacity change from 0 to 2048
[  130.892663][ T8615] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.944880][ T8626] loop3: detected capacity change from 0 to 512
[  130.977156][   T36] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  130.993293][ T8626] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  130.995110][   T36] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  131.014646][   T36] EXT4-fs (loop4): This should not happen!! Data will be lost
[  131.014646][   T36] 
[  131.024393][   T36] EXT4-fs (loop4): Total free blocks count 0
[  131.030480][   T36] EXT4-fs (loop4): Free/Dirty block details
[  131.031902][ T8628] netlink: 'syz.5.1741': attribute type 29 has an invalid length.
[  131.036489][   T36] EXT4-fs (loop4): free_blocks=2415919104
[  131.036506][   T36] EXT4-fs (loop4): dirty_blocks=32
[  131.036517][   T36] EXT4-fs (loop4): Block reservation details
[  131.036528][   T36] EXT4-fs (loop4): i_reserved_data_blocks=2
[  131.047133][   T36] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  131.050123][ T8628] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1741'.
[  131.053631][ T8626] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.172836][ T8635] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=50 sclass=netlink_xfrm_socket pid=8635 comm=syz.6.1745
[  131.201870][ T8638] loop4: detected capacity change from 0 to 512
[  131.210101][ T8638] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  131.220478][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.240843][ T8638] EXT4-fs (loop4): 1 truncate cleaned up
[  131.261460][ T8638] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.272407][ T8644] IPVS: Error joining to the multicast group
[  131.373047][ T3330] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.474964][ T8668] loop6: detected capacity change from 0 to 128
[  131.502878][ T8670] loop4: detected capacity change from 0 to 512
[  131.518488][ T8670] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  131.549053][ T8672] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=50 sclass=netlink_xfrm_socket pid=8672 comm=syz.6.1758
[  131.564124][ T8670] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.612989][ T3330] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.645089][ T8676] loop6: detected capacity change from 0 to 128
[  131.726651][ T8676] bio_check_eod: 8 callbacks suppressed
[  131.726665][ T8676] syz.6.1759: attempt to access beyond end of device
[  131.726665][ T8676] loop6: rw=2049, sector=145, nr_sectors = 896 limit=128
[  131.766380][ T8676] syz.6.1759: attempt to access beyond end of device
[  131.766380][ T8676] loop6: rw=524288, sector=145, nr_sectors = 224 limit=128
[  131.771643][ T8687] IPVS: Unknown mcast interface: vcan0
[  131.783354][ T8676] syz.6.1759: attempt to access beyond end of device
[  131.783354][ T8676] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  131.799237][ T8676] syz.6.1759: attempt to access beyond end of device
[  131.799237][ T8676] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  131.826952][ T8676] syz.6.1759: attempt to access beyond end of device
[  131.826952][ T8676] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  131.848473][ T8676] syz.6.1759: attempt to access beyond end of device
[  131.848473][ T8676] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  131.900628][ T8693] loop3: detected capacity change from 0 to 512
[  131.901366][ T8695] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1777'.
[  131.916451][ T8693] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  131.948881][ T8693] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.994499][ T8703] IPVS: Error joining to the multicast group
[  131.994791][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.033037][ T8705] loop3: detected capacity change from 0 to 2048
[  132.044760][ T8707] loop4: detected capacity change from 0 to 512
[  132.057711][ T8707] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  132.070925][ T8705] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.092071][ T8705] program syz.3.1769 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  132.104187][ T8707] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.151373][ T3330] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.254763][ T8723] netlink: 'syz.0.1775': attribute type 29 has an invalid length.
[  132.262796][ T8723] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1775'.
[  132.368250][ T8727] loop6: detected capacity change from 0 to 512
[  132.393398][ T8727] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  132.419012][ T8727] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.433076][ T8727] EXT4-fs error (device loop6): ext4_do_update_inode:5153: inode #2: comm syz.6.1778: corrupted inode contents
[  132.445488][ T7827] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  132.447612][ T8727] EXT4-fs error (device loop6): ext4_dirty_inode:6041: inode #2: comm syz.6.1778: mark_inode_dirty error
[  132.471861][ T8727] EXT4-fs error (device loop6): ext4_do_update_inode:5153: inode #2: comm syz.6.1778: corrupted inode contents
[  132.496394][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.557396][ T8740] loop6: detected capacity change from 0 to 512
[  132.564619][ T8740] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  132.589065][ T8740] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.617157][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.714407][ T8746] loop5: detected capacity change from 0 to 512
[  132.723189][ T8746] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  132.740153][ T8746] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.770287][ T5069] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.792195][ T8751] loop5: detected capacity change from 0 to 128
[  132.880863][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.885788][ T8758] loop6: detected capacity change from 0 to 128
[  132.929967][ T8758] syz.6.1789: attempt to access beyond end of device
[  132.929967][ T8758] loop6: rw=2049, sector=145, nr_sectors = 896 limit=128
[  132.959686][ T8758] syz.6.1789: attempt to access beyond end of device
[  132.959686][ T8758] loop6: rw=524288, sector=145, nr_sectors = 224 limit=128
[  132.975308][ T8758] syz.6.1789: attempt to access beyond end of device
[  132.975308][ T8758] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  132.990706][ T8758] syz.6.1789: attempt to access beyond end of device
[  132.990706][ T8758] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  133.049443][ T8764] loop6: detected capacity change from 0 to 1024
[  133.075674][ T8764] EXT4-fs: Ignoring removed oldalloc option
[  133.094591][ T8764] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  133.116740][ T8764] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.258839][ T8790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.271074][ T8790] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.457656][ T8813] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1813'.
[  133.492774][ T8815] FAULT_INJECTION: forcing a failure.
[  133.492774][ T8815] name failslab, interval 1, probability 0, space 0, times 0
[  133.505515][ T8815] CPU: 1 UID: 0 PID: 8815 Comm: syz.3.1814 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  133.515881][ T8815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  133.526012][ T8815] Call Trace:
[  133.529312][ T8815]  <TASK>
[  133.532296][ T8815]  dump_stack_lvl+0xf2/0x150
[  133.536918][ T8815]  dump_stack+0x15/0x20
[  133.541174][ T8815]  should_fail_ex+0x223/0x230
[  133.547120][ T8815]  should_failslab+0x8f/0xb0
[  133.551742][ T8815]  kmem_cache_alloc_node_noprof+0x59/0x320
[  133.557641][ T8815]  ? __alloc_skb+0x10b/0x310
[  133.562341][ T8815]  __alloc_skb+0x10b/0x310
[  133.566867][ T8815]  netlink_ack+0xef/0x4f0
[  133.571252][ T8815]  ? nfnetlink_rcv+0x9ae/0x15d0
[  133.576202][ T8815]  ? __kmalloc_cache_noprof+0x28c/0x320
[  133.581843][ T8815]  nfnetlink_rcv+0x1376/0x15d0
[  133.586673][ T8815]  ? kmem_cache_free+0xdc/0x2d0
[  133.591601][ T8815]  netlink_unicast+0x599/0x670
[  133.596401][ T8815]  netlink_sendmsg+0x5cc/0x6e0
[  133.601381][ T8815]  ? __pfx_netlink_sendmsg+0x10/0x10
[  133.606735][ T8815]  __sock_sendmsg+0x140/0x180
[  133.611452][ T8815]  ____sys_sendmsg+0x312/0x410
[  133.616270][ T8815]  __sys_sendmsg+0x19d/0x230
[  133.620894][ T8815]  __x64_sys_sendmsg+0x46/0x50
[  133.625717][ T8815]  x64_sys_call+0x2734/0x2dc0
[  133.630413][ T8815]  do_syscall_64+0xc9/0x1c0
[  133.634944][ T8815]  ? clear_bhb_loop+0x55/0xb0
[  133.639635][ T8815]  ? clear_bhb_loop+0x55/0xb0
[  133.644322][ T8815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.650250][ T8815] RIP: 0033:0x7fe724b10809
[  133.654678][ T8815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.674509][ T8815] RSP: 002b:00007fe723187058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  133.682939][ T8815] RAX: ffffffffffffffda RBX: 00007fe724cd5fa0 RCX: 00007fe724b10809
[  133.690986][ T8815] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003
[  133.698966][ T8815] RBP: 00007fe7231870a0 R08: 0000000000000000 R09: 0000000000000000
[  133.706947][ T8815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.714987][ T8815] R13: 0000000000000000 R14: 00007fe724cd5fa0 R15: 00007ffc7b90dc98
[  133.723011][ T8815]  </TASK>
[  133.735788][ T8817] loop6: detected capacity change from 0 to 128
[  133.769481][ T8825] loop3: detected capacity change from 0 to 128
[  134.015221][   T29] kauditd_printk_skb: 842 callbacks suppressed
[  134.015236][   T29] audit: type=1326 audit(1732728037.428:9449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8841 comm="syz.4.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  134.045034][   T29] audit: type=1326 audit(1732728037.428:9450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8841 comm="syz.4.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  134.068778][   T29] audit: type=1326 audit(1732728037.428:9451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8841 comm="syz.4.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  134.092231][   T29] audit: type=1326 audit(1732728037.428:9452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8841 comm="syz.4.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  134.115664][   T29] audit: type=1326 audit(1732728037.428:9453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8841 comm="syz.4.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  134.139173][   T29] audit: type=1326 audit(1732728037.428:9454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8841 comm="syz.4.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  134.162602][   T29] audit: type=1326 audit(1732728037.428:9455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8841 comm="syz.4.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  134.175413][ T8849] loop5: detected capacity change from 0 to 128
[  134.186058][   T29] audit: type=1326 audit(1732728037.428:9456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8841 comm="syz.4.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  134.186098][   T29] audit: type=1326 audit(1732728037.428:9457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8841 comm="syz.4.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  134.220146][ T8851] loop6: detected capacity change from 0 to 512
[  134.239218][   T29] audit: type=1326 audit(1732728037.428:9458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8841 comm="syz.4.1827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  134.271482][ T8851] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  134.441631][ T8870] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.451312][ T8870] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.526849][ T8880] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  134.538297][ T8880] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  134.551413][ T8878] loop3: detected capacity change from 0 to 1024
[  134.558630][ T8878] EXT4-fs: Ignoring removed oldalloc option
[  134.565471][ T8878] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  134.621860][ T8884] loop3: detected capacity change from 0 to 128
[  134.677029][ T8888] loop3: detected capacity change from 0 to 512
[  134.684155][ T8888] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  134.777322][ T8897] bpf_get_probe_write_proto: 23 callbacks suppressed
[  134.777338][ T8897] syz.3.1847[8897] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.784208][ T8897] syz.3.1847[8897] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  134.795862][ T8897] syz.3.1847[8897] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  135.133540][ T8911] FAULT_INJECTION: forcing a failure.
