last executing test programs:

37.201271956s ago: executing program 1 (id=790):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
syncfs(0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r5 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r6 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0)=@chain={'key_or_keyring:', r5})
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)

37.076383209s ago: executing program 1 (id=792):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0xc0a85320, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @random="a21428c6c085", @void, {@ipv6={0x86dd, @generic={0x1, 0x6, "bcc1d7", 0x0, 0x6c, 0xff, @loopback, @loopback}}}}, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004}, 0x4010)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x20000000)

36.895218681s ago: executing program 1 (id=794):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
unshare(0x6a040000)
openat$tun(0xffffffffffffff9c, 0x0, 0x101402, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
unshare(0x20060400)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xf, 0x5, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18804, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x1, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a3100000000e8010000030a01020000000000000000010000000900030073797a3200000000280004800800024000000000080001400000000514000300626174616476300000000000000000000900010073797a31000000000900010073797a3100000000340008800c00024000000000000080010c00024000000000000000040c00014000000000000000000c00014000000000000000014c000480080002404c82f47c080001400000000008000140000000010800014000000003080002404f32945f080001400000000308000140000000020800024019885f270800014000000003fd000c00a03ac330bf11a2145946e6d945deece8485ee69dbc29a8dd5dbce127f829a3adf5c4171b4bedbbc9b913a67b9ee679020f0200000064419faae0136b893d91d95b1174f115798a1abfdc06983fb83f2116a85a00dd35cdf9d8f81683e5e2ebcca132a712e0be44c12c02ac92fbbb86ed717ce0cbd6a0134f899e23ca6d2f063d26be86555cc0e9c7a25d77e6c0f4217794be96b5d797e3116d874c3adfb096e0567ec28bd1e4d8d6713109695f1f3a877d89d20e19304501aeb851d14c4f9b2d769d554fe5308810d19bb040c1977bce50b894f2c45a1f0e80c8256b6dcb072f9d91d94a67bba9f62eb2f192fa4b3786d9a774b99aa332dfbb000000080007006e6174"], 0x25c}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r5}, 0x10)
perf_event_open(0x0, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00', r6}, 0x18)
r7 = gettid()
process_vm_writev(r7, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000201005)

36.215811051s ago: executing program 1 (id=806):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x8000, &(0x7f0000000480), 0x1, 0x3da, &(0x7f00000004c0)="$eJzs3N1qHFUcAPD/TPNhU3WjVi+0YKSI8SsfTYkNFlTw0ivrC6xJWqLbxjYr2JILBbEPoD6AeFkfwQvxThC8KV57pxSKJLmWldnMbsbNbszXMtr9/eDAOTM7nPOfmd1zcs4hAQysiYj4NCJGIuKDiKjkx5M8xZvbKfvc1sb6YpaSaDQu/Zk0z29urC9G4ZrMqbwwmUaknyfxTJd6127e+rBaqy3fyMvT9asfTa/dvPXqytXqleUry9fmZhYWZuYuzC/MH1usv8ft3y7efbvy5c9nf/3x/Xfns/a+mJ8rxnFcJmKifU86TR13ZSV7qJBPhkpsCAeSRsSJiBhqfv8rcSJ2Hl4lvq+U2jgAoC8ajTc6ygDAgy/R5wPAgGn93b+5sb7YSmXMQ5Tl/lvbi1eb+drmVjv+ofZKyHDH+tZxmoiI775+7dksRZ/WIQEAin7Ixj8Xuo3/0jhT+NzJiBjL93Y9HBGPRMSjhf1ihzXRUd49/knvHbGKPWXjv4uFvW1bhfhz4yfyUhbzeAwnl1dqyzN5/JMxPJqVZ/eo48ylp/7qda44/stSVn9rLJi3497Q6D+vWarWq0eJuej+ZxFPD3WLP2mPf5Nm3If3+vU7T/Y69+/x91fjm4gXuj7/nZ17yd77E6eb78N0663Y7fZLz1/vVX/Z8WfPf2zv+MeT4n7NtYPX8dP5lV96nTvs+z+SvNfMj+THPqnW6zdmI0aSd3YfP7dzbavc+nwW/+TZ7t//07FzJx6LiMcj4omI5vGeL3QXr9S+fe7w8fdXFv/SgZ7/wTNjX9y526v+/T3/883cZH5kP79/+23gUe4dAAAA/F+kzfncJJ1q59N0amp7nvd0jKW11bX6y5dXP762tD3vOx7DaWumq1KYD53N5whb5XMd5bl8DuWr0ZPN8tTiam2p7OABYECd6tH/Z/4YLbt1AEDf9GtzOwDw36X/B4DBo/8HgMGj/weAwaP/B4DBo/8HgIFylP/rJyMj86Bmyv5lAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo198BAAD//+f91Vw=")
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0xc2, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x2, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x4, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa85}, 0x0, 0x1, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x1000, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x801c581f, 0x0)

35.830961266s ago: executing program 1 (id=808):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0xc0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0}, 0x10024, 0x10000, 0x1, 0x1, 0xa, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={0xffffffffffffffff, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
msgsnd(0x0, &(0x7f0000000e80)=ANY=[@ANYRESHEX, @ANYRES16, @ANYBLOB="b0c65a4e1f121c0a09855acafc432a35efcb108c3c02439c52102e510f60f1520785144c9ac2393574006bccc969e0dd6d5008eb2b841c745151dc19607c68146e", @ANYRESHEX, @ANYRESDEC=r0, @ANYBLOB="707d9da7d9189a51a368290f6f6ca5a38c4f6d1ad0ceff557728f27366e119d07641b4eb9b88e53cb996bce5a5a16f2b93347f29a5ec878ab1df0cd41216f1f3e326517cad43a36181ac5d105bf70ec2a5908abf162a17ad54b9bd644281cb011c47d80c54798dbae043d7aed9d289209ca833f03a6ce436489da71dde227ec64ddc2e940cf9a9a482e2856f392638ebd42046d41c385f6867753dd322e4292bafd2f16378a5f4cabfb95d55", @ANYRESOCT=0x0, @ANYRESHEX], 0x2000, 0x0)

35.472400388s ago: executing program 1 (id=817):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/13], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRES64=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x5, 0x3d4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000540], 0x0, &(0x7f0000000040), &(0x7f0000000540)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000002008000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000ffffffff010000000c000000440000009100776c616e300000000000000000000000687372300000000000000000000000006e657470636930000000000000000000766c616e310000000000000000000000aaaaaaaaaabbffffffffffffaaaaaaaaaa1cff00ff00ff4afbb155f86f8b52009e020000636f6e6e627974657300000000000000000000000000000000000000000000001800000000000000030000000000000005000000000000000202000000000000737470000000000000000000000000000000000000000000000000000000000048000000000000000d00000009000300d029aaaaaaaaaa2effffff00ffff00000200000001000000050007000180c200000e00ffff00ffff4e224e230400060004000d00ffff8d0c0800ff01000000024c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a300000000000000000000000000000000000000000000000013d0000000f000000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000900000073797374656d5f753a6f626a6563745f723a6574635f616c6961f40ffc6b0587d58592f63ffe7365735f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000fcffffff010000000900000039000000000567656e6576653000000000000000000076657468315f746f5f626f6e6400000076657468315f746f5f687372000000006d616376746170300000000000000000aaaaaaaaaa0fff0000ff0000000000000000ffff0000ff006e0000006e000000a6000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaa"]}, 0x44c)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x24d}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000007bb6d30000000000b7020000ebf2132c0c8dae962b637487b3281f832e65119ce20000f3989fbd3d000000000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$inet(r3, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)

35.444293688s ago: executing program 32 (id=817):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/13], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRES64=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x5, 0x3d4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000540], 0x0, &(0x7f0000000040), &(0x7f0000000540)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000002008000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000ffffffff010000000c000000440000009100776c616e300000000000000000000000687372300000000000000000000000006e657470636930000000000000000000766c616e310000000000000000000000aaaaaaaaaabbffffffffffffaaaaaaaaaa1cff00ff00ff4afbb155f86f8b52009e020000636f6e6e627974657300000000000000000000000000000000000000000000001800000000000000030000000000000005000000000000000202000000000000737470000000000000000000000000000000000000000000000000000000000048000000000000000d00000009000300d029aaaaaaaaaa2effffff00ffff00000200000001000000050007000180c200000e00ffff00ffff4e224e230400060004000d00ffff8d0c0800ff01000000024c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a300000000000000000000000000000000000000000000000013d0000000f000000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000900000073797374656d5f753a6f626a6563745f723a6574635f616c6961f40ffc6b0587d58592f63ffe7365735f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000fcffffff010000000900000039000000000567656e6576653000000000000000000076657468315f746f5f626f6e6400000076657468315f746f5f687372000000006d616376746170300000000000000000aaaaaaaaaa0fff0000ff0000000000000000ffff0000ff006e0000006e000000a6000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaa"]}, 0x44c)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x24d}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000007bb6d30000000000b7020000ebf2132c0c8dae962b637487b3281f832e65119ce20000f3989fbd3d000000000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$inet(r3, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)

4.105149236s ago: executing program 3 (id=1392):
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8042, &(0x7f0000000380)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}]}, 0x1, 0x4f8, &(0x7f0000001900)="$eJzs3E1oXNUeAPD/nXz26zXvvb6+176+Z2oVg8WkTavNQpCKggsFsYK6DElaatNGmhRsqTIFqUspuBeXbl24VTdFXAlu61KQQpFu2griyJ25dzIzmUmaSTJjmt8Pbuace2fuOeeee+6ce07mBrBlDad/kkr4VkTsjohC4xuGKy/3716denD36lQUS6VTvyblj91L45lsN7Eji4wUIgofJYsbasxfvnJucnZ25mIWH1s4/97Y/OUrz5wdzNZMTCS9bRaqSXppue7t/3DuwL5X3rnx2lR1z3lqteVYL8Mx3CwrZU+ud2Jdtqsm3Ha90XHp+Z9WV1+5/e+Onliu8oodzBmw0UqlUmmg9eZiqdG1JWuATSsGu50DoDvyL/r0/jdfmnUE+jem+9F1d05WboDSct/PlojHyivzcZC+hvvb9TQcEW8Xf/ssXWKDxiEAAGp9czLvCTb0/4YqMyO/X7r5Qvr6t2wOZSgi/h4R/4iIf0bEnoj4V0TsjYh/R8R/GvbfExGlZdIfbohX069OQhVur1NRm0r7f89nc1vpsjj3VQ0N9WSxXRF5h3nmSHZMRqJv4PTZ2Zmjy6Tx7Us/ftJqW23/L13SPOR9wSwft3sbBuimJxcm2yvtUneuRezvXSx/pf+b9EYk1ZmAJCL2RcT+Vex3qCZ89ukvDlQjffXvW7n8ZaWm82jrMM9U+jziqUr9F6Na/qibREzq5ifPT56ZOTNzYXxi4vixoyeeG392bDBmZ46MpWfBkaZpfP/D9ddbpb9i+b/6ufEjL5/4+lTWstYurf/tNed/5PO3i+UfSiKS6nzt/OrTuP7Txy3vado9//uTN8vh/L70/cmFhYtHI/qTV5euH1/8bB5PX6NYKf/Iocbzv5xu+RqXH4n/RkR6Ev8vIv4flTvENO8HI+LxiDi0TPm/e/GJd9sv/8ZKyz8d9eWv1Hxd/S/O17cKJNncYN2m/kgDPecO3nrQ4uLxcPV/vBwaydY0v/4ldZeIVjnNv+3SNX+s+egBAADA5lCIiJ01Y0k7o1AYHa2MAe2J7YXZufmFw6fnLl2YTrdFDEVfIR/pqowH9yX5+OdQTXy8IX4sGzf+tGdbOT46NTc73dWSAzvKbT4pjEa81VPT/lO/rM8QM/BX5vdasHUt1/7TTvzeGx3MDNBRD//9f/ODDc0I0HE17b/VL/yLbfzfF7AJPPT3f9LyeTbAI2PlB/0YM4TNr6Qtw5a2qvZ/2EMA4VHSG29Uw4Wu5gToNP1/2JJW/F3/mgKlgeabBmPpm2Nw+R32RHvZ2NYkra4E0p5VV1Lf1s6n8omelu+Jwup2OBD1a/rbrNPTazwaxYvzZ/Yunvz5s0XWeJxL2f/Kr3cNftmRdtos0PFLEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIb4MwAA///GJdfC")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@mangle={'mangle\x00', 0x64, 0x6, 0x548, 0x0, 0x0, 0x2a8, 0x2a8, 0x1b8, 0x478, 0x478, 0x478, 0x478, 0x478, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x5, 0x703}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@private}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x7, 0x6, @ipv4=@local, 0x4e23}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5a8)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000280)=""/5, 0x0, 0x0, 0x10004, 0x3}, 0x20)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'sit0\x00', <r3=>0x0})
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x101000)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue0\x00', 0x1})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x1, 0x1, 0x0, 0x0, 0xa}})
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r6, 0x1, 0x28, &(0x7f0000000180)=0x738, 0x4)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1}]}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

3.933066399s ago: executing program 3 (id=1395):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000020c0)=@newtaction={0x88c, 0x30, 0xffff, 0x4, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x8, 0x0, 0xfffffffd, 0x0, 0x4, 0x0, 0x0, 0x4000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x5, 0x0, 0x0, 0x22, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x27ffdbfc, 0x0, 0x1000000, 0x0, 0x0, 0xf127, 0x0, 0xfffffffe, 0x6, 0xfffffffe, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x400, 0x0, 0x0, 0xeeb, 0x7, 0xffff742d, 0x0, 0x0, 0xfffffffc, 0x400, 0x8, 0x0, 0x0, 0x0, 0x81b, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6, 0x1, 0x0, 0x2007, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0xffffffff, 0x0, 0x40, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8001, 0x0, 0x0, 0x0, 0xa, 0x1, 0xfffffffe, 0xfffffffd, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf1, 0xfffffffa, 0x0, 0x2, 0x0, 0x100, 0xfffffffc, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x55, 0xfff, 0x1000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x4000, 0x0, 0x0, 0xffffff9c, 0x0, 0x0, 0xfffffffd, 0x1, 0x9e, 0x0, 0x2, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x100000]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x7, 0xfffeffff, 0x100, 0x8, {0x4, 0x0, 0x400, 0x3200, 0x7fff, 0x7}, {0x7, 0x2, 0x5, 0x8, 0xd3, 0x766}, 0xfeea, 0x4, 0x2}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x3, 0xc, 0x7ff, 0x9, 0x3, 0x2, 0x6, 0x3, 0x2, 0x1, 0x101, 0x0, 0x4, 0x80, 0x5, 0x7, 0x5, 0x9d, 0xfffffffe, 0x2, 0x8c, 0x80000001, 0x6, 0x7f, 0x2, 0x0, 0x5, 0x76, 0x3, 0x2, 0x7, 0x820, 0x0, 0x10000, 0xf0, 0x8, 0xb8, 0x151, 0xfff, 0xf, 0x9, 0x401, 0xfffffff8, 0x5, 0x8, 0xfffffffa, 0x4, 0x7, 0x8000, 0xf9, 0xfff, 0x7fff, 0x1, 0x0, 0xff, 0x5c0078f0, 0x7f, 0x0, 0x2, 0xfffffffa, 0x8, 0x7, 0x7, 0x7, 0x6, 0x80000000, 0x5, 0x4, 0x3, 0x6, 0x9, 0x10000, 0x5, 0x6, 0xfff, 0x2, 0x1, 0x8, 0x3, 0x74, 0x4, 0xfee, 0x401, 0x5, 0x5, 0xfff, 0x8f4, 0x3, 0x8000, 0x2, 0x6, 0x1, 0x1ff, 0x1009, 0x1, 0x6, 0x9, 0xc, 0x0, 0x80, 0xe, 0xd, 0x6, 0x8, 0xfffffffe, 0xef, 0x2, 0x3, 0x1f, 0x7, 0x9, 0x1ec0, 0x2, 0xfffff001, 0x2, 0x0, 0x10001, 0xd5b, 0x5, 0x0, 0x1, 0x7, 0x3, 0x7, 0x8, 0x0, 0x4, 0x8, 0x101, 0x200, 0x0, 0x80000000, 0x5, 0x2, 0x2, 0x7fff, 0x7, 0x6, 0x3ff, 0x0, 0xffff935a, 0x8, 0xf64, 0x8, 0x4, 0x80000001, 0x3, 0xfe000000, 0x3, 0x2, 0x8, 0x6, 0x400000, 0x3, 0x8, 0xa, 0x5, 0x2, 0x400, 0x7, 0x1ff, 0x1, 0x742, 0x2, 0x4, 0x0, 0x1, 0x6, 0x53a, 0x5, 0x8, 0x6, 0x8, 0x3, 0x9, 0x6, 0xf, 0xa, 0x3, 0xfffff000, 0x7, 0x71e6, 0xa, 0x5, 0x7, 0x2, 0x1000, 0xe, 0x4, 0x0, 0x6, 0x1, 0x0, 0x9, 0x5, 0x10000, 0x3, 0x2, 0x7ff, 0x4, 0x5, 0x4, 0x4, 0x0, 0x404, 0x80, 0x5a78, 0xf96, 0x7, 0x6, 0x80, 0xc, 0xfffffff9, 0x7, 0x4, 0x5, 0x4, 0x9, 0x2, 0xffff4fba, 0x5, 0x3, 0x800, 0x93, 0x3, 0x3000000, 0x8, 0x80000001, 0x6, 0x6, 0xde4a, 0x9, 0xd, 0x10001, 0x4c, 0x8, 0xf0, 0x0, 0x5, 0x9, 0x6, 0x2, 0x8, 0x3, 0x2, 0x5, 0x9, 0x2, 0x4, 0x9, 0x7, 0x5, 0x10001, 0x8, 0x9]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x2}}}}]}]}, 0x88c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

3.88803411s ago: executing program 3 (id=1396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x80000)

3.85424142s ago: executing program 3 (id=1397):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0}, 0x94)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r1 = open(&(0x7f0000000140)='./file2\x00', 0x147842, 0x184)
preadv2(r1, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