[  135.133540][ T8911] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.158200][ T8911] CPU: 0 UID: 0 PID: 8911 Comm: syz.4.1853 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  135.168552][ T8911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  135.178723][ T8911] Call Trace:
[  135.182056][ T8911]  <TASK>
[  135.185089][ T8911]  dump_stack_lvl+0xf2/0x150
[  135.189695][ T8911]  dump_stack+0x15/0x20
[  135.193957][ T8911]  should_fail_ex+0x223/0x230
[  135.198694][ T8911]  should_fail+0xb/0x10
[  135.202884][ T8911]  should_fail_usercopy+0x1a/0x20
[  135.207959][ T8911]  strncpy_from_user+0x25/0x210
[  135.212950][ T8911]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  135.218703][ T8911]  ? getname_flags+0x81/0x3b0
[  135.223453][ T8911]  getname_flags+0xb0/0x3b0
[  135.227996][ T8911]  getname_uflags+0x24/0x30
[  135.232652][ T8911]  io_statx_prep+0x10c/0x180
[  135.237275][ T8911]  io_submit_sqes+0x5d0/0x1090
[  135.242163][ T8911]  __se_sys_io_uring_enter+0x1be/0x1a10
[  135.247724][ T8911]  ? selinux_file_permission+0x22a/0x360
[  135.253402][ T8911]  ? get_pid_task+0x8e/0xc0
[  135.257922][ T8911]  ? proc_fail_nth_write+0x12a/0x150
[  135.263336][ T8911]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  135.268998][ T8911]  ? vfs_write+0x596/0x920
[  135.273466][ T8911]  ? __fget_files+0x17c/0x1c0
[  135.278163][ T8911]  ? fput+0x1c4/0x200
[  135.282196][ T8911]  ? ksys_write+0x176/0x1b0
[  135.286789][ T8911]  __x64_sys_io_uring_enter+0x78/0x90
[  135.292256][ T8911]  x64_sys_call+0xb5e/0x2dc0
[  135.296889][ T8911]  do_syscall_64+0xc9/0x1c0
[  135.301408][ T8911]  ? clear_bhb_loop+0x55/0xb0
[  135.306141][ T8911]  ? clear_bhb_loop+0x55/0xb0
[  135.310930][ T8911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.316912][ T8911] RIP: 0033:0x7fb500340809
[  135.321350][ T8911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.340973][ T8911] RSP: 002b:00007fb4fe9b7058 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  135.349397][ T8911] RAX: ffffffffffffffda RBX: 00007fb500505fa0 RCX: 00007fb500340809
[  135.357386][ T8911] RDX: 0000000000000000 RSI: 00000000000047f6 RDI: 0000000000000003
[  135.365530][ T8911] RBP: 00007fb4fe9b70a0 R08: 0000000000000000 R09: 0000000000000000
[  135.373601][ T8911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.381592][ T8911] R13: 0000000000000000 R14: 00007fb500505fa0 R15: 00007fffa2f425d8
[  135.389711][ T8911]  </TASK>
[  135.442979][ T8914] loop5: detected capacity change from 0 to 1024
[  135.452760][ T8914] EXT4-fs: Ignoring removed oldalloc option
[  135.477701][ T8914] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  135.612404][ T8931] loop6: detected capacity change from 0 to 512
[  135.620241][ T8931] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  135.705889][ T8939] loop0: detected capacity change from 0 to 2048
[  135.745413][ T8946] loop6: detected capacity change from 0 to 512
[  135.781231][ T8946] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  135.815982][ T8946] EXT4-fs (loop6): 1 truncate cleaned up
[  135.876472][ T5146] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  135.891587][ T5146] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  135.898193][ T8959] loop3: detected capacity change from 0 to 1024
[  135.903813][ T5146] EXT4-fs (loop0): This should not happen!! Data will be lost
[  135.903813][ T5146] 
[  135.914690][ T8962] loop4: detected capacity change from 0 to 512
[  135.919906][ T5146] EXT4-fs (loop0): Total free blocks count 0
[  135.927851][ T8959] EXT4-fs warning (device loop3): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop3.
[  135.932127][ T5146] EXT4-fs (loop0): Free/Dirty block details
[  135.949270][ T5146] EXT4-fs (loop0): free_blocks=2415919104
[  135.955027][ T5146] EXT4-fs (loop0): dirty_blocks=32
[  135.959958][ T8962] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  135.960302][ T5146] EXT4-fs (loop0): Block reservation details
[  135.975464][ T5146] EXT4-fs (loop0): i_reserved_data_blocks=2
[  135.985541][   T50] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  135.997911][   T50] EXT4-fs (loop0): This should not happen!! Data will be lost
[  135.997911][   T50] 
[  136.153206][ T8980] loop3: detected capacity change from 0 to 512
[  136.160446][ T8980] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  136.252806][ T8991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1882'.
[  136.267424][ T8987] loop5: detected capacity change from 0 to 2048
[  136.300093][ T8996] loop0: detected capacity change from 0 to 512
[  136.314722][ T8996] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  136.337835][ T9000] loop3: detected capacity change from 0 to 2048
[  136.357130][  T260] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  136.372264][  T260] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  136.384516][  T260] EXT4-fs (loop5): This should not happen!! Data will be lost
[  136.384516][  T260] 
[  136.394283][  T260] EXT4-fs (loop5): Total free blocks count 0
[  136.400360][  T260] EXT4-fs (loop5): Free/Dirty block details
[  136.406294][  T260] EXT4-fs (loop5): free_blocks=2415919104
[  136.412086][  T260] EXT4-fs (loop5): dirty_blocks=32
[  136.417332][  T260] EXT4-fs (loop5): Block reservation details
[  136.423333][  T260] EXT4-fs (loop5): i_reserved_data_blocks=2
[  136.430276][ T5146] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  136.430542][   T11] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, 
[  136.442585][ T5146] EXT4-fs (loop5): This should not happen!! Data will be lost
[  136.442585][ T5146] 
[  136.460627][   T11] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  136.469735][   T11] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  136.482067][   T11] EXT4-fs (loop3): This should not happen!! Data will be lost
[  136.482067][   T11] 
[  136.491756][   T11] EXT4-fs (loop3): Total free blocks count 0
[  136.497767][   T11] EXT4-fs (loop3): Free/Dirty block details
[  136.503686][   T11] EXT4-fs (loop3): free_blocks=2415919104
[  136.509458][   T11] EXT4-fs (loop3): dirty_blocks=32
[  136.514588][   T11] EXT4-fs (loop3): Block reservation details
[  136.520662][   T11] EXT4-fs (loop3): i_reserved_data_blocks=2
[  136.537862][   T50] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  136.550290][   T50] EXT4-fs (loop3): This should not happen!! Data will be lost
[  136.550290][   T50] 
[  136.643729][ T9015] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.663517][ T9015] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.713681][ T9024] loop5: detected capacity change from 0 to 128
[  136.811833][ T9034] loop3: detected capacity change from 0 to 512
[  136.820572][ T9034] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  136.836058][ T9033] loop5: detected capacity change from 0 to 2048
[  136.855702][ T9038] loop0: detected capacity change from 0 to 512
[  136.866247][ T9038] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  136.902279][   T50] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  136.914845][ T9044] loop4: detected capacity change from 0 to 1024
[  136.923670][   T50] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  136.934585][ T9044] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  136.935977][   T50] EXT4-fs (loop5): This should not happen!! Data will be lost
[  136.935977][   T50] 
[  136.955255][   T50] EXT4-fs (loop5): Total free blocks count 0
[  136.961339][   T50] EXT4-fs (loop5): Free/Dirty block details
[  136.967278][   T50] EXT4-fs (loop5): free_blocks=2415919104
[  136.973023][   T50] EXT4-fs (loop5): dirty_blocks=32
[  136.978190][   T50] EXT4-fs (loop5): Block reservation details
[  136.984193][   T50] EXT4-fs (loop5): i_reserved_data_blocks=2
[  136.994790][   T50] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  137.007387][   T50] EXT4-fs (loop5): This should not happen!! Data will be lost
[  137.007387][   T50] 
[  137.009043][ T9044] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002]
[  137.033722][ T9044] System zones: 0-1, 2-3, 4-36, 98-101, 102-102
[  137.073852][ T9054] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1904'.
[  137.108563][ T9054] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.118689][ T9060] FAULT_INJECTION: forcing a failure.
[  137.118689][ T9060] name failslab, interval 1, probability 0, space 0, times 0
[  137.131497][ T9060] CPU: 0 UID: 0 PID: 9060 Comm: syz.5.1908 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  137.141868][ T9060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  137.151967][ T9060] Call Trace:
[  137.155264][ T9060]  <TASK>
[  137.158201][ T9060]  dump_stack_lvl+0xf2/0x150
[  137.162805][ T9060]  dump_stack+0x15/0x20
[  137.167009][ T9060]  should_fail_ex+0x223/0x230
[  137.171710][ T9060]  should_failslab+0x8f/0xb0
[  137.176313][ T9060]  kmem_cache_alloc_noprof+0x52/0x320
[  137.181785][ T9060]  ? security_inode_alloc+0x37/0x100
[  137.187173][ T9060]  security_inode_alloc+0x37/0x100
[  137.192308][ T9060]  inode_init_always_gfp+0x4a2/0x4f0
[  137.197697][ T9060]  ? __pfx_sock_alloc_inode+0x10/0x10
[  137.203096][ T9060]  alloc_inode+0x82/0x160
[  137.207443][ T9060]  new_inode_pseudo+0x15/0x20
[  137.212135][ T9060]  __sock_create+0x12b/0x5a0
[  137.216808][ T9060]  __sys_socketpair+0x1be/0x430
[  137.221688][ T9060]  __x64_sys_socketpair+0x52/0x60
[  137.226738][ T9060]  x64_sys_call+0x1cad/0x2dc0
[  137.231432][ T9060]  do_syscall_64+0xc9/0x1c0
[  137.235946][ T9060]  ? clear_bhb_loop+0x55/0xb0
[  137.240637][ T9060]  ? clear_bhb_loop+0x55/0xb0
[  137.245324][ T9060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.251240][ T9060] RIP: 0033:0x7faa377d0809
[  137.255661][ T9060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.275290][ T9060] RSP: 002b:00007faa35e47058 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  137.283728][ T9060] RAX: ffffffffffffffda RBX: 00007faa37995fa0 RCX: 00007faa377d0809
[  137.291710][ T9060] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[  137.299692][ T9060] RBP: 00007faa35e470a0 R08: 0000000000000000 R09: 0000000000000000
[  137.307699][ T9060] R10: 0000000020000940 R11: 0000000000000246 R12: 0000000000000001
[  137.315682][ T9060] R13: 0000000000000000 R14: 00007faa37995fa0 R15: 00007ffe19897128
[  137.323671][ T9060]  </TASK>
[  137.326824][ T9060] socket: no more sockets
[  137.346765][ T9062] loop3: detected capacity change from 0 to 128
[  137.413890][ T9070] syz.5.1911[9070] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  137.413956][ T9070] syz.5.1911[9070] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  137.428666][ T9070] syz.5.1911[9070] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  137.473587][ T9072] loop0: detected capacity change from 0 to 1024
[  137.512496][ T9072] EXT4-fs: Ignoring removed oldalloc option
[  137.527421][ T9072] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  137.611997][ T9091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.625950][ T9091] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.690465][ T9084] loop6: detected capacity change from 0 to 256
[  137.699112][ T9103] loop0: detected capacity change from 0 to 128
[  137.713272][ T9084] vfat: Unknown parameter 'ÿÿ000000000000000000060xffffffffffffffffÿ00000000000000000000016s$–˜ÛñDoTÌ­rþô…o ©µŠìÛy‡ò¸Q{õ$ïˆHK·…ÚË[t/›ŽiôGï†sU"èÿ\÷ÐèûÃh¢øņôü¸�f‘Š¾ÞÑ­‘T¶Hý`i‰xcÏS“ýƬÈ[ZÄ‚~®é˜Ó‡¦ÍSûÙÇ€µ¹Å'
[  137.851599][ T9122] loop4: detected capacity change from 0 to 128
[  138.031024][ T9141] loop0: detected capacity change from 0 to 1024
[  138.040528][ T9141] EXT4-fs: Ignoring removed oldalloc option
[  138.057719][ T9141] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  138.144150][ T9156] loop0: detected capacity change from 0 to 128
[  138.183457][ T9156] bio_check_eod: 8 callbacks suppressed
[  138.183474][ T9156] syz.0.1932: attempt to access beyond end of device
[  138.183474][ T9156] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  138.220593][ T9156] syz.0.1932: attempt to access beyond end of device
[  138.220593][ T9156] loop0: rw=524288, sector=145, nr_sectors = 224 limit=128
[  138.236647][ T9156] syz.0.1932: attempt to access beyond end of device
[  138.236647][ T9156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  138.250046][ T9156] syz.0.1932: attempt to access beyond end of device
[  138.250046][ T9156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  138.263907][ T9156] syz.0.1932: attempt to access beyond end of device
[  138.263907][ T9156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  138.279618][ T9156] syz.0.1932: attempt to access beyond end of device
[  138.279618][ T9156] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  138.296400][ T9164] netlink: 'syz.4.1937': attribute type 1 has an invalid length.
[  138.308839][ T9164] team0: Port device team_slave_1 removed
[  138.502841][ T9177] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  138.511584][ T9177] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  138.565493][ T9180] loop0: detected capacity change from 0 to 1024
[  138.572892][ T9180] EXT4-fs: Ignoring removed oldalloc option
[  138.589154][ T9180] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  138.720092][ T9197] loop4: detected capacity change from 0 to 1024
[  138.784754][ T9197] EXT4-fs (loop4): shut down requested (0)
[  138.789683][ T9208] loop5: detected capacity change from 0 to 512
[  138.807116][ T9208] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  138.886034][ T9218] loop3: detected capacity change from 0 to 512
[  138.890186][ T9216] loop0: detected capacity change from 0 to 128
[  138.903346][ T9218] EXT4-fs: dax option not supported
[  138.919342][ T9218] FAULT_INJECTION: forcing a failure.
[  138.919342][ T9218] name failslab, interval 1, probability 0, space 0, times 0
[  138.932133][ T9218] CPU: 1 UID: 0 PID: 9218 Comm: syz.3.1961 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  138.942489][ T9218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  138.943426][ T9216] syz.0.1959: attempt to access beyond end of device
[  138.943426][ T9216] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  138.952559][ T9218] Call Trace:
[  138.952571][ T9218]  <TASK>
[  138.952581][ T9218]  dump_stack_lvl+0xf2/0x150
[  138.952610][ T9218]  dump_stack+0x15/0x20
[  138.952630][ T9218]  should_fail_ex+0x223/0x230
[  138.982939][ T9216] syz.0.1959: attempt to access beyond end of device
[  138.982939][ T9216] loop0: rw=524288, sector=145, nr_sectors = 224 limit=128
[  138.985912][ T9218]  should_failslab+0x8f/0xb0
[  139.002875][ T9216] syz.0.1959: attempt to access beyond end of device
[  139.002875][ T9216] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  139.004210][ T9218]  kmem_cache_alloc_noprof+0x52/0x320
[  139.019431][ T9216] syz.0.1959: attempt to access beyond end of device
[  139.019431][ T9216] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  139.022666][ T9218]  ? audit_log_start+0x34c/0x6b0
[  139.040883][ T9218]  audit_log_start+0x34c/0x6b0
[  139.045727][ T9218]  ? should_fail_ex+0xd7/0x230
[  139.050630][ T9218]  audit_seccomp+0x4b/0x130
[  139.055201][ T9218]  ? security_file_alloc+0x32/0x100
[  139.060506][ T9218]  __seccomp_filter+0x6fa/0x1180
[  139.065564][ T9218]  ? _raw_spin_unlock+0x26/0x50
[  139.070446][ T9218]  ? alloc_fd+0x3ad/0x3e0
[  139.074783][ T9218]  __secure_computing+0x9f/0x1c0
[  139.079752][ T9218]  syscall_trace_enter+0xd1/0x1f0
[  139.084829][ T9218]  ? fpregs_assert_state_consistent+0x83/0xa0
[  139.090984][ T9218]  do_syscall_64+0xaa/0x1c0
[  139.095509][ T9218]  ? clear_bhb_loop+0x55/0xb0
[  139.100283][ T9218]  ? clear_bhb_loop+0x55/0xb0
[  139.104961][ T9218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.110903][ T9218] RIP: 0033:0x7fe724b0f21c
[  139.115382][ T9218] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  139.135105][ T9218] RSP: 002b:00007fe723187050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  139.143531][ T9218] RAX: ffffffffffffffda RBX: 00007fe724cd5fa0 RCX: 00007fe724b0f21c
[  139.151604][ T9218] RDX: 000000000000000f RSI: 00007fe7231870b0 RDI: 0000000000000006
[  139.159581][ T9218] RBP: 00007fe7231870a0 R08: 0000000000000000 R09: 0000000000000000
[  139.167555][ T9218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  139.175565][ T9218] R13: 0000000000000000 R14: 00007fe724cd5fa0 R15: 00007ffc7b90dc98
[  139.183568][ T9218]  </TASK>
[  139.187310][ T9218] audit_log_lost: 638 callbacks suppressed
[  139.187330][ T9218] audit: audit_lost=9 audit_rate_limit=0 audit_backlog_limit=64
[  139.201154][ T9218] audit: out of memory in audit_log_start
[  139.207342][   T29] audit: type=1326 audit(1732728042.628:10097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9217 comm="syz.3.1961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe724b0f2bf code=0x7ffc0000
[  139.246140][   T29] audit: type=1326 audit(1732728042.658:10098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9217 comm="syz.3.1961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe724b0f46a code=0x7ffc0000
[  139.269555][   T29] audit: type=1326 audit(1732728042.658:10099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9217 comm="syz.3.1961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  139.293313][   T29] audit: type=1326 audit(1732728042.658:10100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9217 comm="syz.3.1961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  139.329291][   T29] audit: type=1326 audit(1732728042.698:10101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9229 comm="syz.3.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  139.352862][   T29] audit: type=1326 audit(1732728042.698:10102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9229 comm="syz.3.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  139.365405][ T9228] loop0: detected capacity change from 0 to 1024
[  139.376508][   T29] audit: type=1326 audit(1732728042.698:10103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9229 comm="syz.3.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  139.406669][   T29] audit: type=1326 audit(1732728042.698:10104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9229 comm="syz.3.1964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  139.433273][ T9228] EXT4-fs: Ignoring removed oldalloc option
[  139.446977][ T9228] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  139.486334][ T9243] loop6: detected capacity change from 0 to 512
[  139.503950][ T9243] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  139.533822][ T9243] EXT4-fs error (device loop6): ext4_do_update_inode:5153: inode #2: comm syz.6.1970: corrupted inode contents
[  139.547188][ T9243] EXT4-fs error (device loop6): ext4_dirty_inode:6041: inode #2: comm syz.6.1970: mark_inode_dirty error
[  139.559742][ T9243] EXT4-fs error (device loop6): ext4_do_update_inode:5153: inode #2: comm syz.6.1970: corrupted inode contents
[  139.635478][ T9257] loop3: detected capacity change from 0 to 2048
[  139.691498][ T9261] 
@ÿ: renamed from vlan0 (while UP)
[  139.712032][   T50] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  139.730684][   T50] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  139.742944][   T50] EXT4-fs (loop3): This should not happen!! Data will be lost
[  139.742944][   T50] 
[  139.752764][   T50] EXT4-fs (loop3): Total free blocks count 0
[  139.758819][   T50] EXT4-fs (loop3): Free/Dirty block details
[  139.764820][   T50] EXT4-fs (loop3): free_blocks=2415919104
[  139.770667][   T50] EXT4-fs (loop3): dirty_blocks=32
[  139.775884][   T50] EXT4-fs (loop3): Block reservation details
[  139.781955][   T50] EXT4-fs (loop3): i_reserved_data_blocks=2
[  139.782359][ T9268] loop6: detected capacity change from 0 to 512
[  139.790991][   T50] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  139.806711][   T50] EXT4-fs (loop3): This should not happen!! Data will be lost
[  139.806711][   T50] 
[  139.812937][ T9268] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  139.942052][ T9280] loop3: detected capacity change from 0 to 1024
[  139.957844][ T9280] EXT4-fs: Ignoring removed oldalloc option
[  139.988627][ T9280] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  140.008906][ T9287] loop0: detected capacity change from 0 to 2048
[  140.039364][   T50] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  140.054411][   T50] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  140.066781][   T50] EXT4-fs (loop0): This should not happen!! Data will be lost
[  140.066781][   T50] 
[  140.076586][   T50] EXT4-fs (loop0): Total free blocks count 0
[  140.082768][   T50] EXT4-fs (loop0): Free/Dirty block details
[  140.088768][   T50] EXT4-fs (loop0): free_blocks=2415919104
[  140.094555][   T50] EXT4-fs (loop0): dirty_blocks=32
[  140.099829][   T50] EXT4-fs (loop0): Block reservation details
[  140.105926][   T50] EXT4-fs (loop0): i_reserved_data_blocks=2
[  140.113860][   T50] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  140.126257][   T50] EXT4-fs (loop0): This should not happen!! Data will be lost
[  140.126257][   T50] 
[  140.442168][ T9316] loop3: detected capacity change from 0 to 512
[  140.443493][ T9308] 
@ÿ: renamed from vlan0 (while UP)
[  140.455929][ T9316] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  140.478873][ T9319] loop0: detected capacity change from 0 to 512
[  140.493838][ T9319] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  140.574869][ T9330] loop4: detected capacity change from 0 to 128
[  140.780129][ T9354] loop3: detected capacity change from 0 to 512
[  140.797811][ T9354] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  140.812699][ T9358] loop6: detected capacity change from 0 to 2048
[  140.828741][ T9363] FAULT_INJECTION: forcing a failure.
[  140.828741][ T9363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  140.842002][ T9363] CPU: 0 UID: 0 PID: 9363 Comm: syz.4.2014 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  140.852344][ T9363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  140.862412][ T9363] Call Trace:
[  140.865702][ T9363]  <TASK>
[  140.868660][ T9363]  dump_stack_lvl+0xf2/0x150
[  140.873271][ T9363]  dump_stack+0x15/0x20
[  140.877505][ T9363]  should_fail_ex+0x223/0x230
[  140.882196][ T9363]  should_fail+0xb/0x10
[  140.886504][ T9363]  should_fail_usercopy+0x1a/0x20
[  140.891564][ T9363]  _copy_to_user+0x20/0xa0
[  140.895989][ T9363]  simple_read_from_buffer+0xa0/0x110
[  140.901464][ T9363]  proc_fail_nth_read+0xf9/0x140
[  140.906539][ T9363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  140.912138][ T9363]  vfs_read+0x1a2/0x700
[  140.916320][ T9363]  ? __rcu_read_unlock+0x4e/0x70
[  140.921310][ T9363]  ? __fget_files+0x17c/0x1c0
[  140.926003][ T9363]  ksys_read+0xe8/0x1b0
[  140.930179][ T9363]  __x64_sys_read+0x42/0x50
[  140.934846][ T9363]  x64_sys_call+0x2874/0x2dc0
[  140.939607][ T9363]  do_syscall_64+0xc9/0x1c0
[  140.944181][ T9363]  ? clear_bhb_loop+0x55/0xb0
[  140.948878][ T9363]  ? clear_bhb_loop+0x55/0xb0
[  140.953608][ T9363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.959540][ T9363] RIP: 0033:0x7fb50033f21c
[  140.963960][ T9363] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  140.983700][ T9363] RSP: 002b:00007fb4fe9b7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  140.992223][ T9363] RAX: ffffffffffffffda RBX: 00007fb500505fa0 RCX: 00007fb50033f21c
[  141.000259][ T9363] RDX: 000000000000000f RSI: 00007fb4fe9b70b0 RDI: 0000000000000007
[  141.008283][ T9363] RBP: 00007fb4fe9b70a0 R08: 0000000000000000 R09: 0000000000000000
[  141.016286][ T9363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  141.024336][ T9363] R13: 0000000000000000 R14: 00007fb500505fa0 R15: 00007fffa2f425d8
[  141.032370][ T9363]  </TASK>
[  141.060918][ T5146] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  141.075860][ T5146] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  141.088250][ T5146] EXT4-fs (loop6): This should not happen!! Data will be lost
[  141.088250][ T5146] 
[  141.098087][ T5146] EXT4-fs (loop6): Total free blocks count 0
[  141.104101][ T5146] EXT4-fs (loop6): Free/Dirty block details
[  141.110188][ T5146] EXT4-fs (loop6): free_blocks=2415919104
[  141.116236][ T5146] EXT4-fs (loop6): dirty_blocks=32
[  141.121456][ T5146] EXT4-fs (loop6): Block reservation details
[  141.127784][ T5146] EXT4-fs (loop6): i_reserved_data_blocks=2
[  141.128075][ T9371] FAULT_INJECTION: forcing a failure.