3.727446433s ago: executing program 3 (id=1400):
r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="391025f6ee021d088121b53912ed6b4b5a4e1aaa8c6aec652068bc02505ee52f1471f35ac73d8643b3c8190bdc93bf45fe7c6cb435f20a1bee7ed69bd4e5370ce6d1926ef9bf8873a73b5e9acf78efe0ceaeceaa26f95ee280b1e0631f16921b83872aec268e942448dd798f3d44fc3bcb678f7d32edd10b47d8597655cced96325ca5c7919bb8", @ANYRES16=r3, @ANYBLOB="0100000000000000000042000000080001007063690011000200303030303a30303a31302e30000000000d0087006c325f64726f70730000000005008e0000000000080001007063690011000200303030303a30303a31302e30000000000d0087006c325f64726f7073000000000500830021000000080001007063690011000200303030303a30303a31302e30000000000d0087006c325f64726f70730000000005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f70730000000005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f7073000000000500830000000000080001007063690011000200303030303a30303a31302e30000000000d0087006c325f64726f7073000000000500830001000000"], 0x154}}, 0x84)
write$cgroup_pid(r2, &(0x7f0000000140), 0x12)
openat$cgroup(r1, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
r5 = epoll_create1(0x0)
r6 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000400)={0xa})
syz_usb_connect(0x4, 0x24, 0x0, 0x0)
epoll_pwait(r5, &(0x7f0000000040)=[{}, {}, {}, {}], 0x4, 0xfffffff9, &(0x7f00000001c0)={[0x3]}, 0x8)
epoll_pwait(r5, &(0x7f0000000080)=[{}], 0x1, 0x4c6, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101a80, 0x0)
ioctl$TIOCSTI(r9, 0x5412, &(0x7f0000000340)=0xff)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.574748885s ago: executing program 4 (id=1424):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b700000000200000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2c, r3, 0x1, 0x70bd2a, 0x0, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}]}]}, 0x2c}}, 0x0)

1.527235656s ago: executing program 4 (id=1427):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f00000000c0)=@v1={0x1000000, [{0x1, 0x2e360e0c}]}, 0xc, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c094}, 0x4040084)
r2 = socket(0x1e, 0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000003c0)=0x1, 0x4)
connect$inet(r3, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
sendmmsg$unix(r2, &(0x7f0000004400), 0x400000000000203, 0x0)
syz_open_dev$loop(&(0x7f0000000000), 0x2, 0x200)
ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0)
timer_create(0x4, 0x0, &(0x7f00000015c0))
r4 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f00000000c0))
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r6, 0x4004743a, &(0x7f0000000300))
pwritev(r5, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00!', 0x2}], 0x1, 0x20000002, 0x100000)
socket$nl_route(0x10, 0x3, 0x0)

1.507400967s ago: executing program 5 (id=1428):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
unshare(0x6a040000)
openat$tun(0xffffffffffffff9c, 0x0, 0x101402, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
unshare(0x20060400)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xf, 0x5, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18804, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x1, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a3100000000e8010000030a01020000000000000000010000000900030073797a3200000000280004800800024000000000080001400000000514000300626174616476300000000000000000000900010073797a31000000000900010073797a3100000000340008800c00024000000000000080010c00024000000000000000040c00014000000000000000000c00014000000000000000014c000480080002404c82f47c080001400000000008000140000000010800014000000003080002404f32945f080001400000000308000140000000020800024019885f270800014000000003fd000c00a03ac330bf11a2145946e6d945deece8485ee69dbc29a8dd5dbce127f829a3adf5c4171b4bedbbc9b913a67b9ee679020f0200000064419faae0136b893d91d95b1174f115798a1abfdc06983fb83f2116a85a00dd35cdf9d8f81683e5e2ebcca132a712e0be44c12c02ac92fbbb86ed717ce0cbd6a0134f899e23ca6d2f063d26be86555cc0e9c7a25d77e6c0f4217794be96b5d797e3116d874c3adfb096e0567ec28bd1e4d8d6713109695f1f3a877d89d20e19304501aeb851d14c4f9b2d769d554fe5308810d19bb040c1977bce50b894f2c45a1f0e80c8256b6dcb072f9d91d94a67bba9f62eb2f192fa4b3786d9a774b99aa332dfbb000000080007006e"], 0x25c}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r6}, 0x10)
perf_event_open(0x0, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00', r7}, 0x18)
r8 = gettid()
process_vm_writev(r8, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000201005)

1.427230588s ago: executing program 0 (id=1429):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000fc0)=[{0x0}], 0x1}, 0x0, 0x40000000, 0x1})
io_uring_setup(0x4f04, &(0x7f00000002c0)={0x0, 0x48c7, 0x400, 0x0, 0xffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xe, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7}, 0x18)
socket$tipc(0x1e, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0xffffffffffffffff}, 0x10)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='rpcgss_svc_seqno_bad\x00', r4, 0x0, 0x8000000000000001}, 0x18)
socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGETMODE(r5, 0x4b3b, &(0x7f0000000380))
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r7, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_PID={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
r8 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, 0x0, 0x40040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00'}, 0x10)
syz_emit_ethernet(0x66, &(0x7f0000000b80)={@broadcast, @random="6487a2bed3d6", @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x14, 0x300, 0x0, 0x0, 0x6c, 0x0, @private}, {{}, {}, {}, {}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}}}}}}}}, 0x0)

1.407156948s ago: executing program 4 (id=1430):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
r1 = socket(0x10, 0x3, 0x9)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x7fffffffffffffff)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x8, 0x3, 0x248, 0xb8, 0x60, 0xd0e0000, 0x0, 0x100, 0x1b0, 0x1d8, 0x1d8, 0x1b0, 0x1d8, 0x7fffffe, 0x0, {[{{@uncond, 0xee02, 0x98, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x5}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x9400, 0x98, 0xf8, 0x94, {}, [@common=@ttl={{0x28}, {0x0, 0xfc}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}, 0xfe00, 0xd, [0x17, 0x37, 0x30, 0x3f, 0x1f, 0xe, 0x2d, 0x2e, 0xe, 0x1e, 0x2f, 0x34, 0x3, 0x27, 0x2, 0x2f], 0x0, 0x1, 0x800}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xfdfd)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="a1a300000000000000003200004008001701"], 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000080)={'bond0\x00', {0x2, 0x4e23, @remote}})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x4a0200)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r6, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f00000002c0)=@nameseq={0x1e, 0x1, 0x3, {0x41, 0x4, 0x1}}, 0x10, &(0x7f0000000c40)=[{&(0x7f0000000380)="09f87cab7dc4411acb14283ae2e729741ba07e8c8bbe3bd70894fb57e1c542ceca5fd4527d9acc8339b7da178f06133e75416dec891b7e6faefd53341727fdf15e04638883f8a826fc06f15d041f62ad14dff839366a345a7d965475e9d303e8db6d469b29d585870f682aeb", 0x6c}, {&(0x7f00000007c0)="d753eff7b4f27e02702e4a820c58ee2d47e92a115026e1e7f3c2f9c868491c0a193722424799880e208a6f4c7a9dac663939094c57783b3a90c9d5c4db5a8e2a4f516d4912d3a60ef77324be06dcd04cfc0609e03724cbac73478a5ea97dec2a971a103170b0c8fb538af7a2abd1aadec8c92efd2d2b8f8b49fd5be96cc035a58f856d7cf91764c63a5eab7b62b81a6a38c2723384adf722c5f8d6e1397477798e102920a9b42a3efc7f7e6b4e991ee3be15536ab7c78b45387936", 0xbb}, {&(0x7f0000000880)="9af1d50017c77eda0d5e366fe2bef856db67c6dd94e415f4f8d33534958b21da793c8dc914162bc32cc6b65964097eaa2dccec503c691f871df661e0a7ff5ef576e45c16a673d81c0a8ae118258417645afe67a4f126970cd25e82b531e6c8d37de5a720aec4ea31a85ab3620b0f12b25202ce8bafe26698b956ff88a7737efe192512fe8e6d824264b348fe5e5469312ae6aeee825af3179dd2dd91688f9a4933e2d1484c9a02dd1795b6aa21bc8067f2cc3f17c122c380fe695a2521bf0ca0b7fae27e700c4cda1d82ee608d85dbecb2ec2547519b9e146c3c52ec91e4bb403b879b33d98676c279bb14a49304ffc876b202a1a159eb1ca412370e84464c", 0xff}, {&(0x7f0000000300)="114f5d187936cb21194166bb3a1a0318", 0x10}, {&(0x7f0000000980)='6\t>o', 0x4}, {&(0x7f00000009c0)="a0482ce201f8449e03caed3ca4668864e471117b76e5458645bf93ef054792ca819feb66d3a2e88ccfc9f5dec2f4fef6dcfee0233844aebcebf9f173e98ec498f33c131d789874", 0x47}, {0xfffffffffffffffd}, {&(0x7f0000000d40)="8b420d7f08d06f43ab833747e2dacf56ba5468143114ff17ae84e918d0cc13d496dc1c5d510202017f452a9657c8ebc2b028495860ec02399de5374d71190e01271474e788767accfb599cc1e4c50a57af7389069c720b04615908bc4b8f1ff3c9729c5cb907f134eccbc78587070000002568df6916023ed391636e442263af77ab97c08c8d388ea51311ab426fed029f033c81ebf30ecc13d3120ab417f79c2eb12f17f7f15fda3f4d8b4408c11407bf2e5ce5daef847511bbaa5896e2467e433ccee86d953c474bf29f740ff26344e65d3bf7a697c9920b19d066104b5683e3cf1b5ae1155370bd5ca13d3dd4f053920194916849fd8ca943f088669eee82cd94e8c9dd7ad47a65780f0e251472d75a141ca5b65c71e47e17559f00ba3c5baa5baf38e6e5e68e201e0c82332ac524d079765f4a18e51b04a1e491302fa641f724485e274bd3fcb90a742ecf61de1bcc970dcb18d4b0c91fb20826a83995d4b75058b7ef1c9d5c906e89762585b799439d78e09935ecd6f73af6951a18270a8deecd576e3b59da7701fbb4cd2fd50bad6220167fbc937e96f2e22128103a905b4b77d7c025bfa912d1227a10d7759a13d970d6319a786c53f3ba341f5ad0417a070ad0755d8d81a6e789bbdfa214122fe430d96b070a7aa9d34622116d95c17a6e7ad42ef59a2fa098797f71bfb268a76cc35294327a40474cfaafed42eb29a1efc91acda480af024c5fc4e26f6d6a78faa59aba52e18a6d8b12cd02814d927b94b982789d2185a7ae8da72f98f93d4877f274575dac9f6e758026f6d784f7760d088acead7cd0396251f693de17b552a90c06c00d92579d7df2bac0c96d79fc91888c523391877cd9e54315a3254ed9b2b527523b5ac730de4a36e6d5533b7509b61a1e466b392c3a929591e8bbc0571770d73e386885b0d0ab7781f5c156f1b0e818f71dbb5dd8bd828e29ace2c1", 0x2b0}, {&(0x7f0000000b00)="d27c6fbf929ee9d7fd4e6d05a95162c20200464c39bbb6d18878e45f6a5f5e451de689f504f56fa6ee74bd", 0x2b}, {&(0x7f0000000b40)="1036d0380a4991b83bf787908024fb6d341877fe7b150d45c6836ad4fed21ffea656eb92ef853f76098d28d3a886c176a20a293f772b5e3857c1affb73a99029bbc3d21242fe01505417a47035c72ef47b953b12d3365f18a7f31d46a1e2a904e73440aeb35e53a62bc47c431fd09bc3320edc48646d1e9b7bc043ce693e786d62bf853b589f4097b343bfa175a28ea89a3cf19a76df19f0c2594d0ae93a5dacaa198e990950c4f0c0ed857b0c17fff5180645e0f36f5e80da4016eec2d72698235c83a473b8", 0xc6}], 0xa, 0x0, 0x0, 0x10}, 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000200)='./bus\x00', &(0x7f0000000240)=@isofs={0x14, 0x1, {0x3ff, 0xa, 0x6, 0x1ff, 0x401, 0x2}}, &(0x7f0000000380), 0x1200)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = syz_io_uring_setup(0x497, &(0x7f0000000000)={0x0, 0xf62c, 0x800, 0x3, 0x37d}, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x1481a1, 0x0)
syz_io_uring_submit(r9, r10, 0x0)
io_uring_enter(r8, 0x3516, 0x0, 0x0, 0x0, 0x800c)
lsetxattr$security_selinux(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000940), &(0x7f0000001140)='system_u:object_r:pam_exec_t:s0\x00', 0x20, 0x3)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1590, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2000000005, 0xa5d4}, 0x5df8, 0x5, 0x0, 0x1, 0x7, 0x20002, 0xb, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.196197151s ago: executing program 2 (id=1433):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setitimer(0x0, &(0x7f0000000580)={{0x0, 0xea60}, {0x77359400}}, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
close(r1)
r2 = inotify_init1(0x0)
fcntl$setstatus(r1, 0x4, 0x2c00)
r3 = gettid()
fcntl$setown(r1, 0x8, r3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, 0x14, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r4}, &(0x7f0000000080), &(0x7f0000000180)='%ps    \x00'}, 0x20)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x20050800)
fcntl$setsig(r2, 0xa, 0xe)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
inotify_add_watch(r2, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')
r8 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000540)=ANY=[@ANYBLOB="4800000010000305fcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006d61637365630000100002800c0004000300000100c2800008000500", @ANYRES32=r9], 0x48}, 0x1, 0x0, 0x0, 0x8090}, 0x0)

1.165091792s ago: executing program 5 (id=1434):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000020c0)=@newtaction={0x88c, 0x30, 0xffff, 0x4, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x8, 0x0, 0xfffffffd, 0x0, 0x4, 0x0, 0x0, 0x4000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x5, 0x0, 0x0, 0x22, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x27ffdbfc, 0x0, 0x1000000, 0x0, 0x0, 0xf127, 0x0, 0xfffffffe, 0x6, 0xfffffffe, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x400, 0x0, 0x0, 0xeeb, 0x7, 0xffff742d, 0x0, 0x0, 0xfffffffc, 0x400, 0x8, 0x0, 0x0, 0x0, 0x81b, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6, 0x1, 0x0, 0x2007, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0xffffffff, 0x0, 0x40, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8001, 0x0, 0x0, 0x0, 0xa, 0x1, 0xfffffffe, 0xfffffffd, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf1, 0xfffffffa, 0x0, 0x2, 0x0, 0x100, 0xfffffffc, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x55, 0xfff, 0x1000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x4000, 0x0, 0x0, 0xffffff9c, 0x0, 0x0, 0xfffffffd, 0x1, 0x9e, 0x0, 0x2, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x100000]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x7, 0xfffeffff, 0x100, 0x8, {0x4, 0x0, 0x400, 0x3200, 0x7fff, 0x7}, {0x7, 0x2, 0x5, 0x8, 0xd3, 0x766}, 0xfeea, 0x4, 0x2}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x3, 0xc, 0x7ff, 0x9, 0x3, 0x2, 0x6, 0x3, 0x2, 0x1, 0x101, 0x0, 0x4, 0x80, 0x5, 0x7, 0x5, 0x9d, 0xfffffffe, 0x2, 0x8c, 0x80000001, 0x6, 0x7f, 0x2, 0x0, 0x5, 0x76, 0x3, 0x2, 0x7, 0x820, 0x0, 0x10000, 0xf0, 0x8, 0xb8, 0x151, 0xfff, 0xf, 0x9, 0x401, 0xfffffff8, 0x5, 0x8, 0xfffffffa, 0x4, 0x7, 0x8000, 0xf9, 0xfff, 0x7fff, 0x1, 0x0, 0xff, 0x5c0078f0, 0x7f, 0x0, 0x2, 0xfffffffa, 0x8, 0x7, 0x7, 0x7, 0x6, 0x80000000, 0x5, 0x4, 0x3, 0x6, 0x9, 0x10000, 0x5, 0x6, 0xfff, 0x2, 0x1, 0x8, 0x3, 0x74, 0x4, 0xfee, 0x401, 0x5, 0x5, 0xfff, 0x8f4, 0x3, 0x8000, 0x2, 0x6, 0x1, 0x1ff, 0x1009, 0x1, 0x6, 0x9, 0xc, 0x0, 0x80, 0xe, 0xd, 0x6, 0x8, 0xfffffffe, 0xef, 0x2, 0x3, 0x1f, 0x7, 0x9, 0x1ec0, 0x2, 0xfffff001, 0x2, 0x0, 0x10001, 0xd5b, 0x5, 0x0, 0x1, 0x7, 0x3, 0x7, 0x8, 0x0, 0x4, 0x8, 0x101, 0x200, 0x0, 0x80000000, 0x5, 0x2, 0x2, 0x7fff, 0x7, 0x6, 0x3ff, 0x0, 0xffff935a, 0x8, 0xf64, 0x8, 0x4, 0x80000001, 0x3, 0xfe000000, 0x3, 0x2, 0x8, 0x6, 0x400000, 0x3, 0x8, 0xa, 0x5, 0x2, 0x400, 0x7, 0x1ff, 0x1, 0x742, 0x2, 0x4, 0x0, 0x1, 0x6, 0x53a, 0x5, 0x8, 0x6, 0x8, 0x3, 0x9, 0x6, 0xf, 0xa, 0x3, 0xfffff000, 0x7, 0x71e6, 0xa, 0x5, 0x7, 0x2, 0x1000, 0xe, 0x4, 0x0, 0x6, 0x1, 0x0, 0x9, 0x5, 0x10000, 0x3, 0x2, 0x7ff, 0x4, 0x5, 0x4, 0x4, 0x0, 0x404, 0x80, 0x5a78, 0xf96, 0x7, 0x6, 0x80, 0xc, 0xfffffff9, 0x7, 0x4, 0x5, 0x4, 0x9, 0x2, 0xffff4fba, 0x5, 0x3, 0x800, 0x93, 0x3, 0x3000000, 0x8, 0x80000001, 0x6, 0x6, 0xde4a, 0x9, 0xd, 0x10001, 0x4c, 0x8, 0xf0, 0x0, 0x5, 0x9, 0x6, 0x2, 0x8, 0x3, 0x2, 0x5, 0x9, 0x2, 0x4, 0x9, 0x7, 0x5, 0x10001, 0x8, 0x9]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x2}}}}]}]}, 0x88c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

973.089355ms ago: executing program 0 (id=1435):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
pwritev(r0, &(0x7f0000000100)=[{0x0, 0x72}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)

956.986215ms ago: executing program 5 (id=1436):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x1000}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000800000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000200000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000003850000000300000095"], &(0x7f00000008c0)='syzkaller\x00', 0x2, 0xff8, &(0x7f0000001e00)=""/4088}, 0x94)
unshare(0x62040200)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x6}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xff, 0x7ffc1ffd}]})
msync(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000001c0018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
unshare(0x2040600)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
fgetxattr(r7, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)