[  141.128075][ T9371] name failslab, interval 1, probability 0, space 0, times 0
[  141.141423][ T5146] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  141.146347][ T9371] CPU: 0 UID: 0 PID: 9371 Comm: syz.0.2017 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  141.158572][ T5146] EXT4-fs (loop6): This should not happen!! Data will be lost
[  141.158572][ T5146] 
[  141.178776][ T9371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  141.188876][ T9371] Call Trace:
[  141.192234][ T9371]  <TASK>
[  141.195171][ T9371]  dump_stack_lvl+0xf2/0x150
[  141.199777][ T9371]  dump_stack+0x15/0x20
[  141.203942][ T9371]  should_fail_ex+0x223/0x230
[  141.208655][ T9371]  should_failslab+0x8f/0xb0
[  141.213270][ T9371]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  141.219648][ T9371]  ? kstrdup_const+0x3e/0x50
[  141.224255][ T9371]  kstrdup+0x38/0x80
[  141.228235][ T9371]  kstrdup_const+0x3e/0x50
[  141.232734][ T9371]  alloc_vfsmnt+0xa9/0x300
[  141.237275][ T9371]  clone_mnt+0x45/0x7a0
[  141.241458][ T9371]  ? is_subdir+0x79/0x160
[  141.245886][ T9371]  copy_tree+0x2df/0x7f0
[  141.250160][ T9371]  copy_mnt_ns+0x11e/0x5f0
[  141.254587][ T9371]  ? kmem_cache_alloc_noprof+0x22c/0x320
[  141.260250][ T9371]  ? create_new_namespaces+0x3c/0x430
[  141.265639][ T9371]  create_new_namespaces+0x89/0x430
[  141.270873][ T9371]  ? security_capable+0x81/0x90
[  141.275796][ T9371]  unshare_nsproxy_namespaces+0xe6/0x120
[  141.281444][ T9371]  ksys_unshare+0x3c9/0x6e0
[  141.286006][ T9371]  __x64_sys_unshare+0x1f/0x30
[  141.290872][ T9371]  x64_sys_call+0x1a3e/0x2dc0
[  141.295567][ T9371]  do_syscall_64+0xc9/0x1c0
[  141.300081][ T9371]  ? clear_bhb_loop+0x55/0xb0
[  141.304768][ T9371]  ? clear_bhb_loop+0x55/0xb0
[  141.309456][ T9371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.315394][ T9371] RIP: 0033:0x7fea6a0a0809
[  141.319928][ T9371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.339587][ T9371] RSP: 002b:00007fea68717058 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  141.348039][ T9371] RAX: ffffffffffffffda RBX: 00007fea6a265fa0 RCX: 00007fea6a0a0809
[  141.356048][ T9371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002a020480
[  141.364116][ T9371] RBP: 00007fea687170a0 R08: 0000000000000000 R09: 0000000000000000
[  141.372098][ T9371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  141.380091][ T9371] R13: 0000000000000000 R14: 00007fea6a265fa0 R15: 00007ffecde11408
[  141.388122][ T9371]  </TASK>
[  141.492560][ T9383] syz.0.2021[9383] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.492653][ T9383] syz.0.2021[9383] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.504477][ T9383] syz.0.2021[9383] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.518907][ T9384] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.554276][ T9384] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.575122][ T9387] loop5: detected capacity change from 0 to 128
[  141.598719][ T9390] loop4: detected capacity change from 0 to 512
[  141.606655][ T9391] loop0: detected capacity change from 0 to 128
[  141.619508][ T9390] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  141.653437][ T9390] EXT4-fs (loop4): 1 truncate cleaned up
[  141.719780][ T9394] loop3: detected capacity change from 0 to 2048
[  141.787344][   T36] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  141.805388][ T9400] loop0: detected capacity change from 0 to 512
[  141.831506][ T9400] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  141.836603][   T36] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  141.853185][   T36] EXT4-fs (loop3): This should not happen!! Data will be lost
[  141.853185][   T36] 
[  141.862937][   T36] EXT4-fs (loop3): Total free blocks count 0
[  141.869043][   T36] EXT4-fs (loop3): Free/Dirty block details
[  141.874977][   T36] EXT4-fs (loop3): free_blocks=2415919104
[  141.880801][   T36] EXT4-fs (loop3): dirty_blocks=32
[  141.886334][   T36] EXT4-fs (loop3): Block reservation details
[  141.892397][   T36] EXT4-fs (loop3): i_reserved_data_blocks=2
[  141.901599][ T9406] program syz.5.2032 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  141.912112][   T36] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28
[  141.924633][   T36] EXT4-fs (loop3): This should not happen!! Data will be lost
[  141.924633][   T36] 
[  141.970466][ T9408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2033'.
[  142.012803][ T9408] IPVS: Error connecting to the multicast addr
[  142.028723][ T9408] loop0: detected capacity change from 0 to 512
[  142.048108][ T9408] ext4 filesystem being mounted at /379/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  142.053441][ T9419] loop3: detected capacity change from 0 to 512
[  142.080899][ T9419] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  142.142263][ T9424] loop4: detected capacity change from 0 to 512
[  142.150028][ T9424] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  142.216543][ T9432] syz.0.2040[9432] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.216661][ T9432] syz.0.2040[9432] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.238425][ T9432] syz.0.2040[9432] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.343339][ T9442] loop4: detected capacity change from 0 to 512
[  142.365335][ T9444] syz.3.2043[9444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.365394][ T9444] syz.3.2043[9444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.368052][ T9437] loop6: detected capacity change from 0 to 1024
[  142.390413][ T9444] syz.3.2043[9444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.403506][ T9437] EXT4-fs: Ignoring removed oldalloc option
[  142.422439][ T9437] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  142.442626][ T9442] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  142.452368][ T9437] FAULT_INJECTION: forcing a failure.
[  142.452368][ T9437] name failslab, interval 1, probability 0, space 0, times 0
[  142.465097][ T9437] CPU: 0 UID: 0 PID: 9437 Comm: syz.6.2042 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  142.475467][ T9437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  142.485554][ T9437] Call Trace:
[  142.488874][ T9437]  <TASK>
[  142.491819][ T9437]  dump_stack_lvl+0xf2/0x150
[  142.496423][ T9437]  dump_stack+0x15/0x20
[  142.500686][ T9437]  should_fail_ex+0x223/0x230
[  142.505464][ T9437]  should_failslab+0x8f/0xb0
[  142.510139][ T9437]  kmem_cache_alloc_noprof+0x52/0x320
[  142.515641][ T9437]  ? skb_clone+0x154/0x1f0
[  142.520088][ T9437]  ? mod_objcg_state+0x2ea/0x4f0
[  142.525068][ T9437]  skb_clone+0x154/0x1f0
[  142.529402][ T9437]  dev_queue_xmit_nit+0x14b/0x680
[  142.534532][ T9437]  dev_hard_start_xmit+0xcc/0x3f0
[  142.539580][ T9437]  ? validate_xmit_skb+0x645/0x830
[  142.544705][ T9437]  __dev_queue_xmit+0x100a/0x2090
[  142.549818][ T9437]  ? __dev_queue_xmit+0x186/0x2090
[  142.555015][ T9437]  ? __skb_clone+0x2d0/0x2f0
[  142.559631][ T9437]  __netlink_deliver_tap+0x3be/0x4f0
[  142.565013][ T9437]  netlink_unicast+0x64a/0x670
[  142.569812][ T9437]  netlink_sendmsg+0x5cc/0x6e0
[  142.574595][ T9437]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.579925][ T9437]  __sock_sendmsg+0x140/0x180
[  142.584645][ T9437]  ____sys_sendmsg+0x312/0x410
[  142.589428][ T9437]  __sys_sendmsg+0x19d/0x230
[  142.594616][ T9437]  __x64_sys_sendmsg+0x46/0x50
[  142.599448][ T9437]  x64_sys_call+0x2734/0x2dc0
[  142.604292][ T9437]  do_syscall_64+0xc9/0x1c0
[  142.608834][ T9437]  ? clear_bhb_loop+0x55/0xb0
[  142.613521][ T9437]  ? clear_bhb_loop+0x55/0xb0
[  142.618206][ T9437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.624184][ T9437] RIP: 0033:0x7f0ac8450809
[  142.628606][ T9437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.648229][ T9437] RSP: 002b:00007f0ac6ac7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  142.656665][ T9437] RAX: ffffffffffffffda RBX: 00007f0ac8615fa0 RCX: 00007f0ac8450809
[  142.664695][ T9437] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000009
[  142.672748][ T9437] RBP: 00007f0ac6ac70a0 R08: 0000000000000000 R09: 0000000000000000
[  142.680727][ T9437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  142.688716][ T9437] R13: 0000000000000000 R14: 00007f0ac8615fa0 R15: 00007ffc0fe34e58
[  142.696723][ T9437]  </TASK>
[  142.893008][ T9461] loop0: detected capacity change from 0 to 128
[  142.996850][ T9463] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2051'.
[  143.030865][ T9464] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  143.040309][ T9466] loop4: detected capacity change from 0 to 512
[  143.059062][ T9466] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  143.179176][ T9477] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2057'.
[  143.285185][ T9485] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  143.312801][ T9488] syz.4.2058[9488] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.532108][ T9504] loop6: detected capacity change from 0 to 512
[  143.585736][ T9504] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  143.933700][ T9530] loop6: detected capacity change from 0 to 512
[  143.968461][ T9530] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  144.006290][ T9536] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2079'.
[  144.019262][ T9535] loop5: detected capacity change from 0 to 1024
[  144.026515][ T9535] EXT4-fs: Ignoring removed oldalloc option
[  144.056368][ T9536] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2079'.
[  144.065845][ T9535] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  144.181385][ T9554] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2079'.