943.241595ms ago: executing program 2 (id=1437):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000003c0)="d800000018007b18e00212ba0d8105040a0a1100fe0f040b067c55a1bc0009001e0006990300000015000500fe8011e0000000000300014002000c0901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b01602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e9cb5", 0xd2}, {&(0x7f00000004c0)="f80ec2e2badd", 0x6}], 0x2, 0x0, 0x0, 0x2663}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x4, 0x7ffc1ffb}]})
r1 = gettid()
ppoll(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
tkill(r1, 0x7)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x28031, 0xffffffffffffffff, 0x6a855000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, &(0x7f0000000000)=[{0x7, 0x0, 0x83}, {0x9, 0x0, 0xb187}], 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x42, 0x5c})
ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000300)={{0x8, 0x7f}, 0x100, './file0\x00'})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
unshare(0x20000400)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="2c000000000b0101000000000000000003000008050001210000000008000240000000000800034000000001"], 0x2c}, 0x1, 0x0, 0x0, 0x60004000}, 0x40010)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
rmdir(0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, &(0x7f0000000040), 0x1)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080005000000e8fe55a1180015000600142603600e1209000d0000000401a80016000a00144006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a9295", 0xd2}, {&(0x7f0000000500)="905783db451f", 0x6}], 0x2}, 0x2008854)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000980)=ANY=[@ANYRESOCT=r4, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000004000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000540)={'ip6tnl0\x00', &(0x7f00000007c0)={'syztnl0\x00', <r7=>0x0, 0x0, 0x3, 0x3, 0x4, 0xc1, @private2, @remote, 0x10, 0x40, 0x5, 0x6}})
sendmsg$inet(r5, &(0x7f0000000700)={&(0x7f0000000440)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000480)="ccce625b0480d68735edce4c3194b7295bbb221451c06955361319821f3895ca6237c3003a25d684149c396c", 0x2c}, {&(0x7f00000005c0)="92c2f2fd55f955b02668ce82a4a54178c08570bf2efc360bf26e738e24c42f58dc926a22ab0c025f6514c6353427b04a5c7634cc30d613c561003db6fdc273d835124e40af49c77314033eb8b79e39c9c6037367e17df6cf29b3a4790a824303ef7211bb7c6d846e785387501f889227e7f397abfa76b3e356825ce4569b5dbce5", 0x81}, {&(0x7f0000000880)="773a1abbd112fad5b8e5577887b4241833cb7fd57eb418aca65ca837bd0818d866fa5aa5b3306b57ae47ae743fc29f5f27107f920e4ace035f1123a4d2bdf250e74dce17860ff0de154587b2fc189b57871c2c207696ca7810014c70c555d673d9758cae87e4aa8580eff5cba34e379756053729e6768592eb5f5dad4275c664a93a8627a2e17a826edc035dd51604e11b483a77beff9d21976791cc055ae10fe64029996070810ce513219dd489c7a3116c3f2e767e23feb38809f21590281251892486d9f973b9fed973d4c7a28b782b03a22901fd3e36334b833adaca7d30", 0xe0}, {&(0x7f0000000680)="ca3430a4d076b8665b6fb1174c89124f7c9ceca577a17b0cdf892f76b3afdbca69c4a58a74edc7c72431d35189ff1e3e64544d6906d93a25e3df6dba5c8354a2f0125c8e5e36df5a251fa0f0b4fd354f61", 0x51}], 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="1100000000000000000000000100000081000000000000001c000000000000000000000008000000", @ANYRES32=r7, @ANYBLOB="e0000001ac1e00010000000010005636f47cd341ef54abdcf5d1d695284c7660a99a7632df83a35a0697ba9fe07281b4c992d080e3db74c344bf4a8aab2d3c444339a7bec994a61143eedad4c3588b72b4916322da9f51c56855befba689c2a02c6a015b8836609ffd37801401d3c6925268920621a41204ebe653d49bda7a23cba4b7d598e079e24a98305c6c2182a3c7b4406f94cfd0af3b0a13d3c0240909ce6412049ede14be2ae536b74eedc3cbe1fe26214a256b9e67f517e295c28392d12424e1e065127c2acf74"], 0x48}, 0x48000)
socket(0x10, 0x3, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="7000000002060500000000000000000000000000120003006269746d61703a69700000616300000005000400000000000900020073797a3000000000240007800400028008000640000000020c0001800800014000000000080008400000001005000500020000000500010006"], 0x70}}, 0x0)

878.706106ms ago: executing program 0 (id=1438):
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8042, &(0x7f0000000380)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}]}, 0x1, 0x4f8, &(0x7f0000001900)="$eJzs3E1oXNUeAPD/nXz26zXvvb6+176+Z2oVg8WkTavNQpCKggsFsYK6DElaatNGmhRsqTIFqUspuBeXbl24VTdFXAlu61KQQpFu2griyJ25dzIzmUmaSTJjmt8Pbuace2fuOeeee+6ce07mBrBlDad/kkr4VkTsjohC4xuGKy/3716denD36lQUS6VTvyblj91L45lsN7Eji4wUIgofJYsbasxfvnJucnZ25mIWH1s4/97Y/OUrz5wdzNZMTCS9bRaqSXppue7t/3DuwL5X3rnx2lR1z3lqteVYL8Mx3CwrZU+ud2Jdtqsm3Ha90XHp+Z9WV1+5/e+Onliu8oodzBmw0UqlUmmg9eZiqdG1JWuATSsGu50DoDvyL/r0/jdfmnUE+jem+9F1d05WboDSct/PlojHyivzcZC+hvvb9TQcEW8Xf/ssXWKDxiEAAGp9czLvCTb0/4YqMyO/X7r5Qvr6t2wOZSgi/h4R/4iIf0bEnoj4V0TsjYh/R8R/GvbfExGlZdIfbohX069OQhVur1NRm0r7f89nc1vpsjj3VQ0N9WSxXRF5h3nmSHZMRqJv4PTZ2Zmjy6Tx7Us/ftJqW23/L13SPOR9wSwft3sbBuimJxcm2yvtUneuRezvXSx/pf+b9EYk1ZmAJCL2RcT+Vex3qCZ89ukvDlQjffXvW7n8ZaWm82jrMM9U+jziqUr9F6Na/qibREzq5ifPT56ZOTNzYXxi4vixoyeeG392bDBmZ46MpWfBkaZpfP/D9ddbpb9i+b/6ufEjL5/4+lTWstYurf/tNed/5PO3i+UfSiKS6nzt/OrTuP7Txy3vado9//uTN8vh/L70/cmFhYtHI/qTV5euH1/8bB5PX6NYKf/Iocbzv5xu+RqXH4n/RkR6Ev8vIv4flTvENO8HI+LxiDi0TPm/e/GJd9sv/8ZKyz8d9eWv1Hxd/S/O17cKJNncYN2m/kgDPecO3nrQ4uLxcPV/vBwaydY0v/4ldZeIVjnNv+3SNX+s+egBAADA5lCIiJ01Y0k7o1AYHa2MAe2J7YXZufmFw6fnLl2YTrdFDEVfIR/pqowH9yX5+OdQTXy8IX4sGzf+tGdbOT46NTc73dWSAzvKbT4pjEa81VPT/lO/rM8QM/BX5vdasHUt1/7TTvzeGx3MDNBRD//9f/ODDc0I0HE17b/VL/yLbfzfF7AJPPT3f9LyeTbAI2PlB/0YM4TNr6Qtw5a2qvZ/2EMA4VHSG29Uw4Wu5gToNP1/2JJW/F3/mgKlgeabBmPpm2Nw+R32RHvZ2NYkra4E0p5VV1Lf1s6n8omelu+Jwup2OBD1a/rbrNPTazwaxYvzZ/Yunvz5s0XWeJxL2f/Kr3cNftmRdtos0PFLEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIb4MwAA///GJdfC")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@mangle={'mangle\x00', 0x64, 0x6, 0x548, 0x0, 0x0, 0x2a8, 0x2a8, 0x1b8, 0x478, 0x478, 0x478, 0x478, 0x478, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x5, 0x703}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@private}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x7, 0x6, @ipv4=@local, 0x4e23}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5a8)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'sit0\x00', <r3=>0x0})
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x101000)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue0\x00', 0x1})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x1, 0x1, 0x0, 0x0, 0xa}})
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r6, 0x1, 0x28, &(0x7f0000000180)=0x738, 0x4)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1}]}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

684.643629ms ago: executing program 5 (id=1439):
socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(0x0, 0x0, 0x40000000000010, 0xffffffffffffffff, 0x2)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000540)=ANY=[@ANYBLOB="0000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000000000000000400000000000000b20a00000000000001000080000000003063000000000000000000000000000000000000000000000000000000000000165100000a0000000300000000000000ffffff7f0000000004000000000000005cb400"/540])
r1 = socket$netlink(0x10, 0x3, 0xf)
r2 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000080)=0x100, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$NFT_BATCH(r1, &(0x7f00000074c0)={0x0, 0x0, &(0x7f0000007480)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000080a010300000000000000000200000a14000000000a010200000000000000000a000017"], 0x50}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

651.70392ms ago: executing program 3 (id=1440):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r0, 0x2000009)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000400)}], 0x1, 0xe7b, 0x0, 0x1)
statfs(&(0x7f0000000200)='.\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)

619.29632ms ago: executing program 5 (id=1441):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0}, 0x10024, 0x10000, 0x1, 0x1, 0xa, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)

512.524342ms ago: executing program 4 (id=1442):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000004c0), &(0x7f0000000540)}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000076000d0b00000000000000000300000000000000080001"], 0x20}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = inotify_init1(0x0)
r4 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
openat(r5, &(0x7f0000000340)='.\x00', 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x12, &(0x7f0000000640)=0x18007, 0x4)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000240)={0x1, [<r7=>0x0]}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000300)={0x100, 0x8008, 0x1, 0x1, r7}, &(0x7f0000000400)=0x10)
inotify_add_watch(r3, &(0x7f00000000c0)='.\x00', 0xa4000061)
read(r3, &(0x7f0000000140)=""/68, 0x44)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x18)
link(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xd3}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x2002c0c4}, 0x0)
r10 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r10)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r12}, 0x18)
ustat(0x11, &(0x7f0000000600))

474.731872ms ago: executing program 5 (id=1443):
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}, 0xc104}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
unshare(0x6a040000)
openat$tun(0xffffffffffffff9c, 0x0, 0x101402, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
unshare(0x20060400)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xf, 0x5, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18804, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x1, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a3100000000e8010000030a01020000000000000000010000000900030073797a3200000000280004800800024000000000080001400000000514000300626174616476300000000000000000000900010073797a31000000000900010073797a3100000000340008800c00024000000000000080010c00024000000000000000040c00014000000000000000000c00014000000000000000014c000480080002404c82f47c080001400000000008000140000000010800014000000003080002404f32945f080001400000000308000140000000020800024019885f270800014000000003fd000c00a03ac330bf11a2145946e6d945deece8485ee69dbc29a8dd5dbce127f829a3adf5c4171b4bedbbc9b913a67b9ee679020f0200000064419faae0136b893d91d95b1174f115798a1abfdc06983fb83f2116a85a00dd35cdf9d8f81683e5e2ebcca132a712e0be44c12c02ac92fbbb86ed717ce0cbd6a0134f899e23ca6d2f063d26be86555cc0e9c7a25d77e6c0f4217794be96b5d797e3116d874c3adfb096e0567ec28bd1e4d8d6713109695f1f3a877d89d20e19304501aeb851d14c4f9b2d769d554fe5308810d19bb040c1977bce50b894f2c45a1f0e80c8256b6dcb072f9d91d94a67bba9f62eb2f192fa4b3786d9a774b99aa332dfbb000000080007006e61"], 0x25c}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r6}, 0x10)
perf_event_open(0x0, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='mmap_lock_acquire_returned\x00', r7}, 0x18)
r8 = gettid()
process_vm_writev(r8, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000201005)

466.255442ms ago: executing program 0 (id=1444):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x100, 0xffffffffffffffff, 0x10000}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000004c0)={r1, &(0x7f0000000340), 0x0}, 0x20)

384.352374ms ago: executing program 4 (id=1445):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0}, 0x10024, 0x10000, 0x1, 0x1, 0xa, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB], &(0x7f0000000c00)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
msgsnd(0x0, &(0x7f0000000e80)=ANY=[@ANYRESHEX, @ANYRES16, @ANYBLOB="b0c65a4e1f121c0a09855acafc432a35efcb108c3c02439c52102e510f60f1520785144c9ac2393574006bccc969e0dd6d5008eb2b841c745151dc19607c68146e", @ANYRESHEX, @ANYRESDEC, @ANYBLOB="707d9da7d9189a51a368290f6f6ca5a38c4f6d1ad0ceff557728f27366e119d07641b4eb9b88e53cb996bce5a5a16f2b93347f29a5ec878ab1df0cd41216f1f3e326517cad43a36181ac5d105bf70ec2a5908abf162a17ad54b9bd644281cb011c47d80c54798dbae043d7aed9d289209ca833f03a6ce436489da71dde227ec64ddc2e940cf9a9a482e2856f392638ebd42046d41c385f6867753dd322e4292bafd2f16378a5f4cabfb95d55", @ANYRESOCT=0x0, @ANYRESHEX], 0x2000, 0x0)

312.034945ms ago: executing program 4 (id=1446):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='hybla\x00', 0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
mmap(&(0x7f0000698000/0x1000)=nil, 0x1000, 0x2000002, 0x10, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000b80)=ANY=[], 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet(r0, &(0x7f0000004a80)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="4fa3176756113b69df8bea4cbc913f2c215bc12e941d0a01", 0x18}, {&(0x7f0000000180)="55c0cc0ba6f3b908ecb5c6e93e4dc70ed9c875dd444569fab05e32a08e71d1c480fa1ada9e6f952dea418e2eb2dd8dcdd18f82c2be42e92405d2eccae94e713594f13ebfe37be3cb7ce0eb237d63f25744e42baf027055a65359c121788ba610f7df23b902755c5771d93efedd8252aca1dda5efe1493ec0a5a9e965666d1afe33b384953a9102b3f1e446aea391ccff253fccc951d4091f1d6b69faee7e7d4b669c48b70ef01c3879af3f35e0682a4925ddf3dd14992612d22032093742f07fd8d9723bed7707077473de16c3f5820b5dc6f1c37dbaaba20cb5", 0xda}, {&(0x7f0000000300)="47788f64ba10044b682c594fa485c04663ed58f30031ae1cff3613c3178c76ab0613419d80cf2ebb2efedf9237b34b3e925f7695a250556a4ff5e460bfdf593f20253f90740976f323c00df882e4285d5fa368cf147e38ee08ae4aa4fdfe618be117a5e45e516c6259b68e1b9cf170cc831498d2db68532fe3acf3cdef8e18488541cacfa624eecc49d9a853f4a7cc8c3d7d0ac7c271bcfc989591b98b6b1c93d818cf4c0ff77fd8bb4f83102c41ebee199b6877f2477b8c", 0xb8}, {&(0x7f0000000400)="5c9272a54353b9022ec534", 0xb}], 0x4}}, {{0x0, 0x0, &(0x7f0000001980)=[{&(0x7f00000006c0)="900d3798e4653207eae6da23bf6c69f8e965679b910b52e0a4de8e3c4ef97ab320820bd9275a6e2a4609c4feb730084e64cc106664be66878f403244c97c0411b65371955f45c915599f9f722d1962a221a86918d50891c838bfdf21f7a255f2e2cf5839d1c3aa3dbfcd94ca44e18c7863d497ff4f85628494915bc016f7c5d62747bb5368ef052201a0ee3cc9dca7156e893cf07b494f98a177460a7ec073fd8af879ae71c8cac715a241052bae3a3f09f4f4dda617e5ca05290be71acaabf4544ca83830272440b95c66d0aa091c738b41f76df43c9498d47f3d35a56205f4c1050cab", 0xe4}], 0x1}}], 0x2, 0xc0)

147.959897ms ago: executing program 0 (id=1447):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000020c0)=@newtaction={0x88c, 0x30, 0xffff, 0x4, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x8, 0x0, 0xfffffffd, 0x0, 0x4, 0x0, 0x0, 0x4000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x5, 0x0, 0x0, 0x22, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x27ffdbfc, 0x0, 0x1000000, 0x0, 0x0, 0xf127, 0x0, 0xfffffffe, 0x6, 0xfffffffe, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x400, 0x0, 0x0, 0xeeb, 0x7, 0xffff742d, 0x0, 0x0, 0xfffffffc, 0x400, 0x8, 0x0, 0x0, 0x0, 0x81b, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6, 0x1, 0x0, 0x2007, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0xffffffff, 0x0, 0x40, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8001, 0x0, 0x0, 0x0, 0xa, 0x1, 0xfffffffe, 0xfffffffd, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf1, 0xfffffffa, 0x0, 0x2, 0x0, 0x100, 0xfffffffc, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x55, 0xfff, 0x1000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x4000, 0x0, 0x0, 0xffffff9c, 0x0, 0x0, 0xfffffffd, 0x1, 0x9e, 0x0, 0x2, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x100000]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x7, 0xfffeffff, 0x100, 0x8, {0x4, 0x0, 0x400, 0x3200, 0x7fff, 0x7}, {0x7, 0x2, 0x5, 0x8, 0xd3, 0x766}, 0xfeea, 0x4, 0x2}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x3, 0xc, 0x7ff, 0x9, 0x3, 0x2, 0x6, 0x3, 0x2, 0x1, 0x101, 0x0, 0x4, 0x80, 0x5, 0x7, 0x5, 0x9d, 0xfffffffe, 0x2, 0x8c, 0x80000001, 0x6, 0x7f, 0x2, 0x0, 0x5, 0x76, 0x3, 0x2, 0x7, 0x820, 0x0, 0x10000, 0xf0, 0x8, 0xb8, 0x151, 0xfff, 0xf, 0x9, 0x401, 0xfffffff8, 0x5, 0x8, 0xfffffffa, 0x4, 0x7, 0x8000, 0xf9, 0xfff, 0x7fff, 0x1, 0x0, 0xff, 0x5c0078f0, 0x7f, 0x0, 0x2, 0xfffffffa, 0x8, 0x7, 0x7, 0x7, 0x6, 0x80000000, 0x5, 0x4, 0x3, 0x6, 0x9, 0x10000, 0x5, 0x6, 0xfff, 0x2, 0x1, 0x8, 0x3, 0x74, 0x4, 0xfee, 0x401, 0x5, 0x5, 0xfff, 0x8f4, 0x3, 0x8000, 0x2, 0x6, 0x1, 0x1ff, 0x1009, 0x1, 0x6, 0x9, 0xc, 0x0, 0x80, 0xe, 0xd, 0x6, 0x8, 0xfffffffe, 0xef, 0x2, 0x3, 0x1f, 0x7, 0x9, 0x1ec0, 0x2, 0xfffff001, 0x2, 0x0, 0x10001, 0xd5b, 0x5, 0x0, 0x1, 0x7, 0x3, 0x7, 0x8, 0x0, 0x4, 0x8, 0x101, 0x200, 0x0, 0x80000000, 0x5, 0x2, 0x2, 0x7fff, 0x7, 0x6, 0x3ff, 0x0, 0xffff935a, 0x8, 0xf64, 0x8, 0x4, 0x80000001, 0x3, 0xfe000000, 0x3, 0x2, 0x8, 0x6, 0x400000, 0x3, 0x8, 0xa, 0x5, 0x2, 0x400, 0x7, 0x1ff, 0x1, 0x742, 0x2, 0x4, 0x0, 0x1, 0x6, 0x53a, 0x5, 0x8, 0x6, 0x8, 0x3, 0x9, 0x6, 0xf, 0xa, 0x3, 0xfffff000, 0x7, 0x71e6, 0xa, 0x5, 0x7, 0x2, 0x1000, 0xe, 0x4, 0x0, 0x6, 0x1, 0x0, 0x9, 0x5, 0x10000, 0x3, 0x2, 0x7ff, 0x4, 0x5, 0x4, 0x4, 0x0, 0x404, 0x80, 0x5a78, 0xf96, 0x7, 0x6, 0x80, 0xc, 0xfffffff9, 0x7, 0x4, 0x5, 0x4, 0x9, 0x2, 0xffff4fba, 0x5, 0x3, 0x800, 0x93, 0x3, 0x3000000, 0x8, 0x80000001, 0x6, 0x6, 0xde4a, 0x9, 0xd, 0x10001, 0x4c, 0x8, 0xf0, 0x0, 0x5, 0x9, 0x6, 0x2, 0x8, 0x3, 0x2, 0x5, 0x9, 0x2, 0x4, 0x9, 0x7, 0x5, 0x10001, 0x8, 0x9]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x2}}}}]}]}, 0x88c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

147.123547ms ago: executing program 2 (id=1448):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x8050)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000180)={'veth0\x00', &(0x7f0000000300)=@ethtool_sset_info={0x37, 0x8, 0xfffffffffffffff8}})
pipe(&(0x7f0000000080))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x3804402, &(0x7f0000000300)={[{@init_itable_val={'init_itable', 0x3d, 0xfffffffffffffffd}}, {@abort}, {@noload}, {@user_xattr}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@grpid}, {@noinit_itable}, {@nobh}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}]}, 0x1, 0x55f, &(0x7f0000000540)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
removexattr(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)=@known='system.posix_acl_default\x00')

106.081378ms ago: executing program 2 (id=1449):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x100, 0xffffffffffffffff, 0x10000}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000004c0)={r1, &(0x7f0000000340), 0x0}, 0x20)

105.069998ms ago: executing program 0 (id=1450):
socket(0x10, 0x80003, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x1000003, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x10, 0x8}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
pipe2$9p(0x0, 0x0)
connect$qrtr(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r2, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r3 = syz_open_pts(r2, 0x0)
dup3(r3, r2, 0x0)
ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000180)={0x38000, 0x8, 0x0, 0x2, 0x5, "aa32b73986bbee6bd231334cbfa0b758261a93"})

95.313138ms ago: executing program 2 (id=1451):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0}, 0x94)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
r1 = open(&(0x7f0000000140)='./file2\x00', 0x147842, 0x184)
preadv2(r1, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

0s ago: executing program 2 (id=1452):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
pwritev(r1, &(0x7f0000000100)=[{0x0, 0x72}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