[  144.197508][   T29] kauditd_printk_skb: 469 callbacks suppressed
[  144.197522][   T29] audit: type=1326 audit(1732728047.618:10574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9547 comm="syz.6.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  144.227725][   T29] audit: type=1326 audit(1732728047.618:10575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9547 comm="syz.6.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  144.251394][   T29] audit: type=1326 audit(1732728047.618:10576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9547 comm="syz.6.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  144.275343][   T29] audit: type=1326 audit(1732728047.618:10577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9547 comm="syz.6.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  144.292680][ T9556] loop6: detected capacity change from 0 to 128
[  144.299761][   T29] audit: type=1326 audit(1732728047.648:10578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9547 comm="syz.6.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  144.328806][   T29] audit: type=1326 audit(1732728047.648:10579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9547 comm="syz.6.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  144.352548][   T29] audit: type=1326 audit(1732728047.648:10580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9547 comm="syz.6.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  144.376192][   T29] audit: type=1326 audit(1732728047.648:10581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9547 comm="syz.6.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  144.399781][   T29] audit: type=1326 audit(1732728047.648:10582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9547 comm="syz.6.2082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  144.403264][ T9556] bio_check_eod: 26 callbacks suppressed
[  144.403283][ T9556] syz.6.2084: attempt to access beyond end of device
[  144.403283][ T9556] loop6: rw=2049, sector=145, nr_sectors = 896 limit=128
[  144.423303][   T29] audit: type=1326 audit(1732728047.658:10583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9534 comm="syz.4.2079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  144.490808][ T9556] syz.6.2084: attempt to access beyond end of device
[  144.490808][ T9556] loop6: rw=524288, sector=145, nr_sectors = 224 limit=128
[  144.511806][ T9556] syz.6.2084: attempt to access beyond end of device
[  144.511806][ T9556] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  144.535560][ T9562] loop3: detected capacity change from 0 to 512
[  144.555283][ T9562] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  144.571250][ T9556] syz.6.2084: attempt to access beyond end of device
[  144.571250][ T9556] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  144.587782][ T9556] syz.6.2084: attempt to access beyond end of device
[  144.587782][ T9556] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  144.602994][ T9556] syz.6.2084: attempt to access beyond end of device
[  144.602994][ T9556] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  144.656278][ T9574] IPVS: Error connecting to the multicast addr
[  144.703889][ T9578] loop0: detected capacity change from 0 to 512
[  144.730165][ T9578] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  144.804417][ T9586] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  144.863450][ T9589] tipc: Started in network mode
[  144.868442][ T9589] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[  144.901553][ T9589] tipc: Enabled bearer <udp:syz0>, priority 10
[  144.921314][ T9586] SELinux: failed to load policy
[  144.973051][ T9586] tipc: New replicast peer: 255.255.255.255
[  144.979196][ T9586] tipc: Enabled bearer <udp:syz2>, priority 10
[  145.028377][ T9602] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.037326][ T9602] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.048948][ T9604] loop6: detected capacity change from 0 to 512
[  145.055958][ T9604] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  145.067184][ T9604] EXT4-fs (loop6): 1 truncate cleaned up
[  145.181072][ T9610] IPVS: Error connecting to the multicast addr
[  145.393800][ T9625] loop6: detected capacity change from 0 to 512
[  145.402109][ T9625] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  145.489589][ T9633] loop4: detected capacity change from 0 to 512
[  145.498351][ T9633] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  145.510850][ T9633] EXT4-fs (loop4): 1 truncate cleaned up
[  145.540203][ T9636] loop5: detected capacity change from 0 to 1024
[  145.547224][ T9636] EXT4-fs: Ignoring removed oldalloc option
[  145.574051][ T9636] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  145.587636][ T9638] loop0: detected capacity change from 0 to 128
[  145.653519][ T9638] syz.0.2116: attempt to access beyond end of device
[  145.653519][ T9638] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  145.682859][ T9638] syz.0.2116: attempt to access beyond end of device
[  145.682859][ T9638] loop0: rw=524288, sector=145, nr_sectors = 224 limit=128
[  145.708373][ T9638] syz.0.2116: attempt to access beyond end of device
[  145.708373][ T9638] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  145.722584][ T9638] syz.0.2116: attempt to access beyond end of device
[  145.722584][ T9638] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  145.759270][ T9655] loop6: detected capacity change from 0 to 256
[  145.894380][ T9672] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.904862][ T9672] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.922181][ T9678] loop0: detected capacity change from 0 to 512
[  145.936560][ T9678] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  145.948286][ T9678] EXT4-fs (loop0): 1 truncate cleaned up
[  145.970991][ T9681] loop5: detected capacity change from 0 to 512
[  145.978138][ T9681] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  145.986977][   T35] tipc: Node number set to 4269801491
[  146.099866][ T9694] loop5: detected capacity change from 0 to 512
[  146.108723][ T9694] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  146.244686][ T9706] FAULT_INJECTION: forcing a failure.
[  146.244686][ T9706] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  146.257892][ T9706] CPU: 1 UID: 0 PID: 9706 Comm: syz.5.2138 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  146.268267][ T9706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  146.278346][ T9706] Call Trace:
[  146.281643][ T9706]  <TASK>
[  146.284592][ T9706]  dump_stack_lvl+0xf2/0x150
[  146.289253][ T9706]  dump_stack+0x15/0x20
[  146.293427][ T9706]  should_fail_ex+0x223/0x230
[  146.298141][ T9706]  should_fail+0xb/0x10
[  146.302470][ T9706]  should_fail_usercopy+0x1a/0x20
[  146.307580][ T9706]  _copy_to_user+0x20/0xa0
[  146.312033][ T9706]  simple_read_from_buffer+0xa0/0x110
[  146.317471][ T9706]  proc_fail_nth_read+0xf9/0x140
[  146.322458][ T9706]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  146.328042][ T9706]  vfs_read+0x1a2/0x700
[  146.332227][ T9706]  ? __rcu_read_unlock+0x4e/0x70
[  146.337179][ T9706]  ? __fget_files+0x17c/0x1c0
[  146.341874][ T9706]  ksys_read+0xe8/0x1b0
[  146.346105][ T9706]  __x64_sys_read+0x42/0x50
[  146.350660][ T9706]  x64_sys_call+0x2874/0x2dc0
[  146.355369][ T9706]  do_syscall_64+0xc9/0x1c0
[  146.359882][ T9706]  ? clear_bhb_loop+0x55/0xb0
[  146.364566][ T9706]  ? clear_bhb_loop+0x55/0xb0
[  146.369380][ T9706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.375312][ T9706] RIP: 0033:0x7faa377cf21c
[  146.379736][ T9706] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  146.399391][ T9706] RSP: 002b:00007faa35e47050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  146.407876][ T9706] RAX: ffffffffffffffda RBX: 00007faa37995fa0 RCX: 00007faa377cf21c
[  146.415856][ T9706] RDX: 000000000000000f RSI: 00007faa35e470b0 RDI: 0000000000000006
[  146.423832][ T9706] RBP: 00007faa35e470a0 R08: 0000000000000000 R09: 0000000000000000
[  146.431958][ T9706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.439950][ T9706] R13: 0000000000000000 R14: 00007faa37995fa0 R15: 00007ffe19897128
[  146.447963][ T9706]  </TASK>
[  146.625872][ T9723] loop4: detected capacity change from 0 to 512
[  146.629273][ T9721] loop3: detected capacity change from 0 to 512
[  146.639623][ T9723] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  146.644722][ T9721] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  146.664788][ T9721] EXT4-fs (loop3): 1 truncate cleaned up
[  146.701699][ T9731] loop5: detected capacity change from 0 to 512
[  146.716139][ T9731] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  146.839362][ T9746] bpf_get_probe_write_proto: 11 callbacks suppressed
[  146.839382][ T9746] syz.6.2150[9746] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.854026][ T9746] syz.6.2150[9746] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.889850][ T9746] syz.6.2150[9746] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.910167][ T9748] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  146.967016][ T9748] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.172599][ T9764] loop6: detected capacity change from 0 to 512
[  147.203634][ T9764] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  147.381231][ T9771] loop3: detected capacity change from 0 to 512
[  147.398909][ T9771] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  147.403226][ T9778] loop6: detected capacity change from 0 to 512
[  147.418818][ T9778] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  147.429513][ T9771] EXT4-fs (loop3): 1 truncate cleaned up
[  147.574256][ T9794] loop5: detected capacity change from 0 to 512
[  147.587533][ T9794] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  147.852375][ T9822] netlink: 'syz.6.2180': attribute type 4 has an invalid length.
[  147.889619][ T9826] loop4: detected capacity change from 0 to 512
[  147.897761][ T9826] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  147.970033][ T9835] loop3: detected capacity change from 0 to 128
[  148.277431][ T9852] loop0: detected capacity change from 0 to 512
[  148.284428][ T9852] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  148.394768][ T9862] loop0: detected capacity change from 0 to 512
[  148.402384][ T9862] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  148.440980][ T9871] FAULT_INJECTION: forcing a failure.
[  148.440980][ T9871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  148.454216][ T9871] CPU: 0 UID: 0 PID: 9871 Comm: syz.0.2199 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  148.464591][ T9871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  148.474755][ T9871] Call Trace:
[  148.478116][ T9871]  <TASK>
[  148.481142][ T9871]  dump_stack_lvl+0xf2/0x150
[  148.485795][ T9871]  dump_stack+0x15/0x20
[  148.490039][ T9871]  should_fail_ex+0x223/0x230
[  148.494801][ T9871]  should_fail+0xb/0x10
[  148.498983][ T9871]  should_fail_usercopy+0x1a/0x20
[  148.504038][ T9871]  _copy_to_user+0x20/0xa0
[  148.508553][ T9871]  finalize_log+0x89/0x110
[  148.513002][ T9871]  btf_new_fd+0x520/0x790
[  148.517421][ T9871]  bpf_btf_load+0x115/0x130
[  148.521980][ T9871]  __sys_bpf+0x686/0x7a0
[  148.526248][ T9871]  __x64_sys_bpf+0x43/0x50
[  148.530678][ T9871]  x64_sys_call+0x2914/0x2dc0
[  148.535436][ T9871]  do_syscall_64+0xc9/0x1c0
[  148.539950][ T9871]  ? clear_bhb_loop+0x55/0xb0
[  148.544631][ T9871]  ? clear_bhb_loop+0x55/0xb0
[  148.549316][ T9871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.555315][ T9871] RIP: 0033:0x7fea6a0a0809
[  148.559740][ T9871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.579418][ T9871] RSP: 002b:00007fea68717058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  148.587849][ T9871] RAX: ffffffffffffffda RBX: 00007fea6a265fa0 RCX: 00007fea6a0a0809
[  148.595886][ T9871] RDX: 0000000000000028 RSI: 0000000020000200 RDI: 0000000000000012
[  148.603976][ T9871] RBP: 00007fea687170a0 R08: 0000000000000000 R09: 0000000000000000
[  148.611954][ T9871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  148.619932][ T9871] R13: 0000000000000001 R14: 00007fea6a265fa0 R15: 00007ffecde11408
[  148.627923][ T9871]  </TASK>
[  148.762745][ T9882] loop0: detected capacity change from 0 to 512
[  148.781142][ T9882] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  148.808603][ T9882] EXT4-fs (loop0): 1 truncate cleaned up
[  148.902608][ T9901] loop5: detected capacity change from 0 to 512
[  148.925884][ T9901] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  149.059288][ T9909] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2211'.
[  149.114654][ T9911] loop6: detected capacity change from 0 to 1024
[  149.136487][ T9911] EXT4-fs: Ignoring removed oldalloc option
[  149.159045][ T9911] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  149.267502][   T29] kauditd_printk_skb: 599 callbacks suppressed
[  149.267521][   T29] audit: type=1326 audit(1732728052.688:11183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9924 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  149.349717][   T29] audit: type=1326 audit(1732728052.718:11184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9924 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  149.373336][   T29] audit: type=1326 audit(1732728052.718:11185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9924 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  149.397222][   T29] audit: type=1326 audit(1732728052.718:11186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9924 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  149.421037][   T29] audit: type=1326 audit(1732728052.718:11187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9924 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  149.444658][   T29] audit: type=1326 audit(1732728052.718:11188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9924 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  149.468231][   T29] audit: type=1326 audit(1732728052.718:11189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9924 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  149.491828][   T29] audit: type=1326 audit(1732728052.718:11190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9924 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  149.515620][   T29] audit: type=1326 audit(1732728052.718:11191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9924 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  149.539959][   T29] audit: type=1326 audit(1732728052.718:11192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9924 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ac8450809 code=0x7ffc0000
[  149.649408][ T9941] loop4: detected capacity change from 0 to 512
[  149.674419][ T9943] loop3: detected capacity change from 0 to 512
[  149.688823][ T9943] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  149.709970][ T9941] ext4 filesystem being mounted at /454/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.234328][ T9982] loop4: detected capacity change from 0 to 128
[  150.252275][ T9984] loop3: detected capacity change from 0 to 512
[  150.259322][ T9984] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  150.270853][ T9982] bio_check_eod: 8 callbacks suppressed
[  150.270866][ T9982] syz.4.2235: attempt to access beyond end of device
[  150.270866][ T9982] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  150.303507][ T9982] syz.4.2235: attempt to access beyond end of device
[  150.303507][ T9982] loop4: rw=524288, sector=145, nr_sectors = 224 limit=128
[  150.311686][ T9987] loop5: detected capacity change from 0 to 1024
[  150.318967][ T9982] syz.4.2235: attempt to access beyond end of device
[  150.318967][ T9982] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  150.337128][ T9982] syz.4.2235: attempt to access beyond end of device
[  150.337128][ T9982] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  150.350560][ T9982] syz.4.2235: attempt to access beyond end of device
[  150.350560][ T9982] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  150.366445][ T9982] syz.4.2235: attempt to access beyond end of device
[  150.366445][ T9982] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  150.423571][ T9987] FAULT_INJECTION: forcing a failure.
[  150.423571][ T9987] name failslab, interval 1, probability 0, space 0, times 0
[  150.436322][ T9987] CPU: 0 UID: 0 PID: 9987 Comm: syz.5.2237 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  150.446686][ T9987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  150.456775][ T9987] Call Trace:
[  150.460063][ T9987]  <TASK>
[  150.463005][ T9987]  dump_stack_lvl+0xf2/0x150
[  150.467611][ T9987]  dump_stack+0x15/0x20
[  150.471777][ T9987]  should_fail_ex+0x223/0x230
[  150.476562][ T9987]  should_failslab+0x8f/0xb0
[  150.481207][ T9987]  kmem_cache_alloc_noprof+0x52/0x320
[  150.486604][ T9987]  ? audit_log_start+0x34c/0x6b0
[  150.491662][ T9987]  ? audit_log_end+0x1d0/0x1e0
[  150.496515][ T9987]  audit_log_start+0x34c/0x6b0
[  150.501301][ T9987]  ? kmem_cache_free+0xdc/0x2d0
[  150.506253][ T9987]  audit_seccomp+0x4b/0x130
[  150.510775][ T9987]  __seccomp_filter+0x6fa/0x1180
[  150.515728][ T9987]  ? __pv_queued_spin_lock_slowpath+0x4ea/0x7a0
[  150.521985][ T9987]  ? proc_ptrace_connector+0xdb/0x230
[  150.527519][ T9987]  ? security_ptrace_access_check+0x67/0x80
[  150.533482][ T9987]  __secure_computing+0x9f/0x1c0
[  150.538446][ T9987]  syscall_trace_enter+0xd1/0x1f0
[  150.543570][ T9987]  ? fpregs_assert_state_consistent+0x83/0xa0
[  150.549688][ T9987]  do_syscall_64+0xaa/0x1c0
[  150.554208][ T9987]  ? clear_bhb_loop+0x55/0xb0
[  150.558900][ T9987]  ? clear_bhb_loop+0x55/0xb0
[  150.563583][ T9987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.569533][ T9987] RIP: 0033:0x7faa377cf21c
[  150.573956][ T9987] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  150.593697][ T9987] RSP: 002b:00007faa35e47050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  150.602224][ T9987] RAX: ffffffffffffffda RBX: 00007faa37995fa0 RCX: 00007faa377cf21c
[  150.610210][ T9987] RDX: 000000000000000f RSI: 00007faa35e470b0 RDI: 0000000000000004
[  150.618233][ T9987] RBP: 00007faa35e470a0 R08: 0000000000000000 R09: 0000000000000000
[  150.626213][ T9987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.634285][ T9987] R13: 0000000000000000 R14: 00007faa37995fa0 R15: 00007ffe19897128
[  150.642277][ T9987]  </TASK>
[  150.721987][T10007] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2243'.
[  150.733263][T10007] IPVS: Error connecting to the multicast addr
[  150.981310][T10022] FAULT_INJECTION: forcing a failure.
[  150.981310][T10022] name failslab, interval 1, probability 0, space 0, times 0
[  150.994060][T10022] CPU: 0 UID: 0 PID: 10022 Comm: syz.0.2248 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  151.004522][T10022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  151.014636][T10022] Call Trace:
[  151.017923][T10022]  <TASK>
[  151.020875][T10022]  dump_stack_lvl+0xf2/0x150
[  151.025471][T10022]  dump_stack+0x15/0x20
[  151.029628][T10022]  should_fail_ex+0x223/0x230
[  151.034407][T10022]  ? dst_cow_metrics_generic+0x3a/0x150
[  151.040050][T10022]  should_failslab+0x8f/0xb0
[  151.044788][T10022]  __kmalloc_cache_noprof+0x4e/0x320
[  151.050120][T10022]  dst_cow_metrics_generic+0x3a/0x150
[  151.055613][T10022]  icmp6_dst_alloc+0x1f5/0x320
[  151.060403][T10022]  ? icmpv6_flow_init+0x93/0xb0
[  151.065347][T10022]  ndisc_send_skb+0x175/0x700
[  151.070235][T10022]  ndisc_solicit+0x24b/0x300
[  151.074850][T10022]  ? __pfx_ndisc_solicit+0x10/0x10
[  151.079972][T10022]  __neigh_event_send+0x85f/0xa80
[  151.085020][T10022]  neigh_resolve_output+0x114/0x450
[  151.090226][T10022]  ip6_finish_output2+0xa65/0xd00
[  151.095262][T10022]  ? __rcu_read_unlock+0x34/0x70
[  151.100245][T10022]  ip6_finish_output+0x438/0x540
[  151.105245][T10022]  ip6_output+0xf5/0x230
[  151.109507][T10022]  ? __pfx_ip6_finish_output+0x10/0x10
[  151.114988][T10022]  ? __pfx_ip6_output+0x10/0x10
[  151.119876][T10022]  ip6_local_out+0x76/0xd0
[  151.124340][T10022]  ip6_send_skb+0x5a/0x120
[  151.128868][T10022]  udp_v6_send_skb+0x772/0xbe0
[  151.133674][T10022]  udpv6_sendmsg+0x14e2/0x1590
[  151.138448][T10022]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  151.144024][T10022]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  151.149252][T10022]  inet6_sendmsg+0xaf/0xd0
[  151.153819][T10022]  __sock_sendmsg+0x8b/0x180
[  151.158467][T10022]  ____sys_sendmsg+0x312/0x410
[  151.163306][T10022]  __sys_sendmsg+0x19d/0x230
[  151.168095][T10022]  __x64_sys_sendmsg+0x46/0x50
[  151.172908][T10022]  x64_sys_call+0x2734/0x2dc0
[  151.177655][T10022]  do_syscall_64+0xc9/0x1c0
[  151.182203][T10022]  ? clear_bhb_loop+0x55/0xb0
[  151.186918][T10022]  ? clear_bhb_loop+0x55/0xb0
[  151.191684][T10022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.197627][T10022] RIP: 0033:0x7fea6a0a0809
[  151.202057][T10022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.221776][T10022] RSP: 002b:00007fea68717058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  151.230201][T10022] RAX: ffffffffffffffda RBX: 00007fea6a265fa0 RCX: 00007fea6a0a0809
[  151.238192][T10022] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  151.246171][T10022] RBP: 00007fea687170a0 R08: 0000000000000000 R09: 0000000000000000
[  151.254161][T10022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  151.262200][T10022] R13: 0000000000000000 R14: 00007fea6a265fa0 R15: 00007ffecde11408
[  151.270289][T10022]  </TASK>
[  151.313677][T10028] loop0: detected capacity change from 0 to 1024
[  151.340867][T10028] EXT4-fs: Ignoring removed oldalloc option
[  151.361172][T10028] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  151.695390][T10064] loop0: detected capacity change from 0 to 256
[  151.717443][T10064] FAT-fs (loop0): bogus number of FAT sectors
[  151.723580][T10064] FAT-fs (loop0): Can't find a valid FAT filesystem
[  151.753807][T10069] loop6: detected capacity change from 0 to 512
[  151.784128][T10069] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  151.796050][T10035] chnl_net:caif_netlink_parms(): no params data found
[  151.799132][T10072] loop3: detected capacity change from 0 to 2048
[  151.934434][T10035] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.941824][T10035] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.968851][T10035] bridge_slave_0: entered allmulticast mode
[  151.986528][T10035] bridge_slave_0: entered promiscuous mode
[  152.009166][T10035] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.016446][T10035] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.045934][T10035] bridge_slave_1: entered allmulticast mode
[  152.059324][T10035] bridge_slave_1: entered promiscuous mode
[  152.098269][T10035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.121974][T10035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.138473][T10084] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  152.167961][T10084] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  152.180393][T10084] EXT4-fs (loop3): This should not happen!! Data will be lost
[  152.180393][T10084] 
[  152.190122][T10084] EXT4-fs (loop3): Total free blocks count 0
[  152.196186][T10084] EXT4-fs (loop3): Free/Dirty block details
[  152.202133][T10084] EXT4-fs (loop3): free_blocks=2415919104
[  152.207912][T10084] EXT4-fs (loop3): dirty_blocks=8224
[  152.213224][T10084] EXT4-fs (loop3): Block reservation details
[  152.219252][T10084] EXT4-fs (loop3): i_reserved_data_blocks=514
[  152.230415][T10035] team0: Port device team_slave_0 added
[  152.238944][T10035] team0: Port device team_slave_1 added
[  152.272494][T10035] batman_adv: batadv0: Adding interface: batadv_slave_0
[  152.279702][T10035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.305792][T10035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  152.364630][T10035] batman_adv: batadv0: Adding interface: batadv_slave_1
[  152.369035][   T28] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[  152.371784][T10035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.384271][   T28] EXT4-fs (loop3): This should not happen!! Data will be lost
[  152.384271][   T28] 
[  152.420091][T10035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  152.451928][T10104] 9pnet: Could not find request transport: f
[  152.464109][T10107] loop4: detected capacity change from 0 to 128
[  152.472457][T10104] netlink: '+}[@': attribute type 3 has an invalid length.
[  152.479778][T10104] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  152.522374][T10107] syz.4.2275: attempt to access beyond end of device
[  152.522374][T10107] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  152.602771][T10107] syz.4.2275: attempt to access beyond end of device
[  152.602771][T10107] loop4: rw=524288, sector=145, nr_sectors = 224 limit=128
[  152.625809][T10107] syz.4.2275: attempt to access beyond end of device
[  152.625809][T10107] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  152.639314][T10107] syz.4.2275: attempt to access beyond end of device
[  152.639314][T10107] loop4: rw=0, sector=145, nr_sectors = 8 limit=128
[  152.702411][T10035] hsr_slave_0: entered promiscuous mode
[  152.712751][T10035] hsr_slave_1: entered promiscuous mode
[  152.729229][T10035] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  152.743401][T10035] Cannot create hsr debugfs directory
[  152.955102][T10035] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  152.968045][T10035] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  152.968859][T10135] loop3: detected capacity change from 0 to 512
[  152.983417][T10035] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  153.002216][T10035] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  153.017283][T10135] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  153.074190][T10035] 8021q: adding VLAN 0 to HW filter on device bond0
[  153.088596][T10035] 8021q: adding VLAN 0 to HW filter on device team0
[  153.115460][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.122580][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  153.149646][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.156757][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  153.226652][T10144] loop4: detected capacity change from 0 to 128
[  153.311966][T10035] 8021q: adding VLAN 0 to HW filter on device batadv0
[  153.566346][T10171] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2292'.
[  153.575466][T10171] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2292'.
[  153.628717][T10171] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2292'.
[  153.638320][T10035] veth0_vlan: entered promiscuous mode
[  153.647494][T10035] veth1_vlan: entered promiscuous mode
[  153.674016][T10179] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2295'.
[  153.674701][T10035] veth0_macvtap: entered promiscuous mode
[  153.689659][T10171] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2292'.