329] FAULT_INJECTION: forcing a failure.
[   68.612537][ T5329] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.625682][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.1.629 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   68.625709][ T5329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   68.625718][ T5329] Call Trace:
[   68.625724][ T5329]  <TASK>
[   68.625731][ T5329]  __dump_stack+0x1d/0x30
[   68.625749][ T5329]  dump_stack_lvl+0xe8/0x140
[   68.625795][ T5329]  dump_stack+0x15/0x1b
[   68.625810][ T5329]  should_fail_ex+0x265/0x280
[   68.625904][ T5329]  should_fail+0xb/0x20
[   68.625927][ T5329]  should_fail_usercopy+0x1a/0x20
[   68.625954][ T5329]  _copy_to_user+0x20/0xa0
[   68.625995][ T5329]  simple_read_from_buffer+0xb5/0x130
[   68.626019][ T5329]  proc_fail_nth_read+0x100/0x140
[   68.626121][ T5329]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   68.626215][ T5329]  vfs_read+0x19d/0x6f0
[   68.626262][ T5329]  ? __rcu_read_unlock+0x4f/0x70
[   68.626283][ T5329]  ? __fget_files+0x184/0x1c0
[   68.626296][ T5329]  ? __rcu_read_unlock+0x4f/0x70
[   68.626315][ T5329]  ksys_read+0xda/0x1a0
[   68.626387][ T5329]  __x64_sys_read+0x40/0x50
[   68.626417][ T5329]  x64_sys_call+0x2d77/0x2fb0
[   68.626434][ T5329]  do_syscall_64+0xd2/0x200
[   68.626449][ T5329]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.626488][ T5329]  ? clear_bhb_loop+0x40/0x90
[   68.626506][ T5329]  ? clear_bhb_loop+0x40/0x90
[   68.626527][ T5329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.626581][ T5329] RIP: 0033:0x7f2049f2d3bc
[   68.626595][ T5329] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   68.626610][ T5329] RSP: 002b:00007f2048576030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   68.626629][ T5329] RAX: ffffffffffffffda RBX: 00007f204a156080 RCX: 00007f2049f2d3bc
[   68.626678][ T5329] RDX: 000000000000000f RSI: 00007f20485760a0 RDI: 0000000000000003
[   68.626689][ T5329] RBP: 00007f2048576090 R08: 0000000000000000 R09: 0000000000000000
[   68.626701][ T5329] R10: 0000000008000000 R11: 0000000000000246 R12: 0000000000000001
[   68.626714][ T5329] R13: 0000000000000001 R14: 00007f204a156080 R15: 00007ffc19df6338
[   68.626730][ T5329]  </TASK>
[   68.898184][   T29] kauditd_printk_skb: 667 callbacks suppressed
[   68.898197][   T29] audit: type=1326 audit(1753273687.874:3960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   68.939764][   T29] audit: type=1326 audit(1753273687.904:3961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   68.963100][   T29] audit: type=1326 audit(1753273687.904:3962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   68.986618][   T29] audit: type=1326 audit(1753273687.904:3963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   69.010097][   T29] audit: type=1326 audit(1753273687.904:3964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   69.033662][   T29] audit: type=1326 audit(1753273687.904:3965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   69.057037][   T29] audit: type=1326 audit(1753273687.904:3966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   69.080508][   T29] audit: type=1326 audit(1753273687.904:3967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   69.103912][   T29] audit: type=1326 audit(1753273687.904:3968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   69.127273][   T29] audit: type=1326 audit(1753273687.904:3969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5333 comm="syz.1.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   69.285057][ T5359] loop1: detected capacity change from 0 to 128
[   69.337594][ T5364] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   69.423709][ T5349] xt_CT: No such helper "pptp"
[   69.435812][ T4755] kworker/u8:50: attempt to access beyond end of device
[   69.435812][ T4755] loop1: rw=1, sector=153, nr_sectors = 8 limit=128
[   69.454116][ T5349] loop4: detected capacity change from 0 to 1024
[   69.468062][ T5349] EXT4-fs: Ignoring removed nobh option
[   69.468157][ T4755] kworker/u8:50: attempt to access beyond end of device
[   69.468157][ T4755] loop1: rw=1, sector=169, nr_sectors = 8 limit=128
[   69.473761][ T5349] EXT4-fs: Ignoring removed bh option
[   69.488042][ T4755] kworker/u8:50: attempt to access beyond end of device
[   69.488042][ T4755] loop1: rw=1, sector=185, nr_sectors = 8 limit=128
[   69.506069][ T4755] kworker/u8:50: attempt to access beyond end of device
[   69.506069][ T4755] loop1: rw=1, sector=201, nr_sectors = 8 limit=128
[   69.506144][ T4755] kworker/u8:50: attempt to access beyond end of device
[   69.506144][ T4755] loop1: rw=1, sector=217, nr_sectors = 8 limit=128
[   69.506244][ T4755] kworker/u8:50: attempt to access beyond end of device
[   69.506244][ T4755] loop1: rw=1, sector=233, nr_sectors = 8 limit=128
[   69.506274][ T4755] kworker/u8:50: attempt to access beyond end of device
[   69.506274][ T4755] loop1: rw=1, sector=249, nr_sectors = 8 limit=128
[   69.506325][ T4755] kworker/u8:50: attempt to access beyond end of device
[   69.506325][ T4755] loop1: rw=1, sector=265, nr_sectors = 8 limit=128
[   69.506355][ T4755] kworker/u8:50: attempt to access beyond end of device
[   69.506355][ T4755] loop1: rw=1, sector=281, nr_sectors = 8 limit=128
[   69.506417][ T4755] kworker/u8:50: attempt to access beyond end of device
[   69.506417][ T4755] loop1: rw=1, sector=297, nr_sectors = 8 limit=128
[   69.551466][ T5349] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.090594][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.107215][ T5402] loop3: detected capacity change from 0 to 2048
[   70.159503][ T5402] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.469589][ T5435] mmap: syz.4.671 (5435) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   70.489842][ T5435] xt_hashlimit: max too large, truncated to 1048576
[   70.520613][ T5437] blktrace: Concurrent blktraces are not allowed on loop9
[   70.532720][ T5438] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   70.716068][ T5445] netlink: 8 bytes leftover after parsing attributes in process `syz.4.676'.
[   70.741605][ T5445] netlink: 4 bytes leftover after parsing attributes in process `syz.4.676'.
[   70.957005][ T3307] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   70.979665][ T3307] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   71.068721][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.208509][ T5465] loop3: detected capacity change from 0 to 1024
[   71.219904][ T5465] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.332138][ T5459] FAULT_INJECTION: forcing a failure.
[   71.332138][ T5459] name failslab, interval 1, probability 0, space 0, times 0
[   71.344849][ T5459] CPU: 0 UID: 0 PID: 5459 Comm: syz.0.683 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   71.344930][ T5459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   71.344942][ T5459] Call Trace:
[   71.344948][ T5459]  <TASK>
[   71.344955][ T5459]  __dump_stack+0x1d/0x30
[   71.344972][ T5459]  dump_stack_lvl+0xe8/0x140
[   71.344988][ T5459]  dump_stack+0x15/0x1b
[   71.345070][ T5459]  should_fail_ex+0x265/0x280
[   71.345114][ T5459]  should_failslab+0x8c/0xb0
[   71.345133][ T5459]  __kvmalloc_node_noprof+0x123/0x4e0
[   71.345154][ T5459]  ? alloc_netdev_mqs+0x5ac/0xab0
[   71.345202][ T5459]  alloc_netdev_mqs+0x5ac/0xab0
[   71.345234][ T5459]  rtnl_create_link+0x239/0x710
[   71.345308][ T5459]  rtnl_newlink_create+0x14c/0x620
[   71.345334][ T5459]  ? __schedule+0x6a8/0xb30
[   71.345421][ T5459]  rtnl_newlink+0xf29/0x12d0
[   71.345449][ T5459]  ? xas_load+0x413/0x430
[   71.345517][ T5459]  ? __rcu_read_unlock+0x4f/0x70
[   71.345538][ T5459]  ? trace_reschedule_exit+0xd/0xc0
[   71.345562][ T5459]  ? sysvec_reschedule_ipi+0x4f/0x70
[   71.345592][ T5459]  ? trace_reschedule_exit+0xd/0xc0
[   71.345689][ T5459]  ? __kfree_skb+0x109/0x150
[   71.345716][ T5459]  ? __rcu_read_unlock+0x4f/0x70
[   71.345737][ T5459]  ? avc_has_perm_noaudit+0x1b1/0x200
[   71.345767][ T5459]  ? selinux_capable+0x1f9/0x270
[   71.345795][ T5459]  ? security_capable+0x83/0x90
[   71.345815][ T5459]  ? ns_capable+0x7d/0xb0
[   71.345833][ T5459]  ? __pfx_rtnl_newlink+0x10/0x10
[   71.345853][ T5459]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   71.345940][ T5459]  netlink_rcv_skb+0x120/0x220
[   71.345969][ T5459]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   71.345997][ T5459]  rtnetlink_rcv+0x1c/0x30
[   71.346015][ T5459]  netlink_unicast+0x5a8/0x680
[   71.346060][ T5459]  netlink_sendmsg+0x58b/0x6b0
[   71.346082][ T5459]  ? __pfx_netlink_sendmsg+0x10/0x10
[   71.346127][ T5459]  __sock_sendmsg+0x145/0x180
[   71.346148][ T5459]  ____sys_sendmsg+0x31e/0x4e0
[   71.346221][ T5459]  ___sys_sendmsg+0x17b/0x1d0
[   71.346260][ T5459]  __x64_sys_sendmsg+0xd4/0x160
[   71.346345][ T5459]  x64_sys_call+0x2999/0x2fb0
[   71.346362][ T5459]  do_syscall_64+0xd2/0x200
[   71.346376][ T5459]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.346472][ T5459]  ? clear_bhb_loop+0x40/0x90
[   71.346492][ T5459]  ? clear_bhb_loop+0x40/0x90
[   71.346514][ T5459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.346535][ T5459] RIP: 0033:0x7f26a663e9a9
[   71.346618][ T5459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.346635][ T5459] RSP: 002b:00007f26a4c9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   71.346654][ T5459] RAX: ffffffffffffffda RBX: 00007f26a6865fa0 RCX: 00007f26a663e9a9
[   71.346668][ T5459] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[   71.346678][ T5459] RBP: 00007f26a4c9f090 R08: 0000000000000000 R09: 0000000000000000
[   71.346691][ T5459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.346734][ T5459] R13: 0000000000000000 R14: 00007f26a6865fa0 R15: 00007ffea844d048
[   71.346814][ T5459]  </TASK>
[   71.477966][ T5465] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.701346][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.746944][ T5477] netlink: 'syz.4.685': attribute type 1 has an invalid length.
[   71.754713][ T5477] netlink: 224 bytes leftover after parsing attributes in process `syz.4.685'.
[   71.782881][ T5478] loop1: detected capacity change from 0 to 2048
[   71.825506][ T5480] netlink: 'syz.3.688': attribute type 13 has an invalid length.
[   71.833454][ T5480] netlink: 152 bytes leftover after parsing attributes in process `syz.3.688'.
[   71.851485][ T5480] erspan0: refused to change device tx_queue_len
[   71.857737][ T5485] netlink: 20 bytes leftover after parsing attributes in process `syz.2.690'.
[   71.859963][ T5480] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   71.908137][ T5478] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.084390][ T5507] loop3: detected capacity change from 0 to 512
[   72.098750][ T5507] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   72.106936][ T5507] EXT4-fs (loop3): orphan cleanup on readonly fs
[   72.115953][ T5507] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.698: corrupted inode contents
[   72.117673][ T5510] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   72.128847][ T5507] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #16: comm syz.3.698: mark_inode_dirty error
[   72.150138][ T5507] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.698: corrupted inode contents
[   72.167242][ T5507] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.698: mark_inode_dirty error
[   72.179914][ T5507] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.698: corrupted inode contents
[   72.198399][ T5512] ALSA: seq fatal error: cannot create timer (-19)
[   72.198401][ T5507] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[   72.212069][ T5507] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.698: corrupted inode contents
[   72.225295][ T5507] EXT4-fs error (device loop3): ext4_truncate:4597: inode #16: comm syz.3.698: mark_inode_dirty error
[   72.236596][ T5507] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[   72.246212][ T5507] EXT4-fs (loop3): 1 truncate cleaned up
[   72.252100][ T4769] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:61: Failed to release dquot type 1
[   72.288085][ T5507] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.326816][ T5507] netlink: 14 bytes leftover after parsing attributes in process `syz.3.698'.
[   72.351770][ T5507] hsr_slave_0: left promiscuous mode
[   72.357450][ T5507] hsr_slave_1: left promiscuous mode
[   72.480065][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.504212][ T5524] loop3: detected capacity change from 0 to 512
[   72.513790][ T5524] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   72.525842][ T5524] EXT4-fs (loop3): 1 truncate cleaned up
[   72.532406][ T5524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.593593][ T3304] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   72.614075][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.623400][ T3304] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   72.657258][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.957630][ T5549] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   73.022452][ T5551] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   73.031555][ T5553] loop0: detected capacity change from 0 to 2048
[   73.070516][ T5553] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.249791][ T5576] netlink: 20 bytes leftover after parsing attributes in process `syz.3.725'.
[   73.291171][ T5577] netlink: 'syz.2.722': attribute type 1 has an invalid length.
[   73.298945][ T5577] netlink: 224 bytes leftover after parsing attributes in process `syz.2.722'.
[   73.349467][ T5580] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   73.364828][ T5582] netlink: 28 bytes leftover after parsing attributes in process `syz.1.728'.
[   73.375338][ T5582] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.728'.
[   73.384888][ T5582] netlink: zone id is out of range
[   73.390844][ T5582] netlink: zone id is out of range
[   73.396065][ T5582] netlink: zone id is out of range
[   73.401252][ T5582] netlink: zone id is out of range
[   73.406545][ T5582] netlink: del zone limit has 8 unknown bytes
[   73.468016][ T5587] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.532250][ T5587] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.585584][ T5587] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.650748][ T5587] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.751190][ T5587] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.765376][ T5587] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.777781][ T5587] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.800384][ T5587] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.848759][ T4182] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   73.883606][ T4182] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   73.909990][ T4182] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.967878][ T5605] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   74.277698][   T29] kauditd_printk_skb: 536 callbacks suppressed
[   74.277713][   T29] audit: type=1326 audit(1753273693.214:4505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5606 comm="syz.1.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   74.307194][   T29] audit: type=1326 audit(1753273693.214:4506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5606 comm="syz.1.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   74.330483][   T29] audit: type=1326 audit(1753273693.214:4507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5606 comm="syz.1.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   74.353772][   T29] audit: type=1326 audit(1753273693.214:4508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5606 comm="syz.1.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   74.377102][   T29] audit: type=1326 audit(1753273693.224:4509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5606 comm="syz.1.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   74.400434][   T29] audit: type=1326 audit(1753273693.224:4510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5606 comm="syz.1.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   74.423797][   T29] audit: type=1326 audit(1753273693.224:4511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5606 comm="syz.1.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   74.447151][   T29] audit: type=1326 audit(1753273693.224:4512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5606 comm="syz.1.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   74.470452][   T29] audit: type=1326 audit(1753273693.224:4513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5606 comm="syz.1.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   74.493733][   T29] audit: type=1326 audit(1753273693.224:4514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5606 comm="syz.1.738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f2049f2e9a9 code=0x7ffc0000
[   74.529821][ T5614] netlink: 'syz.4.740': attribute type 1 has an invalid length.
[   74.939574][ T5632] loop0: detected capacity change from 0 to 1024
[   74.952867][ T5632] EXT4-fs: Ignoring removed nomblk_io_submit option
[   74.971314][ T5632] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.972842][ T5637] loop1: detected capacity change from 0 to 512
[   75.028959][ T5637] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   75.040220][ T5637] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.750: invalid block
[   75.093200][ T5637] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.750: invalid indirect mapped block 4294967295 (level 1)
[   75.176125][ T5637] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.750: invalid indirect mapped block 4294967295 (level 1)
[   75.266243][ T4182] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.279827][ T5637] EXT4-fs (loop1): 2 truncates cleaned up
[   75.291556][ T5637] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.340826][ T5645] netlink: 'syz.2.753': attribute type 13 has an invalid length.
[   75.348938][ T5645] erspan0: refused to change device tx_queue_len
[   75.355811][ T5645] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   75.376383][ T5650] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   75.390553][ T5637] ALSA: seq fatal error: cannot create timer (-19)
[   75.430653][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.524651][ T5656] loop1: detected capacity change from 0 to 1024
[   75.685826][ T5656] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.699199][ T5656] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.885727][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.977549][ T5671] loop3: detected capacity change from 0 to 2048
[   76.132037][ T5671] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.324396][ T5684] loop1: detected capacity change from 0 to 1024
[   76.340475][ T5684] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.353853][ T5684] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.419858][ T5687] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   76.525664][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.896359][ T3307] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   77.021234][ T3307] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   77.256770][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.717235][ T5713] loop4: detected capacity change from 0 to 1024
[   77.793537][ T5713] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.825437][ T5713] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.851777][ T5720] __nla_validate_parse: 4 callbacks suppressed
[   77.851792][ T5720] netlink: 96 bytes leftover after parsing attributes in process `syz.1.778'.
[   77.903874][ T5724] netlink: 36 bytes leftover after parsing attributes in process `syz.2.779'.
[   77.912849][ T5724] netlink: 44 bytes leftover after parsing attributes in process `syz.2.779'.
[   78.018066][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.264923][ T5733] netlink: 16 bytes leftover after parsing attributes in process `syz.1.785'.
[   78.296037][ T5733] netlink: 28 bytes leftover after parsing attributes in process `syz.1.785'.
[   78.304943][ T5733] netlink: 28 bytes leftover after parsing attributes in process `syz.1.785'.
[   78.435800][ T5746] loop3: detected capacity change from 0 to 164
[   78.448443][ T5745] netlink: 8 bytes leftover after parsing attributes in process `syz.4.781'.
[   78.481690][ T5746] bio_check_eod: 102 callbacks suppressed
[   78.481704][ T5746] syz.3.789: attempt to access beyond end of device
[   78.481704][ T5746] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   78.527963][ T5746] syz.3.789: attempt to access beyond end of device
[   78.527963][ T5746] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[   78.560878][ T5754] netlink: 4 bytes leftover after parsing attributes in process `syz.3.789'.
[   78.757405][ T5765] blktrace: Concurrent blktraces are not allowed on loop7
[   79.016028][ T5773] FAULT_INJECTION: forcing a failure.
[   79.016028][ T5773] name failslab, interval 1, probability 0, space 0, times 0
[   79.028836][ T5773] CPU: 1 UID: 0 PID: 5773 Comm: syz.4.798 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   79.028862][ T5773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   79.028872][ T5773] Call Trace:
[   79.028927][ T5773]  <TASK>
[   79.028934][ T5773]  __dump_stack+0x1d/0x30
[   79.028958][ T5773]  dump_stack_lvl+0xe8/0x140
[   79.028981][ T5773]  dump_stack+0x15/0x1b
[   79.029036][ T5773]  should_fail_ex+0x265/0x280
[   79.029064][ T5773]  should_failslab+0x8c/0xb0
[   79.029086][ T5773]  kmem_cache_alloc_node_noprof+0x57/0x320
[   79.029158][ T5773]  ? __alloc_skb+0x101/0x320
[   79.029250][ T5773]  __alloc_skb+0x101/0x320
[   79.029298][ T5773]  ? audit_log_start+0x365/0x6c0
[   79.029407][ T5773]  audit_log_start+0x380/0x6c0
[   79.029507][ T5773]  audit_seccomp+0x48/0x100
[   79.029527][ T5773]  ? __seccomp_filter+0x68c/0x10d0
[   79.029548][ T5773]  __seccomp_filter+0x69d/0x10d0
[   79.029570][ T5773]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   79.029614][ T5773]  ? vfs_write+0x75e/0x8e0
[   79.029676][ T5773]  ? __rcu_read_unlock+0x4f/0x70
[   79.029693][ T5773]  ? __fget_files+0x184/0x1c0
[   79.029711][ T5773]  __secure_computing+0x82/0x150
[   79.029728][ T5773]  syscall_trace_enter+0xcf/0x1e0
[   79.029769][ T5773]  do_syscall_64+0xac/0x200
[   79.029787][ T5773]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   79.029830][ T5773]  ? clear_bhb_loop+0x40/0x90
[   79.029846][ T5773]  ? clear_bhb_loop+0x40/0x90
[   79.029863][ T5773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.029881][ T5773] RIP: 0033:0x7f57393ae9a9
[   79.029893][ T5773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.029907][ T5773] RSP: 002b:00007f5737a0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   79.029997][ T5773] RAX: ffffffffffffffda RBX: 00007f57395d5fa0 RCX: 00007f57393ae9a9
[   79.030010][ T5773] RDX: 0000200000000100 RSI: 00000000400454d9 RDI: 0000000000000004
[   79.030022][ T5773] RBP: 00007f5737a0f090 R08: 0000000000000000 R09: 0000000000000000
[   79.030032][ T5773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.030043][ T5773] R13: 0000000000000000 R14: 00007f57395d5fa0 R15: 00007ffc3b761638
[   79.030058][ T5773]  </TASK>
[   79.392483][ T5788] loop1: detected capacity change from 0 to 512
[   79.403901][ T5789] netlink: 8 bytes leftover after parsing attributes in process `syz.0.803'.
[   79.413443][ T5788] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   79.449048][ T5788] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002c018, mo2=0002]
[   79.481255][ T5788] System zones: 0-7
[   79.485110][   T29] kauditd_printk_skb: 438 callbacks suppressed
[   79.485120][   T29] audit: type=1326 audit(1753273698.434:4951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5780 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   79.514631][   T29] audit: type=1326 audit(1753273698.434:4952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5780 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   79.537994][   T29] audit: type=1326 audit(1753273698.434:4953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5780 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   79.546493][ T5788] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.561394][   T29] audit: type=1326 audit(1753273698.434:4954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5780 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   79.596786][   T29] audit: type=1326 audit(1753273698.434:4955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5780 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   79.620174][   T29] audit: type=1326 audit(1753273698.434:4956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5780 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   79.643468][   T29] audit: type=1326 audit(1753273698.434:4957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5780 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   79.666793][   T29] audit: type=1326 audit(1753273698.434:4958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5780 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   79.690229][   T29] audit: type=1326 audit(1753273698.434:4959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5780 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   79.713580][   T29] audit: type=1326 audit(1753273698.434:4960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5780 comm="syz.0.803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   79.816652][ T5801] loop0: detected capacity change from 0 to 1024
[   79.829233][ T5801] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.841910][ T5801] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.878598][ T4182] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.909919][ T5805] loop4: detected capacity change from 0 to 4096
[   79.916905][ T5812] netlink: 12 bytes leftover after parsing attributes in process `syz.0.813'.
[   79.940133][ T5805] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.956779][ T5815] loop0: detected capacity change from 0 to 512
[   79.972324][ T5805] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   79.981813][ T5815] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   80.016319][ T5815] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.814: invalid block
[   80.030427][ T5815] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.814: invalid indirect mapped block 4294967295 (level 1)
[   80.046280][ T5815] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.814: invalid indirect mapped block 4294967295 (level 1)
[   80.062660][ T5815] EXT4-fs (loop0): 2 truncates cleaned up
[   80.068862][ T5815] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.089924][ T5797] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.101435][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.117838][ T5815] ALSA: seq fatal error: cannot create timer (-19)