[  153.691508][T10179] IPVS: Unknown mcast interface: vcan0
[  153.698731][T10171] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2292'.
[  153.699229][T10171] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2292'.
[  153.706864][T10035] veth1_macvtap: entered promiscuous mode
[  153.736857][T10035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.747951][T10035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.757848][T10035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.768451][T10035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.778853][T10035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.789602][T10035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.799586][T10035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.810051][T10035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.819973][T10035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.830440][T10035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.841664][T10035] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.850663][T10035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.861163][T10035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.871014][T10035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.881808][T10035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.891853][T10035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.902617][T10035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.912693][T10035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.923184][T10035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.933098][T10035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.943761][T10035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.956379][T10186] loop4: detected capacity change from 0 to 512
[  153.966298][T10186] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  153.966662][T10035] batman_adv: batadv0: Interface activated: batadv_slave_1
[  153.996093][T10035] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.005074][T10035] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.013830][T10035] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.022828][T10035] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.116611][T10199] loop4: detected capacity change from 0 to 2048
[  154.140981][T10207] __nla_validate_parse: 3 callbacks suppressed
[  154.140998][T10207] netlink: 268 bytes leftover after parsing attributes in process `syz.7.2255'.
[  154.233309][T10207] loop7: detected capacity change from 0 to 4096
[  154.299547][   T29] kauditd_printk_skb: 520 callbacks suppressed
[  154.299565][   T29] audit: type=1326 audit(1732728057.718:11709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10215 comm="syz.4.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  154.337972][   T29] audit: type=1326 audit(1732728057.758:11710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10215 comm="syz.4.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  154.361831][   T29] audit: type=1326 audit(1732728057.758:11711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10215 comm="syz.4.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  154.379110][T10222] loop7: detected capacity change from 0 to 1024
[  154.385482][   T29] audit: type=1326 audit(1732728057.758:11712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10215 comm="syz.4.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  154.415389][   T29] audit: type=1326 audit(1732728057.758:11713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10215 comm="syz.4.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  154.439304][   T29] audit: type=1326 audit(1732728057.758:11714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10215 comm="syz.4.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  154.445695][T10222] EXT4-fs: Ignoring removed oldalloc option
[  154.465900][   T29] audit: type=1326 audit(1732728057.758:11715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10215 comm="syz.4.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  154.473701][T10222] EXT4-fs (loop7): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  154.492606][   T29] audit: type=1326 audit(1732728057.758:11716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10223 comm="syz.4.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fb5003728e5 code=0x7ffc0000
[  154.526184][   T29] audit: type=1326 audit(1732728057.758:11717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10215 comm="syz.4.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  154.549836][   T29] audit: type=1326 audit(1732728057.768:11718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10215 comm="syz.4.2306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7fb500340809 code=0x7ffc0000
[  154.840196][T10254] loop4: detected capacity change from 0 to 512
[  154.847986][T10254] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  155.750740][T10291] loop3: detected capacity change from 0 to 512
[  155.791543][T10291] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  155.825978][T10295] loop7: detected capacity change from 0 to 2048
[  156.000670][T10310] IPVS: Error connecting to the multicast addr
[  156.327484][T10326] loop6: detected capacity change from 0 to 1024
[  156.342475][T10326] EXT4-fs: Ignoring removed oldalloc option
[  156.354601][T10326] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  156.539505][T10336] loop4: detected capacity change from 0 to 512
[  156.557847][T10336] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  157.025491][T10360] IPVS: Error connecting to the multicast addr
[  157.050881][T10355] loop7: detected capacity change from 0 to 2048
[  157.109028][T10355] EXT4-fs mount: 165 callbacks suppressed
[  157.109047][T10355] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.195430][T10374] loop6: detected capacity change from 0 to 1024
[  157.215464][T10374] EXT4-fs: Ignoring removed oldalloc option
[  157.247407][T10374] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  157.298910][T10035] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.308609][T10378] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.319322][T10378] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.438859][T10374] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.561266][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.069571][T10432] loop6: detected capacity change from 0 to 1024
[  158.078875][T10432] EXT4-fs: Ignoring removed oldalloc option
[  158.141415][T10432] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  158.241950][T10446] IPVS: Error connecting to the multicast addr
[  158.457125][T10432] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.538047][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.543719][T10469] loop4: detected capacity change from 0 to 512
[  158.561819][T10469] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  158.621420][T10469] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.745898][ T3330] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.920980][T10495] SELinux:  policydb version 0 does not match my version range 15-33
[  158.931970][T10497] FAULT_INJECTION: forcing a failure.
[  158.931970][T10497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.945255][T10497] CPU: 1 UID: 0 PID: 10497 Comm: syz.7.2391 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  158.948605][T10495] SELinux: failed to load policy
[  158.955679][T10497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  158.970713][T10497] Call Trace:
[  158.974008][T10497]  <TASK>
[  158.976964][T10497]  dump_stack_lvl+0xf2/0x150
[  158.981586][T10497]  dump_stack+0x15/0x20
[  158.985795][T10497]  should_fail_ex+0x223/0x230
[  158.990520][T10497]  should_fail+0xb/0x10
[  158.994698][T10497]  should_fail_usercopy+0x1a/0x20
[  158.999771][T10497]  strncpy_from_user+0x25/0x210
[  159.004691][T10497]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  159.010411][T10497]  ? getname_flags+0x81/0x3b0
[  159.015114][T10497]  getname_flags+0xb0/0x3b0
[  159.019636][T10497]  getname+0x17/0x20
[  159.023541][T10497]  path_setxattrat+0x23a/0x310
[  159.028416][T10497]  __x64_sys_setxattr+0x6e/0x90
[  159.033278][T10497]  x64_sys_call+0x2247/0x2dc0
[  159.037971][T10497]  do_syscall_64+0xc9/0x1c0
[  159.042540][T10497]  ? clear_bhb_loop+0x55/0xb0
[  159.047272][T10497]  ? clear_bhb_loop+0x55/0xb0
[  159.052021][T10497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.057947][T10497] RIP: 0033:0x7fdb96d30809
[  159.062405][T10497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.082056][T10497] RSP: 002b:00007fdb953a7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  159.090532][T10497] RAX: ffffffffffffffda RBX: 00007fdb96ef5fa0 RCX: 00007fdb96d30809
[  159.098512][T10497] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000000
[  159.106510][T10497] RBP: 00007fdb953a70a0 R08: 0000000000000000 R09: 0000000000000000
[  159.114566][T10497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.122548][T10497] R13: 0000000000000000 R14: 00007fdb96ef5fa0 R15: 00007fff331c68a8
[  159.130540][T10497]  </TASK>
[  159.185844][T10502] loop3: detected capacity change from 0 to 1024
[  159.238772][T10502] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.310078][   T29] kauditd_printk_skb: 477 callbacks suppressed
[  159.310253][   T29] audit: type=1326 audit(1732728062.728:12196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10501 comm="syz.3.2401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  159.356296][   T29] audit: type=1326 audit(1732728062.758:12197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10501 comm="syz.3.2401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  159.380190][   T29] audit: type=1326 audit(1732728062.758:12198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10501 comm="syz.3.2401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  159.404046][   T29] audit: type=1326 audit(1732728062.758:12199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10501 comm="syz.3.2401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  159.427676][   T29] audit: type=1326 audit(1732728062.758:12200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10501 comm="syz.3.2401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  159.451329][   T29] audit: type=1326 audit(1732728062.758:12201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10501 comm="syz.3.2401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  159.474983][   T29] audit: type=1326 audit(1732728062.768:12202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10501 comm="syz.3.2401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  159.499297][   T29] audit: type=1326 audit(1732728062.768:12203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10501 comm="syz.3.2401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  159.522945][   T29] audit: type=1326 audit(1732728062.768:12204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10501 comm="syz.3.2401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  159.558545][   T29] audit: type=1326 audit(1732728062.968:12205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10501 comm="syz.3.2401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe724b10809 code=0x7ffc0000
[  159.647999][T10523] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  159.672652][T10523] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  159.685681][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.699810][T10526] syz.4.2397[10526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.699878][T10526] syz.4.2397[10526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.711698][T10526] syz.4.2397[10526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.944902][T10544] loop6: detected capacity change from 0 to 128
[  160.067463][T10543] FAT-fs (loop6): error, corrupted directory (invalid entries)
[  160.075095][T10543] FAT-fs (loop6): Filesystem has been set read-only
[  160.084996][T10543] FAT-fs (loop6): error, corrupted directory (invalid entries)
[  160.300194][T10568] loop0: detected capacity change from 0 to 128
[  160.309868][T10563] loop3: detected capacity change from 0 to 256
[  160.325877][T10566] loop7: detected capacity change from 0 to 1024
[  160.330492][T10563] vfat: Unknown parameter '…'
[  160.347796][T10568] bio_check_eod: 8 callbacks suppressed
[  160.347815][T10568] syz.0.2415: attempt to access beyond end of device
[  160.347815][T10568] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  160.381857][T10566] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.392345][T10563] loop3: detected capacity change from 0 to 1024
[  160.409155][T10563] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  160.431933][T10568] syz.0.2415: attempt to access beyond end of device
[  160.431933][T10568] loop0: rw=524288, sector=145, nr_sectors = 224 limit=128
[  160.448153][T10568] syz.0.2415: attempt to access beyond end of device
[  160.448153][T10568] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  160.461577][T10568] syz.0.2415: attempt to access beyond end of device
[  160.461577][T10568] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  160.475045][T10568] syz.0.2415: attempt to access beyond end of device
[  160.475045][T10568] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  160.488452][T10568] syz.0.2415: attempt to access beyond end of device
[  160.488452][T10568] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[  160.544096][T10563] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.620605][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.640278][T10576] syz.6.2416[10576] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  160.640408][T10576] syz.6.2416[10576] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  160.652262][T10576] syz.6.2416[10576] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  160.753216][T10035] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.832091][T10586] loop3: detected capacity change from 0 to 256
[  160.854871][T10586] FAT-fs (loop3): Directory bread(block 64) failed
[  160.865446][T10586] FAT-fs (loop3): Directory bread(block 65) failed
[  160.872988][T10586] FAT-fs (loop3): Directory bread(block 66) failed
[  160.881380][T10589] IPVS: Error connecting to the multicast addr
[  160.887096][T10586] FAT-fs (loop3): Directory bread(block 67) failed
[  160.915051][T10586] FAT-fs (loop3): Directory bread(block 68) failed
[  160.933592][T10586] FAT-fs (loop3): Directory bread(block 69) failed
[  160.940687][T10586] FAT-fs (loop3): Directory bread(block 70) failed
[  160.947640][T10586] FAT-fs (loop3): Directory bread(block 71) failed
[  160.954309][T10586] FAT-fs (loop3): Directory bread(block 72) failed
[  160.961520][T10586] FAT-fs (loop3): Directory bread(block 73) failed
[  161.062188][T10600] loop0: detected capacity change from 0 to 2048
[  161.088369][T10600] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.186956][ T3325] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.200197][T10611] loop4: detected capacity change from 0 to 512
[  161.242673][T10611] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  161.250689][T10611] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002]
[  161.275018][T10611] EXT4-fs (loop4): orphan cleanup on readonly fs
[  161.301286][T10611] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279949761 > max in inode 13
[  161.311668][T10611] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279949762 > max in inode 13
[  161.320800][T10586] syz.3.2418: attempt to access beyond end of device
[  161.320800][T10586] loop3: rw=2049, sector=1800, nr_sectors = 5624 limit=256
[  161.322374][T10611] EXT4-fs (loop4): 1 truncate cleaned up
[  161.342077][T10611] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  161.375366][T10586] syz.3.2418: attempt to access beyond end of device
[  161.375366][T10586] loop3: rw=2049, sector=7424, nr_sectors = 2512 limit=256
[  161.555102][T10628] IPVS: Error connecting to the multicast addr
[  161.590400][T10586] syz.3.2418: attempt to access beyond end of device
[  161.590400][T10586] loop3: rw=0, sector=1864, nr_sectors = 4 limit=256
[  161.604751][T10585] syz.3.2418: attempt to access beyond end of device
[  161.604751][T10585] loop3: rw=524288, sector=1800, nr_sectors = 64 limit=256
[  161.743141][T10640] loop7: detected capacity change from 0 to 256
[  161.765143][T10640] FAT-fs (loop7): Directory bread(block 64) failed
[  161.773595][T10640] FAT-fs (loop7): Directory bread(block 65) failed
[  161.780394][T10640] FAT-fs (loop7): Directory bread(block 66) failed
[  161.787264][T10640] FAT-fs (loop7): Directory bread(block 67) failed
[  161.793939][T10640] FAT-fs (loop7): Directory bread(block 68) failed
[  161.800806][T10640] FAT-fs (loop7): Directory bread(block 69) failed
[  161.801290][ T3330] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.807439][T10640] FAT-fs (loop7): Directory bread(block 70) failed
[  161.823175][T10640] FAT-fs (loop7): Directory bread(block 71) failed
[  161.831894][T10640] FAT-fs (loop7): Directory bread(block 72) failed
[  161.839218][T10640] FAT-fs (loop7): Directory bread(block 73) failed
[  161.904652][T10640] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(9)
[  161.911268][T10640] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  161.919205][T10640] vhci_hcd vhci_hcd.0: Device attached
[  162.029692][T10653] vhci_hcd: connection closed
[  162.030030][ T2303] vhci_hcd: stop threads
[  162.039086][ T2303] vhci_hcd: release socket
[  162.043528][ T2303] vhci_hcd: disconnect device
[  162.158938][T10679] loop3: detected capacity change from 0 to 128
[  162.237720][T10683] loop4: detected capacity change from 0 to 128
[  162.336113][T10689] loop4: detected capacity change from 0 to 512
[  162.344086][T10689] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  162.344448][T10687] hub 2-0:1.0: USB hub found
[  162.358743][T10687] hub 2-0:1.0: 8 ports detected
[  162.359539][T10689] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.372387][T10687] loop3: detected capacity change from 0 to 512
[  162.403733][ T3330] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.414491][T10687] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  162.427921][T10687] ext4 filesystem being mounted at /568/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.464912][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  162.693741][T10712] loop7: detected capacity change from 0 to 128
[  162.751374][T10715] syz.3.2461[10715] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.751437][T10715] syz.3.2461[10715] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.767512][T10715] syz.3.2461[10715] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  162.812378][T10719] FAULT_INJECTION: forcing a failure.