[   80.140502][ T4769] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.165558][ T4182] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.219054][ T5827] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5827 comm=syz.0.819
[   80.233745][ T4769] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.264112][ T5827] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5827 comm=syz.0.819
[   80.293427][ T4769] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.477021][ T4769] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.616480][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   80.740790][ T4769] bridge_slave_1: left allmulticast mode
[   80.746461][ T4769] bridge_slave_1: left promiscuous mode
[   80.752134][ T4769] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.762010][ T4769] bridge_slave_0: left allmulticast mode
[   80.767692][ T4769] bridge_slave_0: left promiscuous mode
[   80.773396][ T4769] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.940151][ T4769] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   80.951992][ T4769] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   80.961856][ T4769] bond0 (unregistering): Released all slaves
[   81.028470][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.035555][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.043987][ T5823] bridge_slave_0: entered allmulticast mode
[   81.050470][ T5823] bridge_slave_0: entered promiscuous mode
[   81.057213][ T4769] tipc: Disabling bearer <udp:syz2>
[   81.062487][ T4769] tipc: Left network mode
[   81.076087][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.083137][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.090348][ T5823] bridge_slave_1: entered allmulticast mode
[   81.096714][ T5823] bridge_slave_1: entered promiscuous mode
[   81.107167][ T4769] hsr_slave_0: left promiscuous mode
[   81.113151][ T4769] hsr_slave_1: left promiscuous mode
[   81.116601][ T5866] loop0: detected capacity change from 0 to 512
[   81.125297][ T4769] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   81.126617][ T5866] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   81.132803][ T4769] batman_adv: batadv0: Removing interface: batadv_slave_0
[   81.148867][ T4769] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   81.156414][ T4769] batman_adv: batadv0: Removing interface: batadv_slave_1
[   81.167184][ T5866] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.831: invalid block
[   81.180675][ T4769] veth1_macvtap: left promiscuous mode
[   81.186142][ T4769] veth0_macvtap: left promiscuous mode
[   81.191696][ T4769] veth1_vlan: left promiscuous mode
[   81.196902][ T4769] veth0_vlan: left promiscuous mode
[   81.202355][ T5866] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.831: invalid indirect mapped block 4294967295 (level 1)
[   81.216768][ T5866] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.831: invalid indirect mapped block 4294967295 (level 1)
[   81.231010][ T5866] EXT4-fs (loop0): 2 truncates cleaned up
[   81.237065][ T5866] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.319539][ T4769] team0 (unregistering): Port device team_slave_1 removed
[   81.330000][ T4769] team0 (unregistering): Port device team_slave_0 removed
[   81.365962][ T5874] ALSA: seq fatal error: cannot create timer (-19)
[   81.397169][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.407148][ T4182] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.417198][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.449773][ T5823] team0: Port device team_slave_0 added
[   81.456574][ T5823] team0: Port device team_slave_1 added
[   81.466746][ T5878] loop0: detected capacity change from 0 to 128
[   81.489827][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.496767][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.522873][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.539144][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.546113][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.572056][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.614076][ T5823] hsr_slave_0: entered promiscuous mode
[   81.621819][ T5823] hsr_slave_1: entered promiscuous mode
[   81.627824][ T5823] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   81.635468][ T5823] Cannot create hsr debugfs directory
[   81.747178][ T5823] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   81.765465][ T5823] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   81.814012][ T5823] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   81.823561][ T5823] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   81.843500][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.850584][ T5823] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.857890][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.865013][ T5823] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.908979][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.919832][ T4755] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.929794][ T4755] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.946537][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   81.972689][ T5913] loop0: detected capacity change from 0 to 128
[   81.994917][ T4743] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.001990][ T4743] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.010791][ T5913] FAULT_INJECTION: forcing a failure.
[   82.010791][ T5913] name failslab, interval 1, probability 0, space 0, times 0
[   82.011424][ T4743] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.023545][ T5913] CPU: 1 UID: 0 PID: 5913 Comm: syz.0.846 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   82.023625][ T5913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   82.023636][ T5913] Call Trace:
[   82.023642][ T5913]  <TASK>
[   82.023649][ T5913]  __dump_stack+0x1d/0x30
[   82.023669][ T5913]  dump_stack_lvl+0xe8/0x140
[   82.023687][ T5913]  dump_stack+0x15/0x1b
[   82.023779][ T5913]  should_fail_ex+0x265/0x280
[   82.023807][ T5913]  should_failslab+0x8c/0xb0
[   82.023826][ T5913]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   82.023853][ T5913]  ? __d_alloc+0x3d/0x350
[   82.023907][ T5913]  __d_alloc+0x3d/0x350
[   82.023925][ T5913]  ? avc_has_perm_noaudit+0x1b1/0x200
[   82.023951][ T5913]  d_alloc_parallel+0x53/0xc40
[   82.024019][ T5913]  ? __d_lookup_rcu_op_compare+0x23b/0x270
[   82.024057][ T5913]  ? lockref_get_not_dead+0x120/0x1c0
[   82.024078][ T5913]  ? __rcu_read_unlock+0x4f/0x70
[   82.024108][ T5913]  __lookup_slow+0x8c/0x250
[   82.024131][ T5913]  lookup_slow+0x3c/0x60
[   82.024153][ T5913]  walk_component+0x1ec/0x220
[   82.024174][ T5913]  path_lookupat+0xfe/0x2a0
[   82.024220][ T5913]  do_o_path+0x45/0x130
[   82.024262][ T5913]  path_openat+0x1df9/0x2170
[   82.024292][ T5913]  ? _parse_integer_limit+0x170/0x190
[   82.024341][ T5913]  ? kstrtouint+0x76/0xc0
[   82.024383][ T5913]  do_filp_open+0x109/0x230
[   82.024413][ T5913]  do_sys_openat2+0xa6/0x110
[   82.024437][ T5913]  __x64_sys_openat+0xf2/0x120
[   82.024541][ T5913]  x64_sys_call+0x1af/0x2fb0
[   82.024560][ T5913]  do_syscall_64+0xd2/0x200
[   82.024608][ T5913]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.024692][ T5913]  ? clear_bhb_loop+0x40/0x90
[   82.024711][ T5913]  ? clear_bhb_loop+0x40/0x90
[   82.024805][ T5913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.024848][ T5913] RIP: 0033:0x7f26a663e9a9
[   82.024862][ T5913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.024933][ T5913] RSP: 002b:00007f26a4c9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   82.024988][ T5913] RAX: ffffffffffffffda RBX: 00007f26a6865fa0 RCX: 00007f26a663e9a9
[   82.025001][ T5913] RDX: 000000000064c080 RSI: 0000200000000440 RDI: ffffffffffffff9c
[   82.025013][ T5913] RBP: 00007f26a4c9f090 R08: 0000000000000000 R09: 0000000000000000
[   82.025026][ T5913] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[   82.025038][ T5913] R13: 0000000000000000 R14: 00007f26a6865fa0 R15: 00007ffea844d048
[   82.025056][ T5913]  </TASK>
[   82.276209][ T4743] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.301627][ T5823] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   82.312027][ T5823] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   82.406549][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.615371][ T5823] veth0_vlan: entered promiscuous mode
[   82.636607][ T5823] veth1_vlan: entered promiscuous mode
[   82.676842][ T5823] veth0_macvtap: entered promiscuous mode
[   82.686433][ T5823] veth1_macvtap: entered promiscuous mode
[   82.706979][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.727163][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.753045][ T5823] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.761847][ T5823] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.770569][ T5823] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.779396][ T5823] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.200258][ T5985] __nla_validate_parse: 5 callbacks suppressed
[   83.200273][ T5985] netlink: 32 bytes leftover after parsing attributes in process `syz.2.867'.
[   83.408961][ T6004] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   83.530591][ T6010] FAULT_INJECTION: forcing a failure.
[   83.530591][ T6010] name failslab, interval 1, probability 0, space 0, times 0
[   83.543299][ T6010] CPU: 0 UID: 0 PID: 6010 Comm: syz.0.879 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   83.543347][ T6010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   83.543358][ T6010] Call Trace:
[   83.543363][ T6010]  <TASK>
[   83.543370][ T6010]  __dump_stack+0x1d/0x30
[   83.543390][ T6010]  dump_stack_lvl+0xe8/0x140
[   83.543411][ T6010]  dump_stack+0x15/0x1b
[   83.543428][ T6010]  should_fail_ex+0x265/0x280
[   83.543453][ T6010]  should_failslab+0x8c/0xb0
[   83.543472][ T6010]  kmem_cache_alloc_node_noprof+0x57/0x320
[   83.543556][ T6010]  ? __alloc_skb+0x101/0x320
[   83.543639][ T6010]  __alloc_skb+0x101/0x320
[   83.543662][ T6010]  ? audit_log_start+0x365/0x6c0
[   83.543690][ T6010]  audit_log_start+0x380/0x6c0
[   83.543720][ T6010]  audit_seccomp+0x48/0x100
[   83.543820][ T6010]  ? __seccomp_filter+0x68c/0x10d0
[   83.543838][ T6010]  __seccomp_filter+0x69d/0x10d0
[   83.543857][ T6010]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   83.543910][ T6010]  ? vfs_write+0x75e/0x8e0
[   83.543933][ T6010]  ? __rcu_read_unlock+0x4f/0x70
[   83.543954][ T6010]  ? __fget_files+0x184/0x1c0
[   83.543972][ T6010]  __secure_computing+0x82/0x150
[   83.543993][ T6010]  syscall_trace_enter+0xcf/0x1e0
[   83.544038][ T6010]  do_syscall_64+0xac/0x200
[   83.544056][ T6010]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   83.544079][ T6010]  ? clear_bhb_loop+0x40/0x90
[   83.544106][ T6010]  ? clear_bhb_loop+0x40/0x90
[   83.544178][ T6010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.544210][ T6010] RIP: 0033:0x7f26a663e9a9
[   83.544260][ T6010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.544275][ T6010] RSP: 002b:00007f26a4c9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[   83.544310][ T6010] RAX: ffffffffffffffda RBX: 00007f26a6865fa0 RCX: 00007f26a663e9a9
[   83.544321][ T6010] RDX: 0000000000000054 RSI: 0000000000000000 RDI: ffffffffffffffff
[   83.544364][ T6010] RBP: 00007f26a4c9f090 R08: 0000000000000000 R09: 0000000000000000
[   83.544374][ T6010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.544384][ T6010] R13: 0000000000000000 R14: 00007f26a6865fa0 R15: 00007ffea844d048
[   83.544403][ T6010]  </TASK>
[   83.902916][ T6017] netlink: 32 bytes leftover after parsing attributes in process `syz.4.881'.
[   84.092462][ T6006] netlink: 'syz.2.877': attribute type 13 has an invalid length.
[   84.100311][ T6006] netlink: 152 bytes leftover after parsing attributes in process `syz.2.877'.
[   84.137729][ T6006] erspan0: refused to change device tx_queue_len
[   84.148480][ T6006] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   84.212954][ T6030] loop0: detected capacity change from 0 to 8192
[   84.398317][ T6041] netlink: 8 bytes leftover after parsing attributes in process `syz.4.891'.
[   84.475559][ T6048] netlink: 32 bytes leftover after parsing attributes in process `syz.2.895'.
[   84.497572][ T6052] loop3: detected capacity change from 0 to 1024
[   84.507745][   T29] kauditd_printk_skb: 347 callbacks suppressed
[   84.507758][   T29] audit: type=1326 audit(1753273703.484:5306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6036 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   84.577737][   T29] audit: type=1326 audit(1753273703.514:5307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6034 comm="syz.5.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ce32e9a9 code=0x7ffc0000
[   84.579704][ T6052] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.601080][   T29] audit: type=1326 audit(1753273703.514:5308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6034 comm="syz.5.890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ce32e9a9 code=0x7ffc0000
[   84.601117][   T29] audit: type=1326 audit(1753273703.534:5309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6036 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   84.601139][   T29] audit: type=1326 audit(1753273703.534:5310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6036 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   84.601159][   T29] audit: type=1326 audit(1753273703.534:5311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6036 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   84.659807][ T6052] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.717029][   T29] audit: type=1326 audit(1753273703.534:5312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6036 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   84.740550][   T29] audit: type=1326 audit(1753273703.534:5313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6036 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   84.764027][   T29] audit: type=1326 audit(1753273703.534:5314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6036 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   84.830595][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.838245][   T29] audit: type=1326 audit(1753273703.724:5315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6036 comm="syz.4.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   85.350288][ T6083] loop3: detected capacity change from 0 to 1024
[   85.444976][ T6083] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.458117][ T6083] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.530774][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.596965][ T6097] loop3: detected capacity change from 0 to 512
[   85.603788][ T6097] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   85.629821][ T6097] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.911: invalid block
[   85.642239][ T6097] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.911: invalid indirect mapped block 4294967295 (level 1)
[   85.657813][ T6097] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.911: invalid indirect mapped block 4294967295 (level 1)
[   85.677280][ T6097] EXT4-fs (loop3): 2 truncates cleaned up
[   85.683641][ T6097] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.841527][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.875330][ T6102] loop5: detected capacity change from 0 to 1024
[   85.986175][ T6102] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.007794][ T6102] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.082313][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.251522][ T6120] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   86.512567][ T6115] netlink: 'syz.3.917': attribute type 13 has an invalid length.
[   86.520564][ T6115] netlink: 152 bytes leftover after parsing attributes in process `syz.3.917'.
[   86.556246][ T6115] erspan0: refused to change device tx_queue_len
[   86.579334][ T6115] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   86.721266][ T6150] netlink: 'syz.2.929': attribute type 1 has an invalid length.
[   86.729001][ T6150] netlink: 224 bytes leftover after parsing attributes in process `syz.2.929'.
[   87.051489][ T6166] netlink: 'syz.2.937': attribute type 1 has an invalid length.
[   87.059272][ T6166] netlink: 224 bytes leftover after parsing attributes in process `syz.2.937'.
[   87.213112][ T6171] loop4: detected capacity change from 0 to 8192
[   87.675633][ T6187] netlink: 132 bytes leftover after parsing attributes in process `syz.3.946'.
[   87.730845][ T6189] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   87.903766][ T6202] loop3: detected capacity change from 0 to 1024
[   87.929210][ T6202] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.948928][ T6207] netlink: 'syz.5.950': attribute type 1 has an invalid length.
[   87.956666][ T6207] netlink: 224 bytes leftover after parsing attributes in process `syz.5.950'.
[   88.057766][ T6202] ext4 filesystem being mounted at /194/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.102333][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.140790][ T6215] loop4: detected capacity change from 0 to 512
[   88.148947][ T6215] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.177846][ T6215] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.955: invalid block
[   88.197983][ T6215] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.955: invalid indirect mapped block 4294967295 (level 1)
[   88.221888][ T6215] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.955: invalid indirect mapped block 4294967295 (level 1)
[   88.245740][ T6215] EXT4-fs (loop4): 2 truncates cleaned up
[   88.293398][ T6215] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.377859][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.760135][ T6239] loop3: detected capacity change from 0 to 1024
[   88.778631][ T6239] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.798431][ T6239] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.835896][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.895573][ T6249] loop3: detected capacity change from 0 to 1024
[   88.919031][ T6249] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.942574][ T6249] ext4 filesystem being mounted at /199/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.004166][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.033379][ T6267] netlink: 'syz.4.969': attribute type 1 has an invalid length.
[   89.041064][ T6267] netlink: 224 bytes leftover after parsing attributes in process `syz.4.969'.
[   89.150088][ T6273] loop5: detected capacity change from 0 to 1024
[   89.177300][ T6273] EXT4-fs: Ignoring removed nobh option
[   89.185370][ T6273] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   89.196323][ T6273] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   89.208058][ T6273] JBD2: no valid journal superblock found
[   89.213792][ T6273] EXT4-fs (loop5): Could not load journal inode
[   89.387567][ T6290] netlink: 8 bytes leftover after parsing attributes in process `syz.3.979'.
[   89.538504][   T29] kauditd_printk_skb: 509 callbacks suppressed
[   89.538516][   T29] audit: type=1326 audit(1753273708.514:5825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6289 comm="syz.4.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   89.573996][   T29] audit: type=1326 audit(1753273708.544:5826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6289 comm="syz.4.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   89.597380][   T29] audit: type=1326 audit(1753273708.544:5827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6289 comm="syz.4.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   89.620763][   T29] audit: type=1326 audit(1753273708.544:5828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6289 comm="syz.4.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57393ae9a9 code=0x7ffc0000
[   89.725100][ T6307] FAULT_INJECTION: forcing a failure.
[   89.725100][ T6307] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.738304][ T6307] CPU: 1 UID: 0 PID: 6307 Comm: syz.5.988 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   89.738330][ T6307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   89.738342][ T6307] Call Trace:
[   89.738349][ T6307]  <TASK>
[   89.738398][ T6307]  __dump_stack+0x1d/0x30
[   89.738415][ T6307]  dump_stack_lvl+0xe8/0x140
[   89.738433][ T6307]  dump_stack+0x15/0x1b
[   89.738454][ T6307]  should_fail_ex+0x265/0x280
[   89.738478][ T6307]  should_fail+0xb/0x20
[   89.738542][ T6307]  should_fail_usercopy+0x1a/0x20
[   89.738570][ T6307]  _copy_from_user+0x1c/0xb0
[   89.738586][ T6307]  ___sys_sendmsg+0xc1/0x1d0
[   89.738632][ T6307]  __x64_sys_sendmsg+0xd4/0x160
[   89.738667][ T6307]  x64_sys_call+0x2999/0x2fb0
[   89.738687][ T6307]  do_syscall_64+0xd2/0x200
[   89.738705][ T6307]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   89.738746][ T6307]  ? clear_bhb_loop+0x40/0x90
[   89.738783][ T6307]  ? clear_bhb_loop+0x40/0x90
[   89.738849][ T6307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.738865][ T6307] RIP: 0033:0x7fb3ce32e9a9
[   89.738877][ T6307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.738921][ T6307] RSP: 002b:00007fb3cc98f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   89.738941][ T6307] RAX: ffffffffffffffda RBX: 00007fb3ce555fa0 RCX: 00007fb3ce32e9a9
[   89.738952][ T6307] RDX: 0000000000000800 RSI: 0000200000000080 RDI: 0000000000000006
[   89.738963][ T6307] RBP: 00007fb3cc98f090 R08: 0000000000000000 R09: 0000000000000000
[   89.738973][ T6307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.739015][ T6307] R13: 0000000000000000 R14: 00007fb3ce555fa0 R15: 00007fff73b1a488
[   89.739033][ T6307]  </TASK>
[   89.758905][ T6310] netlink: 20 bytes leftover after parsing attributes in process `syz.2.989'.
[   89.902943][   T29] audit: type=1326 audit(1753273708.834:5829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6311 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ce32e9a9 code=0x7ffc0000
[   89.954111][   T29] audit: type=1326 audit(1753273708.834:5830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6311 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ce32e9a9 code=0x7ffc0000
[   89.977006][   T29] audit: type=1326 audit(1753273708.834:5831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6311 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb3ce32e9a9 code=0x7ffc0000
[   89.999866][   T29] audit: type=1326 audit(1753273708.834:5832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6311 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ce32e9a9 code=0x7ffc0000
[   90.022894][   T29] audit: type=1326 audit(1753273708.834:5833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6311 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3ce32e9a9 code=0x7ffc0000
[   90.045733][   T29] audit: type=1326 audit(1753273708.834:5834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6311 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb3ce32e9a9 code=0x7ffc0000
[   91.395060][ T6351] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1003'.
[   91.680594][ T6355] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1005'.
[   91.749526][ T6357] loop5: detected capacity change from 0 to 8192
[   91.885931][ T6368] loop3: detected capacity change from 0 to 2048
[   92.104901][ T6378] loop4: detected capacity change from 0 to 512
[   92.134057][ T6378] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   92.161121][ T6378] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   92.243013][ T6378] tipc: Enabling of bearer <Ib:c> rejected, media not registered
[   92.588399][ T6393] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1017'.
[   92.705324][ T3307] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   92.721086][ T3307] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   92.913953][ T6405] netlink: 'syz.3.1023': attribute type 3 has an invalid length.
[   92.973740][ T6411] loop0: detected capacity change from 0 to 512
[   92.976562][ T6414] batman_adv: batadv0: Adding interface: dummy0
[   92.986425][ T6414] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.989089][ T6411] EXT4-fs (loop0): orphan cleanup on readonly fs
[   93.012096][ T6414] batman_adv: batadv0: Interface activated: dummy0
[   93.019932][ T6411] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1025: bg 0: block 248: padding at end of block bitmap is not set
[   93.037306][ T6414] macvtap1: mtu less than device minimum
[   93.044914][ T6411] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1025: Failed to acquire dquot type 1
[   93.046863][ T6414] batadv0: mtu less than device minimum
[   93.056772][ T6411] EXT4-fs (loop0): 1 truncate cleaned up
[   93.062027][ T6414] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   93.077889][ T6414] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   93.088552][ T6414] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   93.099215][ T6414] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   93.109828][ T6414] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   93.120477][ T6414] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   93.131034][ T6414] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   93.141988][ T6414] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   93.234798][ T6411] syz.0.1025 (6411) used greatest stack depth: 9496 bytes left
[   93.479603][ T6430] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1028'.
[   93.518835][ T6429] netlink: 'syz.4.1031': attribute type 13 has an invalid length.
[   93.526735][ T6429] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1031'.
[   93.536277][ T6429] erspan0: refused to change device tx_queue_len
[   93.620050][ T6442] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   93.689229][ T6449] loop0: detected capacity change from 0 to 512
[   93.696694][ T6449] EXT4-fs (loop0): orphan cleanup on readonly fs
[   93.703722][ T6449] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1039: bg 0: block 248: padding at end of block bitmap is not set
[   93.718379][ T6449] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1039: Failed to acquire dquot type 1
[   93.730406][ T6449] EXT4-fs (loop0): 1 truncate cleaned up
[   93.745275][ T6449] syz.0.1039 (6449) used greatest stack depth: 9304 bytes left
[   93.756101][ T6455] loop4: detected capacity change from 0 to 512
[   93.763823][ T6455] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   93.775927][ T6455] EXT4-fs (loop4): 1 truncate cleaned up
[   93.792030][ T6455] EXT4-fs error (device loop4): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.4.1034: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[   93.813247][ T6455] EXT4-fs (loop4): Remounting filesystem read-only