[  162.812378][T10719] name failslab, interval 1, probability 0, space 0, times 0
[  162.836616][T10719] CPU: 0 UID: 0 PID: 10719 Comm: syz.7.2464 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  162.847060][T10719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  162.857158][T10719] Call Trace:
[  162.860455][T10719]  <TASK>
[  162.863413][T10719]  dump_stack_lvl+0xf2/0x150
[  162.868039][T10719]  dump_stack+0x15/0x20
[  162.872267][T10719]  should_fail_ex+0x223/0x230
[  162.877028][T10719]  should_failslab+0x8f/0xb0
[  162.881646][T10719]  kmem_cache_alloc_noprof+0x52/0x320
[  162.887047][T10719]  ? skb_clone+0x154/0x1f0
[  162.891499][T10719]  skb_clone+0x154/0x1f0
[  162.895790][T10719]  __netlink_deliver_tap+0x2bd/0x4f0
[  162.901146][T10719]  netlink_unicast+0x64a/0x670
[  162.905987][T10719]  netlink_sendmsg+0x5cc/0x6e0
[  162.910785][T10719]  ? __pfx_netlink_sendmsg+0x10/0x10
[  162.916109][T10719]  __sock_sendmsg+0x140/0x180
[  162.920829][T10719]  ____sys_sendmsg+0x312/0x410
[  162.925706][T10719]  __sys_sendmsg+0x19d/0x230
[  162.930471][T10719]  __x64_sys_sendmsg+0x46/0x50
[  162.935273][T10719]  x64_sys_call+0x2734/0x2dc0
[  162.939990][T10719]  do_syscall_64+0xc9/0x1c0
[  162.944515][T10719]  ? clear_bhb_loop+0x55/0xb0
[  162.949253][T10719]  ? clear_bhb_loop+0x55/0xb0
[  162.953960][T10719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.959923][T10719] RIP: 0033:0x7fdb96d30809
[  162.964360][T10719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.984039][T10719] RSP: 002b:00007fdb953a7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  162.992475][T10719] RAX: ffffffffffffffda RBX: 00007fdb96ef5fa0 RCX: 00007fdb96d30809
[  163.000525][T10719] RDX: 0000000000004084 RSI: 0000000020000340 RDI: 0000000000000005
[  163.008508][T10719] RBP: 00007fdb953a70a0 R08: 0000000000000000 R09: 0000000000000000
[  163.016511][T10719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.024494][T10719] R13: 0000000000000000 R14: 00007fdb96ef5fa0 R15: 00007fff331c68a8
[  163.032827][T10719]  </TASK>
[  163.066376][T10725] netlink: 60 bytes leftover after parsing attributes in process `syz.7.2465'.
[  163.265693][T10748] syz.0.2474[10748] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  163.313011][T10751] FAULT_INJECTION: forcing a failure.
[  163.313011][T10751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.326833][T10753] loop3: detected capacity change from 0 to 8192
[  163.337791][T10751] CPU: 1 UID: 0 PID: 10751 Comm: syz.7.2476 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  163.348197][T10753] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  163.354533][T10751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  163.354553][T10751] Call Trace:
[  163.354561][T10751]  <TASK>
[  163.381423][T10751]  dump_stack_lvl+0xf2/0x150
[  163.386096][T10751]  dump_stack+0x15/0x20
[  163.390324][T10751]  should_fail_ex+0x223/0x230
[  163.395034][T10751]  should_fail+0xb/0x10
[  163.399312][T10751]  should_fail_usercopy+0x1a/0x20
[  163.404367][T10751]  _copy_from_user+0x1e/0xb0
[  163.409086][T10751]  do_sock_getsockopt+0xd3/0x260
[  163.414109][T10751]  __x64_sys_getsockopt+0x18c/0x200
[  163.419354][T10751]  x64_sys_call+0x1288/0x2dc0
[  163.424081][T10751]  do_syscall_64+0xc9/0x1c0
[  163.428598][T10751]  ? clear_bhb_loop+0x55/0xb0
[  163.433382][T10751]  ? clear_bhb_loop+0x55/0xb0
[  163.438072][T10751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.444082][T10751] RIP: 0033:0x7fdb96d30809
[  163.448589][T10751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.468250][T10751] RSP: 002b:00007fdb953a7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  163.476798][T10751] RAX: ffffffffffffffda RBX: 00007fdb96ef5fa0 RCX: 00007fdb96d30809
[  163.484811][T10751] RDX: 000000000000271c RSI: 0000200000000114 RDI: 0000000000000003
[  163.492790][T10751] RBP: 00007fdb953a70a0 R08: 0000000020000000 R09: 0000000000000000
[  163.500770][T10751] R10: 0000000020c35fff R11: 0000000000000246 R12: 0000000000000001
[  163.508748][T10751] R13: 0000000000000000 R14: 00007fdb96ef5fa0 R15: 00007fff331c68a8
[  163.516784][T10751]  </TASK>
[  163.559418][T10753] netlink: 120 bytes leftover after parsing attributes in process `syz.3.2473'.
[  163.619024][T10762] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2480'.
[  163.646044][T10765] loop3: detected capacity change from 0 to 128
[  163.654942][T10765] EXT4-fs: Ignoring removed nobh option
[  163.681012][T10765] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  163.709449][T10765] ext4 filesystem being mounted at /576/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  163.750206][ T3321] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  163.813071][T10781] loop3: detected capacity change from 0 to 2048
[  163.833130][T10787] loop6: detected capacity change from 0 to 1024
[  163.839742][T10787] ==================================================================
[  163.847846][T10787] BUG: KCSAN: data-race in console_flush_all / console_flush_all
[  163.855588][T10787] 
[  163.857919][T10787] write to 0xffffffff86819ec8 of 8 bytes by task 10779 on cpu 0:
[  163.865651][T10787]  console_flush_all+0x395/0x770
[  163.870613][T10787]  console_unlock+0xab/0x330
[  163.875258][T10787]  vprintk_emit+0x3f4/0x680
[  163.879791][T10787]  vprintk_default+0x26/0x30
[  163.884410][T10787]  vprintk+0x75/0x80
[  163.888320][T10787]  _printk+0x7a/0xa0
[  163.892224][T10787]  caif_disconnect_client+0x13f/0x150
[  163.897620][T10787]  caif_release+0xea/0x230
[  163.902053][T10787]  sock_close+0x68/0x150
[  163.906313][T10787]  __fput+0x17a/0x6d0
[  163.910313][T10787]  ____fput+0x1c/0x30
[  163.914313][T10787]  task_work_run+0x13a/0x1a0
[  163.918922][T10787]  syscall_exit_to_user_mode+0xa8/0x120
[  163.924488][T10787]  do_syscall_64+0xd6/0x1c0
[  163.929003][T10787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.934920][T10787] 
[  163.937247][T10787] read to 0xffffffff86819ec8 of 8 bytes by task 10787 on cpu 1:
[  163.944883][T10787]  console_flush_all+0x57e/0x770
[  163.949830][T10787]  console_unlock+0xab/0x330
[  163.954446][T10787]  vprintk_emit+0x3f4/0x680
[  163.958983][T10787]  vprintk_default+0x26/0x30
[  163.963595][T10787]  vprintk+0x75/0x80
[  163.967502][T10787]  _printk+0x7a/0xa0
[  163.971413][T10787]  set_capacity_and_notify+0xff/0x160
[  163.976845][T10787]  loop_set_size+0x2e/0x70
[  163.981329][T10787]  loop_configure+0x8a6/0xa30
[  163.986024][T10787]  lo_ioctl+0x5f6/0x11c0
[  163.990283][T10787]  blkdev_ioctl+0x359/0x450
[  163.994806][T10787]  __se_sys_ioctl+0xc9/0x140
[  163.999418][T10787]  __x64_sys_ioctl+0x43/0x50
[  164.004030][T10787]  x64_sys_call+0x1690/0x2dc0
[  164.008726][T10787]  do_syscall_64+0xc9/0x1c0
[  164.013236][T10787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.019242][T10787] 
[  164.021565][T10787] value changed: 0x0000000000001f07 -> 0x0000000000001f08
[  164.028675][T10787] 
[  164.031022][T10787] Reported by Kernel Concurrency Sanitizer on:
[  164.037174][T10787] CPU: 1 UID: 0 PID: 10787 Comm: syz.6.2486 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  164.047705][T10787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  164.057771][T10787] ==================================================================
[  164.092258][T10781] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.109211][T10787] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  164.147366][T10787] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.246271][ T5823] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.311274][T10794] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  164.326372][T10794] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  164.338762][T10794] EXT4-fs (loop3): This should not happen!! Data will be lost
[  164.338762][T10794] 
[  164.348446][T10794] EXT4-fs (loop3): Total free blocks count 0
[  164.354496][T10794] EXT4-fs (loop3): Free/Dirty block details
[  164.360551][T10794] EXT4-fs (loop3): free_blocks=2415919104
[  164.366295][T10794] EXT4-fs (loop3): dirty_blocks=8224
[  164.371696][T10794] EXT4-fs (loop3): Block reservation details
[  164.377790][T10794] EXT4-fs (loop3): i_reserved_data_blocks=514
[  164.401965][ T2303] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28