[   93.819900][ T6455] EXT4-fs warning (device loop4): ext4_rename_delete:3726: inode #2: comm syz.4.1034: Deleting old file: nlink 5, error=-117
[   94.105176][ T6468] loop3: detected capacity change from 0 to 512
[   94.113330][ T6468] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[   94.218051][ T6469] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1043'.
[   94.229553][    C0] vcan0: j1939_xtp_rx_dat: no tx connection found
[   94.235992][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   94.243838][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[   94.251695][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[   94.282766][ T6471] loop3: detected capacity change from 0 to 1024
[   94.309342][ T6471] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.668487][ T6498] FAULT_INJECTION: forcing a failure.
[   94.668487][ T6498] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.681561][ T6498] CPU: 0 UID: 0 PID: 6498 Comm: syz.3.1056 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   94.681641][ T6498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.681653][ T6498] Call Trace:
[   94.681659][ T6498]  <TASK>
[   94.681673][ T6498]  __dump_stack+0x1d/0x30
[   94.681691][ T6498]  dump_stack_lvl+0xe8/0x140
[   94.681707][ T6498]  dump_stack+0x15/0x1b
[   94.681785][ T6498]  should_fail_ex+0x265/0x280
[   94.681812][ T6498]  should_fail+0xb/0x20
[   94.681841][ T6498]  should_fail_usercopy+0x1a/0x20
[   94.681891][ T6498]  _copy_from_iter+0xcf/0xe40
[   94.681981][ T6498]  ? __build_skb_around+0x1a0/0x200
[   94.682007][ T6498]  ? __alloc_skb+0x223/0x320
[   94.682035][ T6498]  netlink_sendmsg+0x471/0x6b0
[   94.682124][ T6498]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.682191][ T6498]  __sock_sendmsg+0x145/0x180
[   94.682219][ T6498]  ____sys_sendmsg+0x31e/0x4e0
[   94.682252][ T6498]  ___sys_sendmsg+0x17b/0x1d0
[   94.682291][ T6498]  __x64_sys_sendmsg+0xd4/0x160
[   94.682329][ T6498]  x64_sys_call+0x2999/0x2fb0
[   94.682350][ T6498]  do_syscall_64+0xd2/0x200
[   94.682414][ T6498]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.682435][ T6498]  ? clear_bhb_loop+0x40/0x90
[   94.682454][ T6498]  ? clear_bhb_loop+0x40/0x90
[   94.682474][ T6498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.682494][ T6498] RIP: 0033:0x7f5f1bc8e9a9
[   94.682512][ T6498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.682538][ T6498] RSP: 002b:00007f5f1a2ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.682558][ T6498] RAX: ffffffffffffffda RBX: 00007f5f1beb5fa0 RCX: 00007f5f1bc8e9a9
[   94.682571][ T6498] RDX: 0000000024040084 RSI: 0000200000006040 RDI: 0000000000000003
[   94.682584][ T6498] RBP: 00007f5f1a2ef090 R08: 0000000000000000 R09: 0000000000000000
[   94.682597][ T6498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.682690][ T6498] R13: 0000000000000000 R14: 00007f5f1beb5fa0 R15: 00007ffd8efb7cb8
[   94.682708][ T6498]  </TASK>
[   94.925178][   T29] kauditd_printk_skb: 457 callbacks suppressed
[   94.925193][   T29] audit: type=1326 audit(1753273713.894:6288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6499 comm="syz.2.1057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   94.954962][   T29] audit: type=1326 audit(1753273713.894:6289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6499 comm="syz.2.1057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   94.978473][   T29] audit: type=1326 audit(1753273713.894:6290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6499 comm="syz.2.1057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   94.991296][ T6508] loop3: detected capacity change from 0 to 1024
[   95.001849][   T29] audit: type=1326 audit(1753273713.894:6291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6499 comm="syz.2.1057" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   95.062110][ T6503] blktrace: Concurrent blktraces are not allowed on loop9
[   95.072842][ T6508] ext4 filesystem being mounted at /215/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.077711][   T29] audit: type=1326 audit(1753273714.024:6292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6505 comm="syz.0.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   95.106650][   T29] audit: type=1326 audit(1753273714.024:6293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6505 comm="syz.0.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   95.130045][   T29] audit: type=1326 audit(1753273714.024:6294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6505 comm="syz.0.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   95.153507][   T29] audit: type=1326 audit(1753273714.024:6295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6505 comm="syz.0.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   95.176893][   T29] audit: type=1326 audit(1753273714.024:6296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6505 comm="syz.0.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   95.200393][   T29] audit: type=1326 audit(1753273714.024:6297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6505 comm="syz.0.1060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26a663e9a9 code=0x7ffc0000
[   95.263600][ T6507] netlink: 'syz.2.1057': attribute type 13 has an invalid length.
[   95.271499][ T6507] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1057'.
[   95.283781][ T6507] erspan0: refused to change device tx_queue_len
[   95.340399][ T6521] loop0: detected capacity change from 0 to 1024
[   95.359273][ T6522] netlink: 'syz.3.1061': attribute type 1 has an invalid length.
[   95.367015][ T6522] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1061'.
[   95.377488][ T6521] EXT4-fs mount: 14 callbacks suppressed
[   95.377500][ T6521] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.398742][ T6521] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.432797][ T4182] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.445866][ T6528] loop3: detected capacity change from 0 to 512
[   95.455170][ T6528] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   95.465131][ T6530] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1066'.
[   95.465577][ T6528] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.1067: invalid block
[   95.486325][ T6528] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1067: invalid indirect mapped block 4294967295 (level 1)
[   95.502107][ T6528] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1067: invalid indirect mapped block 4294967295 (level 1)
[   95.518984][ T6530] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1066'.
[   95.537680][ T6530] hsr_slave_0 (unregistering): left promiscuous mode
[   95.557951][ T6528] EXT4-fs (loop3): 2 truncates cleaned up
[   95.564050][ T6528] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.579048][ T6533] loop4: detected capacity change from 0 to 8192
[   95.614131][ T6528] ALSA: seq fatal error: cannot create timer (-19)
[   95.631954][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.039884][ T6553] blktrace: Concurrent blktraces are not allowed on loop5
[   96.074350][ T6555] loop5: detected capacity change from 0 to 1024
[   96.081384][ T6555] /dev/loop5: Can't open blockdev
[   96.186579][ T6560] loop3: detected capacity change from 0 to 512
[   96.199130][ T6557] loop5: detected capacity change from 0 to 512
[   96.206424][ T6560] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   96.214989][ T6557] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   96.225847][ T6560] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.1079: invalid block
[   96.243033][ T6557] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.256079][ T6560] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1079: invalid indirect mapped block 4294967295 (level 1)
[   96.278694][ T6557] ext4 filesystem being mounted at /33/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   96.298496][ T6560] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1079: invalid indirect mapped block 4294967295 (level 1)
[   96.360523][ T6560] EXT4-fs (loop3): 2 truncates cleaned up
[   96.366856][ T6560] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.389578][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.414439][ T6560] ALSA: seq fatal error: cannot create timer (-19)
[   96.447343][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.468511][ T6576] loop5: detected capacity change from 0 to 2048
[   96.489124][ T6578] FAULT_INJECTION: forcing a failure.
[   96.489124][ T6578] name failslab, interval 1, probability 0, space 0, times 0
[   96.501822][ T6578] CPU: 1 UID: 0 PID: 6578 Comm: syz.3.1085 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[   96.501918][ T6578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   96.501964][ T6578] Call Trace:
[   96.502028][ T6578]  <TASK>
[   96.502034][ T6578]  __dump_stack+0x1d/0x30
[   96.502052][ T6578]  dump_stack_lvl+0xe8/0x140
[   96.502070][ T6578]  dump_stack+0x15/0x1b
[   96.502134][ T6578]  should_fail_ex+0x265/0x280
[   96.502162][ T6578]  should_failslab+0x8c/0xb0
[   96.502179][ T6578]  kmem_cache_alloc_node_noprof+0x57/0x320
[   96.502201][ T6578]  ? __alloc_skb+0x101/0x320
[   96.502308][ T6578]  __alloc_skb+0x101/0x320
[   96.502383][ T6578]  netlink_alloc_large_skb+0xba/0xf0
[   96.502469][ T6578]  netlink_sendmsg+0x3cf/0x6b0
[   96.502489][ T6578]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.502506][ T6578]  __sock_sendmsg+0x145/0x180
[   96.502525][ T6578]  ____sys_sendmsg+0x31e/0x4e0
[   96.502569][ T6578]  ___sys_sendmsg+0x17b/0x1d0
[   96.502604][ T6578]  __x64_sys_sendmsg+0xd4/0x160
[   96.502632][ T6578]  x64_sys_call+0x2999/0x2fb0
[   96.502746][ T6578]  do_syscall_64+0xd2/0x200
[   96.502761][ T6578]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.502787][ T6578]  ? clear_bhb_loop+0x40/0x90
[   96.502809][ T6578]  ? clear_bhb_loop+0x40/0x90
[   96.502827][ T6578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.502844][ T6578] RIP: 0033:0x7f5f1bc8e9a9
[   96.502879][ T6578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.502925][ T6578] RSP: 002b:00007f5f1a2ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   96.502945][ T6578] RAX: ffffffffffffffda RBX: 00007f5f1beb5fa0 RCX: 00007f5f1bc8e9a9
[   96.502957][ T6578] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000008
[   96.502968][ T6578] RBP: 00007f5f1a2ef090 R08: 0000000000000000 R09: 0000000000000000
[   96.502979][ T6578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.502989][ T6578] R13: 0000000000000000 R14: 00007f5f1beb5fa0 R15: 00007ffd8efb7cb8
[   96.503076][ T6578]  </TASK>
[   96.739854][ T6576] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.850727][ T6581] loop4: detected capacity change from 0 to 512
[   96.862094][ T6581] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   96.873245][ T6581] EXT4-fs (loop4): 1 truncate cleaned up
[   96.880506][ T6581] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.934003][ T6602] netlink: 'syz.0.1091': attribute type 1 has an invalid length.
[   96.941827][ T6602] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1091'.
[   96.955064][ T6581] EXT4-fs error (device loop4): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.4.1083: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[   96.990711][ T6581] EXT4-fs (loop4): Remounting filesystem read-only
[   96.997252][ T6581] EXT4-fs warning (device loop4): ext4_rename_delete:3726: inode #2: comm syz.4.1083: Deleting old file: nlink 5, error=-117
[   97.068637][ T6604] loop0: detected capacity change from 0 to 8192
[   97.294588][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.296894][ T5823] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   97.318612][ T5823] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   97.333765][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.604754][ T6642] netlink: 'syz.4.1103': attribute type 1 has an invalid length.
[   97.612595][ T6642] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1103'.
[   97.716257][ T6646] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   98.213947][ T6661] loop0: detected capacity change from 0 to 8192
[   98.322391][ T6669] loop5: detected capacity change from 0 to 1024
[   98.369683][ T6669] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.384850][ T6669] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.426127][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.571268][ T6681] netlink: 'syz.5.1116': attribute type 1 has an invalid length.
[   98.579113][ T6681] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1116'.
[   98.833214][ T6690] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   98.840581][ T6690] IPv6: NLM_F_CREATE should be set when creating new route
[   98.847853][ T6690] IPv6: NLM_F_CREATE should be set when creating new route
[   98.968926][ T6694] netlink: 'syz.4.1122': attribute type 13 has an invalid length.
[   98.976808][ T6694] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1122'.
[   98.985190][ T6699] netlink: 'syz.5.1124': attribute type 21 has an invalid length.
[   98.994111][ T6699] netlink: 'syz.5.1124': attribute type 1 has an invalid length.
[   99.001870][ T6699] netlink: 144 bytes leftover after parsing attributes in process `syz.5.1124'.
[   99.011457][ T6694] erspan0: refused to change device tx_queue_len
[   99.019221][ T6694] net_ratelimit: 13 callbacks suppressed
[   99.019267][ T6694] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   99.041223][ T6699] netlink: 'syz.5.1124': attribute type 21 has an invalid length.
[   99.055879][ T6699] netlink: 'syz.5.1124': attribute type 1 has an invalid length.
[   99.162317][ T6713] loop3: detected capacity change from 0 to 2048
[   99.180782][ T6713] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.459075][ T6733] netlink: 'syz.0.1136': attribute type 13 has an invalid length.
[   99.467101][ T6733] __nla_validate_parse: 1 callbacks suppressed
[   99.467112][ T6733] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1136'.
[   99.483093][ T6733] erspan0: refused to change device tx_queue_len
[   99.490121][ T6733] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   99.642779][ T6751] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.681926][ T6751] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.730373][ T6751] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.800125][ T6751] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.853213][ T6751] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.863886][ T6751] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.874520][ T6751] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.884926][ T6751] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.965044][   T29] kauditd_printk_skb: 423 callbacks suppressed
[   99.965059][   T29] audit: type=1326 audit(1753273718.934:6721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   99.967506][ T6762] netlink: 'syz.2.1149': attribute type 13 has an invalid length.
[   99.971324][   T29] audit: type=1326 audit(1753273718.934:6722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   99.971418][   T29] audit: type=1326 audit(1753273718.934:6723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   99.971442][   T29] audit: type=1326 audit(1753273718.934:6724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa7256dd310 code=0x7ffc0000
[   99.971466][   T29] audit: type=1326 audit(1753273718.934:6725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   99.971494][   T29] audit: type=1326 audit(1753273718.934:6726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   99.971517][   T29] audit: type=1326 audit(1753273718.934:6727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   99.971552][   T29] audit: type=1326 audit(1753273718.934:6728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   99.971576][   T29] audit: type=1326 audit(1753273718.934:6729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[   99.971607][   T29] audit: type=1326 audit(1753273718.934:6730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6761 comm="syz.2.1149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  100.215922][ T6762] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1149'.
[  100.225574][ T6762] erspan0: refused to change device tx_queue_len
[  100.232766][ T6762] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  100.259757][ T3307] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  100.275858][ T3307] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  100.293261][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.317769][ T6776] loop3: detected capacity change from 0 to 512
[  100.326203][ T6776] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  100.341335][ T6779] futex_wake_op: syz.2.1156 tries to shift op by -1; fix this program
[  100.350717][ T6776] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.1153: invalid block
[  100.362770][ T6775] loop5: detected capacity change from 0 to 8192
[  100.364798][ T6776] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1153: invalid indirect mapped block 4294967295 (level 1)
[  100.384743][ T6776] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1153: invalid indirect mapped block 4294967295 (level 1)
[  100.404373][ T6776] EXT4-fs (loop3): 2 truncates cleaned up
[  100.410165][ T6779] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1156'.
[  100.419512][ T6776] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.460161][ T6776] ALSA: seq fatal error: cannot create timer (-19)
[  100.485061][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.729281][ T6798] netlink: 'syz.0.1164': attribute type 13 has an invalid length.
[  100.737225][ T6798] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1164'.
[  100.756914][ T6802] FAULT_INJECTION: forcing a failure.
[  100.756914][ T6802] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.770148][ T6802] CPU: 0 UID: 0 PID: 6802 Comm: syz.3.1165 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  100.770235][ T6802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.770245][ T6802] Call Trace:
[  100.770250][ T6802]  <TASK>
[  100.770256][ T6802]  __dump_stack+0x1d/0x30
[  100.770273][ T6802]  dump_stack_lvl+0xe8/0x140
[  100.770294][ T6802]  dump_stack+0x15/0x1b
[  100.770310][ T6802]  should_fail_ex+0x265/0x280
[  100.770340][ T6802]  should_fail+0xb/0x20
[  100.770408][ T6802]  should_fail_usercopy+0x1a/0x20
[  100.770432][ T6802]  _copy_from_user+0x1c/0xb0
[  100.770448][ T6802]  __copy_msghdr+0x244/0x300
[  100.770531][ T6802]  ___sys_sendmsg+0x109/0x1d0
[  100.770598][ T6802]  __x64_sys_sendmsg+0xd4/0x160
[  100.770629][ T6802]  x64_sys_call+0x2999/0x2fb0
[  100.770664][ T6802]  do_syscall_64+0xd2/0x200
[  100.770682][ T6802]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.770708][ T6802]  ? clear_bhb_loop+0x40/0x90
[  100.770764][ T6802]  ? clear_bhb_loop+0x40/0x90
[  100.770781][ T6802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.770798][ T6802] RIP: 0033:0x7f5f1bc8e9a9
[  100.770836][ T6802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.770868][ T6802] RSP: 002b:00007f5f1a2ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.770885][ T6802] RAX: ffffffffffffffda RBX: 00007f5f1beb5fa0 RCX: 00007f5f1bc8e9a9
[  100.770918][ T6802] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000004
[  100.770930][ T6802] RBP: 00007f5f1a2ef090 R08: 0000000000000000 R09: 0000000000000000
[  100.770942][ T6802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.770955][ T6802] R13: 0000000000000000 R14: 00007f5f1beb5fa0 R15: 00007ffd8efb7cb8
[  100.770972][ T6802]  </TASK>
[  100.775181][ T6798] erspan0: refused to change device tx_queue_len
[  100.968623][ T6798] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  100.994091][ T6805] blktrace: Concurrent blktraces are not allowed on loop7
[  101.132467][ T6815] loop4: detected capacity change from 0 to 512
[  101.149946][ T6815] EXT4-fs (loop4): orphan cleanup on readonly fs
[  101.159524][ T6815] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1170: bg 0: block 248: padding at end of block bitmap is not set
[  101.177121][ T6815] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1170: Failed to acquire dquot type 1
[  101.191783][ T6815] EXT4-fs (loop4): 1 truncate cleaned up
[  101.198041][ T6815] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  101.224594][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.530268][ T6835] netlink: 'syz.2.1178': attribute type 13 has an invalid length.
[  101.538143][ T6835] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1178'.
[  101.549139][ T6835] erspan0: refused to change device tx_queue_len
[  101.555976][ T6835] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  101.886006][ T6852] loop2: detected capacity change from 0 to 8192
[  102.068029][ T6865] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1189'.
[  102.091844][ T6865] erspan0: refused to change device tx_queue_len
[  102.099063][ T6865] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  102.137152][ T6868] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1190'.
[  102.154323][ T6869] sch_tbf: burst 88 is lower than device veth3 mtu (1514) !
[  102.187305][ T6875] batman_adv: batadv0: Adding interface: dummy0
[  102.193606][ T6875] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.220340][ T6875] batman_adv: batadv0: Interface activated: dummy0
[  102.230734][ T6875] batadv0: mtu less than device minimum
[  102.236702][ T6875] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  102.247283][ T6875] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  102.257976][ T6875] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  102.300583][ T6878] loop3: detected capacity change from 0 to 8192
[  102.336715][ T6880] loop0: detected capacity change from 0 to 1024
[  102.348966][ T6884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1195'.
[  102.349513][ T6880] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.371631][ T6880] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.707285][ T6903] loop5: detected capacity change from 0 to 512
[  102.709854][ T6901] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1202'.
[  102.735084][ T6903] EXT4-fs (loop5): orphan cleanup on readonly fs
[  102.754092][ T6901] erspan0: refused to change device tx_queue_len
[  102.762269][ T6903] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1203: bg 0: block 248: padding at end of block bitmap is not set
[  102.786308][ T6903] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1203: Failed to acquire dquot type 1
[  102.814581][ T6903] EXT4-fs (loop5): 1 truncate cleaned up
[  102.823644][ T6910] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  102.841216][ T6903] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.923596][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.952909][ T6917] loop5: detected capacity change from 0 to 2048
[  102.998618][ T6917]  loop5: p4 < >
[  103.244408][ T6936] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1216'.
[  103.280467][ T6941] loop5: detected capacity change from 0 to 512
[  103.288668][ T6936] erspan0: refused to change device tx_queue_len
[  103.296224][ T6943] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  103.314210][ T6941] EXT4-fs (loop5): orphan cleanup on readonly fs
[  103.346894][ T6941] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1219: bg 0: block 248: padding at end of block bitmap is not set
[  103.370247][ T6941] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1219: Failed to acquire dquot type 1
[  103.388043][ T6941] EXT4-fs (loop5): 1 truncate cleaned up
[  103.400407][ T6941] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  103.435869][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.700498][ T6985] loop4: detected capacity change from 0 to 8192
[  103.708514][ T6983] validate_nla: 3 callbacks suppressed
[  103.708526][ T6983] netlink: 'syz.5.1234': attribute type 13 has an invalid length.
[  103.723299][ T6983] erspan0: refused to change device tx_queue_len
[  103.794763][ T6992] loop5: detected capacity change from 0 to 2048
[  103.850946][ T6992] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.181216][ T7008] FAULT_INJECTION: forcing a failure.
[  104.181216][ T7008] name failslab, interval 1, probability 0, space 0, times 0
[  104.193914][ T7008] CPU: 1 UID: 0 PID: 7008 Comm: syz.0.1243 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  104.194008][ T7008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.194018][ T7008] Call Trace:
[  104.194024][ T7008]  <TASK>
[  104.194030][ T7008]  __dump_stack+0x1d/0x30
[  104.194047][ T7008]  dump_stack_lvl+0xe8/0x140
[  104.194066][ T7008]  dump_stack+0x15/0x1b
[  104.194083][ T7008]  should_fail_ex+0x265/0x280
[  104.194172][ T7008]  should_failslab+0x8c/0xb0
[  104.194192][ T7008]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  104.194220][ T7008]  ? kstrdup_const+0x3e/0x50
[  104.194310][ T7008]  kstrdup+0x3e/0xd0
[  104.194331][ T7008]  kstrdup_const+0x3e/0x50
[  104.194348][ T7008]  alloc_vfsmnt+0xe7/0x360
[  104.194372][ T7008]  clone_mnt+0x41/0x750
[  104.194439][ T7008]  __do_loopback+0x20d/0x2c0
[  104.194462][ T7008]  do_loopback+0x1e1/0x2e0
[  104.194486][ T7008]  path_mount+0x3dc/0xb20
[  104.194512][ T7008]  ? user_path_at+0x109/0x130
[  104.194550][ T7008]  __se_sys_mount+0x28f/0x2e0
[  104.194576][ T7008]  ? fput+0x8f/0xc0
[  104.194650][ T7008]  __x64_sys_mount+0x67/0x80
[  104.194763][ T7008]  x64_sys_call+0xd36/0x2fb0
[  104.194785][ T7008]  do_syscall_64+0xd2/0x200
[  104.194804][ T7008]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.194826][ T7008]  ? clear_bhb_loop+0x40/0x90
[  104.194843][ T7008]  ? clear_bhb_loop+0x40/0x90
[  104.194884][ T7008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.194903][ T7008] RIP: 0033:0x7f26a663e9a9
[  104.194916][ T7008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.194932][ T7008] RSP: 002b:00007f26a4c9f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  104.194950][ T7008] RAX: ffffffffffffffda RBX: 00007f26a6865fa0 RCX: 00007f26a663e9a9
[  104.195040][ T7008] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000200000000380
[  104.195053][ T7008] RBP: 00007f26a4c9f090 R08: 0000000000000000 R09: 0000000000000000
[  104.195132][ T7008] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001
[  104.195144][ T7008] R13: 0000000000000000 R14: 00007f26a6865fa0 R15: 00007ffea844d048
[  104.195162][ T7008]  </TASK>
[  104.444307][ T7012] loop0: detected capacity change from 0 to 512
[  104.452143][ T7012] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  104.467264][ T7012] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.1245: invalid block
[  104.487854][ T7012] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1245: invalid indirect mapped block 4294967295 (level 1)
[  104.512280][ T7012] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1245: invalid indirect mapped block 4294967295 (level 1)
[  104.546862][ T7012] EXT4-fs (loop0): 2 truncates cleaned up
[  104.553249][ T7012] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.620199][ T5823] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  104.648355][ T7012] ALSA: seq fatal error: cannot create timer (-19)
[  104.666737][ T4182] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.687908][ T5823] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  104.696269][ T7023] xt_CT: You must specify a L4 protocol and not use inversions on it
[  104.717287][ T7023] loop4: detected capacity change from 0 to 164
[  104.735478][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.746001][ T7023] iso9660: Corrupted directory entry in block 2 of inode 1792
[  104.968619][ T7044] loop4: detected capacity change from 0 to 512
[  104.988152][ T7044] EXT4-fs (loop4): orphan cleanup on readonly fs
[  104.995049][ T7050] loop3: detected capacity change from 0 to 2048
[  105.008937][ T7044] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1258: bg 0: block 248: padding at end of block bitmap is not set
[  105.023573][ T7044] __quota_error: 495 callbacks suppressed
[  105.023586][ T7044] Quota error (device loop4): write_blk: dquota write failed
[  105.026728][ T7050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.029316][ T7044] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  105.058580][ T7044] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1258: Failed to acquire dquot type 1
[  105.072890][ T7048] loop2: detected capacity change from 0 to 8192
[  105.081304][ T7044] EXT4-fs (loop4): 1 truncate cleaned up
[  105.094766][ T7044] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  105.202652][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.250391][ T7058] blktrace: Concurrent blktraces are not allowed on loop9
[  105.687452][ T7065] net_ratelimit: 20 callbacks suppressed
[  105.687466][ T7065] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  105.839486][ T3307] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  105.874304][ T3307] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  105.879642][ T7070] loop4: detected capacity change from 0 to 512
[  105.890522][ T7075] FAULT_INJECTION: forcing a failure.
[  105.890522][ T7075] name failslab, interval 1, probability 0, space 0, times 0
[  105.903172][ T7075] CPU: 0 UID: 0 PID: 7075 Comm: syz.0.1270 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  105.903196][ T7075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.903205][ T7075] Call Trace:
[  105.903211][ T7075]  <TASK>
[  105.903218][ T7075]  __dump_stack+0x1d/0x30
[  105.903239][ T7075]  dump_stack_lvl+0xe8/0x140
[  105.903257][ T7075]  dump_stack+0x15/0x1b
[  105.903271][ T7075]  should_fail_ex+0x265/0x280
[  105.903295][ T7075]  should_failslab+0x8c/0xb0
[  105.903311][ T7075]  kmem_cache_alloc_noprof+0x50/0x310
[  105.903331][ T7075]  ? __mpol_dup+0x42/0x1b0
[  105.903356][ T7075]  __mpol_dup+0x42/0x1b0
[  105.903379][ T7075]  mbind_range+0x1e8/0x440
[  105.903404][ T7075]  ? mas_find+0x4ea/0x610
[  105.903423][ T7075]  __se_sys_mbind+0x648/0xac0
[  105.903453][ T7075]  __x64_sys_mbind+0x78/0x90
[  105.903476][ T7075]  x64_sys_call+0x14af/0x2fb0
[  105.903494][ T7075]  do_syscall_64+0xd2/0x200
[  105.903507][ T7075]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.903526][ T7075]  ? clear_bhb_loop+0x40/0x90
[  105.903542][ T7075]  ? clear_bhb_loop+0x40/0x90
[  105.903557][ T7075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.903572][ T7075] RIP: 0033:0x7f26a663e9a9
[  105.903583][ T7075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.903601][ T7075] RSP: 002b:00007f26a4c9f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  105.903616][ T7075] RAX: ffffffffffffffda RBX: 00007f26a6865fa0 RCX: 00007f26a663e9a9
[  105.903626][ T7075] RDX: 0000000000000004 RSI: 0000000000800000 RDI: 0000200000001000
[  105.903635][ T7075] RBP: 00007f26a4c9f090 R08: 0000000000000000 R09: 0000000000000002
[  105.903644][ T7075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.903653][ T7075] R13: 0000000000000000 R14: 00007f26a6865fa0 R15: 00007ffea844d048
[  105.903667][ T7075]  </TASK>
[  105.905013][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.919659][ T7070] EXT4-fs (loop4): orphan cleanup on readonly fs
[  106.107462][ T7089] loop3: detected capacity change from 0 to 128
[  106.121538][ T7070] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1266: bg 0: block 248: padding at end of block bitmap is not set
[  106.146457][ T7070] Quota error (device loop4): write_blk: dquota write failed
[  106.149313][   T29] audit: type=1326 audit(1753273725.114:7220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7079 comm="syz.2.1272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  106.154005][ T7070] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  106.177824][   T29] audit: type=1326 audit(1753273725.114:7221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7079 comm="syz.2.1272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  106.187221][ T7070] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1266: Failed to acquire dquot type 1
[  106.237548][ T7089] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  106.245514][ T7089] FAT-fs (loop3): Filesystem has been set read-only
[  106.253419][ T7070] EXT4-fs (loop4): 1 truncate cleaned up
[  106.261631][ T7092] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  106.270378][ T7092] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  106.272611][   T29] audit: type=1326 audit(1753273725.204:7222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7079 comm="syz.2.1272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  106.279073][ T7092] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  106.279103][ T7092] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  106.280020][ T7089] syz.3.1269: attempt to access beyond end of device
[  106.280020][ T7089] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  106.303125][   T29] audit: type=1326 audit(1753273725.204:7223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7079 comm="syz.2.1272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  106.358325][   T29] audit: type=1326 audit(1753273725.204:7224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7079 comm="syz.2.1272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  106.359041][ T7089] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  106.381695][   T29] audit: type=1326 audit(1753273725.204:7225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7079 comm="syz.2.1272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  106.412994][ T7089] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  106.421460][ T7070] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  106.433034][ T7089] syz.3.1269: attempt to access beyond end of device
[  106.433034][ T7089] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  106.651949][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.672710][ T7111] __nla_validate_parse: 1 callbacks suppressed
[  106.672725][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1281'.
[  106.673384][ T7110] tipc: Started in network mode
[  106.692789][ T7110] tipc: Node identity 966fad47e979, cluster identity 4711
[  106.700726][ T7110] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  106.733189][ T7110] syzkaller0: entered promiscuous mode
[  106.738734][ T7110] syzkaller0: entered allmulticast mode
[  106.752337][ T7110] syzkaller0: mtu greater than device maximum
[  106.759964][ T7108] tipc: Resetting bearer <eth:syzkaller0>
[  106.786551][ T7108] tipc: Disabling bearer <eth:syzkaller0>
[  106.874032][ T7120] netlink: 'syz.0.1286': attribute type 1 has an invalid length.
[  106.882485][ T7120] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1286'.
[  106.992480][ T7124] binfmt_misc: register: failed to install interpreter file ./file2
[  107.248272][ T7139] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1292'.
[  107.307913][ T7141] blktrace: Concurrent blktraces are not allowed on loop9
[  107.331179][ T7143] loop3: detected capacity change from 0 to 512
[  107.350516][ T7143] EXT4-fs (loop3): orphan cleanup on readonly fs
[  107.366675][ T7148] batman_adv: batadv0: Adding interface: dummy0
[  107.373026][ T7148] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.404558][ T7143] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1295: bg 0: block 248: padding at end of block bitmap is not set
[  107.419098][ T7148] batman_adv: batadv0: Interface activated: dummy0
[  107.426379][ T7143] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1295: Failed to acquire dquot type 1
[  107.427425][ T7149] batadv0: mtu less than device minimum
[  107.439804][ T7143] EXT4-fs (loop3): 1 truncate cleaned up
[  107.443661][ T7149] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  107.449843][ T7143] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  107.459691][ T7149] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  107.482454][ T7149] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  107.493045][ T7149] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  107.503782][ T7149] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  107.514540][ T7149] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  107.525338][ T7149] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  107.563583][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.686963][ T7154] loop4: detected capacity change from 0 to 8192
[  108.071893][ T7165] loop5: detected capacity change from 0 to 8192
[  108.173054][ T7177] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1304'.
[  108.224646][ T7181] loop0: detected capacity change from 0 to 1024
[  108.253169][ T7181] ext4: Unknown parameter 'nouser_xattr'
[  108.373186][ T7188] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1310'.
[  108.382106][ T7188] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1310'.
[  108.427750][ T7188] netlink: 'syz.0.1310': attribute type 21 has an invalid length.
[  108.473840][ T7188] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1310'.
[  108.601454][ T7194] loop2: detected capacity change from 0 to 128
[  108.607962][ T7194] vfat: Unknown parameter ''
[  108.635194][ T7194] netlink: 'syz.2.1313': attribute type 4 has an invalid length.
[  108.840033][ T7209] netlink: 'syz.3.1314': attribute type 13 has an invalid length.
[  108.847914][ T7209] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1314'.
[  108.858601][ T7209] erspan0: refused to change device tx_queue_len
[  108.860880][ T7206] netlink: 'syz.0.1317': attribute type 1 has an invalid length.
[  108.872801][ T7206] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1317'.
[  108.935072][ T7215] blktrace: Concurrent blktraces are not allowed on loop1
[  109.219553][ T7233] netlink: 'syz.3.1329': attribute type 13 has an invalid length.
[  109.227484][ T7233] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1329'.
[  109.241274][ T7233] erspan0: refused to change device tx_queue_len
[  109.427476][ T7259] blktrace: Concurrent blktraces are not allowed on loop11
[  109.517159][ T7264] loop3: detected capacity change from 0 to 512
[  109.525623][ T7264] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  109.536563][ T7264] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.1343: invalid block
[  109.550117][ T7264] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1343: invalid indirect mapped block 4294967295 (level 1)
[  109.569987][ T7264] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1343: invalid indirect mapped block 4294967295 (level 1)
[  109.600011][ T7264] EXT4-fs (loop3): 2 truncates cleaned up
[  109.610318][ T7264] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.637780][ T7270] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4)
[  109.643352][ T7264] ALSA: seq fatal error: cannot create timer (-19)
[  109.644323][ T7270] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  109.658958][ T7270] vhci_hcd vhci_hcd.0: Device attached
[  109.681983][ T7271] vhci_hcd: connection closed
[  109.682139][ T4739] vhci_hcd: stop threads
[  109.682702][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.686808][ T4739] vhci_hcd: release socket
[  109.686816][ T4739] vhci_hcd: disconnect device
[  109.765170][ T7277] program syz.2.1348 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  109.774888][ T7277] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  110.053485][ T7294] netlink: 'syz.2.1354': attribute type 13 has an invalid length.
[  110.061757][ T7294] erspan0: refused to change device tx_queue_len
[  110.200273][ T7306] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  110.230842][ T7311] netlink: 'syz.5.1361': attribute type 1 has an invalid length.
[  110.243889][ T7311] 8021q: adding VLAN 0 to HW filter on device bond1
[  110.254548][ T7311] bond1 (unregistering): Released all slaves
[  110.300209][ T7311] atomic_op ffff88813281f928 conn xmit_atomic 0000000000000000
[  110.310613][ T7311] loop5: detected capacity change from 0 to 512
[  110.318479][ T7311] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843e028, mo2=0002]
[  110.326487][ T7311] System zones: 1-12
[  110.331776][ T7311] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.1361: invalid indirect mapped block 8 (level 2)
[  110.345362][ T7311] EXT4-fs (loop5): Remounting filesystem read-only
[  110.352641][ T7311] EXT4-fs (loop5): 1 truncate cleaned up
[  110.359267][ T7311] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.373230][ T7311] 9pnet_fd: Insufficient options for proto=fd
[  110.394003][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.644943][ T7331] loop4: detected capacity change from 0 to 2048
[  110.659704][ T7331] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.694263][ T3305] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  110.695826][ T7335] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  110.718498][ T3305] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  110.739854][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.778951][   T29] kauditd_printk_skb: 294 callbacks suppressed
[  110.778965][   T29] audit: type=1326 audit(1753273729.754:7518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  110.809929][ T7342] netlink: 'syz.3.1372': attribute type 1 has an invalid length.
[  110.816842][   T29] audit: type=1326 audit(1753273729.784:7519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  110.841172][   T29] audit: type=1326 audit(1753273729.784:7520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  110.864661][   T29] audit: type=1326 audit(1753273729.784:7521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  110.919269][ T7345] loop4: detected capacity change from 0 to 8192
[  110.926116][   T29] audit: type=1326 audit(1753273729.794:7522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  110.949675][   T29] audit: type=1326 audit(1753273729.864:7523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  110.973220][   T29] audit: type=1326 audit(1753273729.864:7524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7340 comm="syz.2.1373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  111.017689][   T29] audit: type=1326 audit(1753273729.984:7525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.3.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f1bc8e9a9 code=0x7ffc0000
[  111.041214][   T29] audit: type=1326 audit(1753273729.984:7526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.3.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f1bc8e9a9 code=0x7ffc0000
[  111.064810][   T29] audit: type=1326 audit(1753273729.984:7527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7346 comm="syz.3.1375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5f1bc8e9a9 code=0x7ffc0000
[  111.410388][ T7378] netlink: 'syz.3.1386': attribute type 1 has an invalid length.
[  111.497533][ T7385] loop3: detected capacity change from 0 to 512
[  111.498753][ T7389] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  111.511524][ T7385] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  111.524951][ T7385] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.1392: invalid block
[  111.537247][ T7385] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1392: invalid indirect mapped block 4294967295 (level 1)
[  111.552661][ T7385] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1392: invalid indirect mapped block 4294967295 (level 1)
[  111.567363][ T7385] EXT4-fs (loop3): 2 truncates cleaned up
[  111.577074][ T7385] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.601824][ T7392] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.610470][ T7394] loop2: detected capacity change from 0 to 2048
[  111.610552][ T7392] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.632368][ T7385] ALSA: seq fatal error: cannot create timer (-19)
[  111.641022][ T7394] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.661458][ T3307] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.691630][ T7394] 9pnet_fd: Insufficient options for proto=fd
[  111.736614][ T7403] loop3: detected capacity change from 0 to 128
[  111.751131][ T3313] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  111.769238][ T7403] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  111.777063][ T7403] FAT-fs (loop3): Filesystem has been set read-only
[  111.784783][ T3313] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  111.787716][ T7403] syz.3.1397: attempt to access beyond end of device
[  111.787716][ T7403] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  111.807239][ T7403] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  111.815085][ T7403] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  111.823090][ T7403] syz.3.1397: attempt to access beyond end of device
[  111.823090][ T7403] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  111.847612][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.030474][ T7417] __nla_validate_parse: 4 callbacks suppressed
[  112.030490][ T7417] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1398'.
[  112.313985][ T7419] netlink: 'syz.2.1402': attribute type 13 has an invalid length.
[  112.321905][ T7419] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1402'.
[  112.331117][ T7419] erspan0: refused to change device tx_queue_len
[  112.337916][ T7419] net_ratelimit: 16 callbacks suppressed
[  112.337928][ T7419] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  112.538435][ T7435] loop0: detected capacity change from 0 to 8192
[  112.611296][ T7441] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1407'.
[  112.682464][ T7444] netlink: 'syz.4.1409': attribute type 1 has an invalid length.
[  112.690881][ T7444] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1409'.
[  112.773427][ T7446] loop2: detected capacity change from 0 to 8192
[  113.025510][ T7451] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  113.592486][ T7459] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1416'.
[  113.612870][ T7459] loop5: detected capacity change from 0 to 1024
[  113.631185][ T7459] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.660766][ T7459] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 47 with max blocks 1 with error 28
[  113.673141][ T7459] EXT4-fs (loop5): This should not happen!! Data will be lost
[  113.673141][ T7459] 
[  113.682841][ T7459] EXT4-fs (loop5): Total free blocks count 0
[  113.688907][ T7459] EXT4-fs (loop5): Free/Dirty block details
[  113.694794][ T7459] EXT4-fs (loop5): free_blocks=0
[  113.699747][ T7459] EXT4-fs (loop5): dirty_blocks=0
[  113.704781][ T7459] EXT4-fs (loop5): Block reservation details
[  113.710787][ T7459] EXT4-fs (loop5): i_reserved_data_blocks=0
[  113.841844][ T7472] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  113.911127][ T5823] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.955401][ T7461] netlink: 'syz.0.1417': attribute type 13 has an invalid length.
[  113.963362][ T7461] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1417'.
[  113.979378][ T7461] erspan0: refused to change device tx_queue_len
[  113.986955][ T7461] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  114.040474][ T7486] loop5: detected capacity change from 0 to 128
[  114.246129][ T7503] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  114.246177][ T7497] loop0: detected capacity change from 0 to 512
[  114.263904][ T7497] EXT4-fs (loop0): orphan cleanup on readonly fs
[  114.280260][ T7497] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1429: bg 0: block 248: padding at end of block bitmap is not set
[  114.291346][ T7502] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  114.301984][ T7497] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.1429: Failed to acquire dquot type 1
[  114.334336][ T7497] EXT4-fs (loop0): 1 truncate cleaned up
[  114.345037][ T7497] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.368834][ T7507] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  114.620829][ T4182] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.679513][ T7521] loop0: detected capacity change from 0 to 512
[  114.698154][ T7521] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  114.718081][ T7521] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.1438: invalid block
[  114.745292][ T7521] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1438: invalid indirect mapped block 4294967295 (level 1)
[  114.769204][ T7521] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1438: invalid indirect mapped block 4294967295 (level 1)
[  114.829448][ T7521] EXT4-fs (loop0): 2 truncates cleaned up
[  114.855628][ T7521] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.019572][ T7528] loop3: detected capacity change from 0 to 8192
[  115.097741][ T7521] ALSA: seq fatal error: cannot create timer (-19)
[  115.130327][ T7519] netlink: 'syz.2.1437': attribute type 13 has an invalid length.
[  115.138188][ T7519] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1437'.
[  115.149016][ T7519] erspan0: refused to change device tx_queue_len
[  115.156058][ T4182] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.161271][ T7519] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  115.460746][ T7552] loop2: detected capacity change from 0 to 1024
[  115.467613][ T7552] ext4: Bad value for 'init_itable'
[  115.506848][ T7556] loop2: detected capacity change from 0 to 128
[  115.515860][ T7556] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  115.523799][ T7556] FAT-fs (loop2): Filesystem has been set read-only
[  115.530760][ T7556] syz.2.1451: attempt to access beyond end of device
[  115.530760][ T7556] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  115.544906][ T7556] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  115.552749][ T7556] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  115.560666][ T7556] syz.2.1451: attempt to access beyond end of device
[  115.560666][ T7556] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  115.621590][   T58] ==================================================================
[  115.629688][   T58] BUG: KCSAN: data-race in n_tty_receive_char_flow_ctrl / tty_set_termios
[  115.638203][   T58] 
[  115.640526][   T58] write to 0xffff888119138d08 of 44 bytes by task 7561 on cpu 1:
[  115.648242][   T58]  tty_set_termios+0xc0/0x8c0
[  115.652932][   T58]  set_termios+0x496/0x4e0
[  115.657359][   T58]  tty_mode_ioctl+0x379/0x5c0
[  115.662048][   T58]  n_tty_ioctl_helper+0x91/0x210
[  115.666992][   T58]  n_tty_ioctl+0x101/0x200
[  115.671410][   T58]  tty_ioctl+0x845/0xb80
[  115.675666][   T58]  __se_sys_ioctl+0xcb/0x140
[  115.680275][   T58]  __x64_sys_ioctl+0x43/0x50
[  115.684874][   T58]  x64_sys_call+0x19a8/0x2fb0
[  115.689556][   T58]  do_syscall_64+0xd2/0x200
[  115.694053][   T58]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.699941][   T58] 
[  115.702251][   T58] read to 0xffff888119138d22 of 1 bytes by task 58 on cpu 0:
[  115.709602][   T58]  n_tty_receive_char_flow_ctrl+0x59/0x1a0
[  115.715410][   T58]  n_tty_lookahead_flow_ctrl+0xed/0x130
[  115.720947][   T58]  tty_port_default_lookahead_buf+0x91/0xc0
[  115.726840][   T58]  flush_to_ldisc+0x284/0x360
[  115.731513][   T58]  process_scheduled_works+0x4cb/0x9d0
[  115.736970][   T58]  worker_thread+0x582/0x770
[  115.741558][   T58]  kthread+0x489/0x510
[  115.745615][   T58]  ret_from_fork+0xda/0x150
[  115.750107][   T58]  ret_from_fork_asm+0x1a/0x30
[  115.754859][   T58] 
[  115.757168][   T58] value changed: 0x13 -> 0x31
[  115.761823][   T58] 
[  115.764131][   T58] Reported by Kernel Concurrency Sanitizer on:
[  115.770265][   T58] CPU: 0 UID: 0 PID: 58 Comm: kworker/u8:4 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(voluntary) 
[  115.780928][   T58] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.790980][   T58] Workqueue: events_unbound flush_to_ldisc
[  115.796783][   T58] ==================================================================
[  115.804932][   T29] kauditd_printk_skb: 522 callbacks suppressed
[  115.804943][   T29] audit: type=1326 audit(1753273734.654:8048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7563 comm="syz.2.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  115.834630][   T29] audit: type=1326 audit(1753273734.654:8049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7563 comm="syz.2.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  115.858052][   T29] audit: type=1326 audit(1753273734.654:8050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7563 comm="syz.2.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  115.881460][   T29] audit: type=1326 audit(1753273734.654:8051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7563 comm="syz.2.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  115.904916][   T29] audit: type=1326 audit(1753273734.654:8052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7563 comm="syz.2.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  115.929107][   T29] audit: type=1326 audit(1753273734.834:8053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7563 comm="syz.2.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  115.952512][   T29] audit: type=1326 audit(1753273734.834:8054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7563 comm="syz.2.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  115.979693][   T29] audit: type=1326 audit(1753273734.904:8055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7563 comm="syz.2.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  116.003211][   T29] audit: type=1326 audit(1753273734.904:8056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7563 comm="syz.2.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000
[  116.026599][   T29] audit: type=1326 audit(1753273734.904:8057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7563 comm="syz.2.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7fa7256de9a9 code=0x7ffc0000