last executing test programs:

6m22.951158787s ago: executing program 4 (id=2516):
syz_genetlink_get_family_id$nl802154(&(0x7f00000007c0), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2c, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0xa, 0x9}, {}, {0xc, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x18934}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x60000080}, 0x200008c2)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES16=r0, @ANYBLOB="e0ae21e5bf177b4bbc9bc5484b78f77d19ce3e77df02ce39c15ebbdf6a444228f74b3dc3f1415b7e80fe2e6449f831df49995e912662131b341976684f7aa3d9815391309e7391056b3b1f66a88ee67eebd8f9cd099341293895d56abf1a12c8bbf815a395cefe490d224e205026ccc660deb09cae22cc87a023e6865b182ff6e78914252d14eee83e", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32, @ANYBLOB="140001"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000bc0)=ANY=[], 0x50}}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @multicast})
unshare(0x2c020400)
r1 = msgget$private(0x0, 0x294)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x2000, 0x0)
msgsnd(r1, &(0x7f0000000600)=ANY=[@ANYRES16], 0x8, 0x800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000580)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370301a8001600a40002400f000100035c0461c1d67f6f94007134cf6edb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6", 0x6b}, {&(0x7f00000004c0)="846d2ad6d4ef6560542286af609ff6ca49c12d9b19e1843ce4c332e6f0932bc521d0bdcd40638430b5dbdb1a26009aaba510eb36442d9c3fb54c6b14c0e5c2867c43e8a75801149e1613c3fc8a5fd8470359795f85d3741efcbe77df1b9bfad527863f7684842cce7eeb775eda", 0x6d}], 0x2}, 0x200000d4)

6m22.905303281s ago: executing program 4 (id=2518):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r2}, 0x10)
r3 = io_uring_setup(0x645b, &(0x7f00000003c0)={0x0, 0xb42d, 0x1000, 0x2, 0x11e})
syz_io_uring_setup(0x9e, &(0x7f0000000540)={0x0, 0xec25, 0x1000, 0x2, 0x4000032f, 0x0, r3}, &(0x7f0000000240), &(0x7f0000000280))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4, 0x0, 0x6}, 0x18)
r5 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x505b8, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x586e, 0x2, @perf_config_ext={0x6, 0x400000008}, 0x4c58, 0x5, 0x0, 0x1, 0x2, 0x20005, 0x10, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x106, 0x5}}, 0x20)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), r7)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0xa0}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x1c, r8, 0x300, 0x70bd25, 0x25dfdbff, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000c4}, 0x80)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r5, 0x0)

6m22.788057141s ago: executing program 4 (id=2525):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0x100]}, 0x8, 0x0)
io_setup(0x206, &(0x7f0000000200)=<r2=>0x0)
io_submit(r2, 0x47f, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f00000003c0)="951aa14bd6f68579cac67c83bf8d4500e5cea1bb1596d4ee6645fa16fa7cacb9214070a622a2c57b89075f59b85c7b5b2c41edc9d2cd5a2c95ed1c2cf72425be9c1a2df1b60a309bc3228d7e85b300f0d7a042a40166b9208e9d2e423c32ad8e47adedf5dc425c6bcb031fb2230835d41afc23476eae602bad3246417e5ac757", 0x80}])
r3 = socket$inet6(0xa, 0x3, 0x3c)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f0000001640)=ANY=[@ANYBLOB="0002020100000008ff"], 0x18)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0xfffffffe, @local, 0x4}, 0x1c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4008, 0x7, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0xffffffffffffff54}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x3, &(0x7f0000000300)={[], [{@seclabel}]}, 0x1, 0x639, &(0x7f0000000e40)="$eJzs3c1vFOUfAPDvbN/b3+/XQn5R8SBNjIFEaWkFQ4yJcDcEX256qbQQwkIJrYlFEkuiN18uHkw8eRD/CiOJV/8BD148GRJiDAcxRNbM7Gw73e6Wvu1u6X4+ycAzMzvzPAP99nnm2eeZCaBrjad/lCIORcS1JGK0sK838p3j1c/d//Pm+XRJolJ5+48kbn6cLBfPleR/H8gP/mc0kvTwg9M/rMt3YenG5Zlyee56tjaQb126cezSlZmLcxfnrk6/Mn3q5ImTp6aO7/z6ipcT8e533zxMpr7/9WwSp+NRT3Vjel31xw7sKOc07/GoVD0obk8LcmqH594r/hpd/YetGoqkt2PFYYsu5D+PfRHxdIxGT+F/czQ+fbOjhQNaqpJErY4Cuk6yrfgf3P2CAG1WawfU7u0b3QevV2pxqwRoh3tnqh0A1djvi4ha/PfmfWeDWd/A8P1kTT9PEhE765mrSvP4+aezn6RLFPrh/IaB1lu+NZD329fX/0kWm2MxmK0N3y+tif9SYUm3v7XN/Mfr1jfX/gB2w/KtiHgmr//7Y0vxP16I//e3mb/4BwAAAAAAgN1z50xEvNRo/F9pZfxPf4PxPyMRcXoX8n/893+lu3ki2YXsgIJ7ZyJeqxv/25/tWRmBN9aTr/03Gw/Ql1y4VJ47HhH/i4ij0TeQrk/Vnbc4fu/Y5we/bpZ/cfxfuqT518YC5me621s3EXd2ZnFmxxcOxL1bEc9m438P51vWjv9J6/+kQf2fxve1TeZx8IXb55rte3z8A61S+TbiSMP5P6vN7TQ1uXjl2uRCw+dzTGbtgclaq6BmtQXw3EdfjjTLf4P49xQJaLG0/h/eOP4HkuLzeha2dv70XuLlpd5Ks/3bbf/3J+/01M6f+nBmcfH6VER/8sb67dNbKzPsV7V4qMVLGv9Hn9+4/2+l/V+Iw6GIWK4/eZMeuqcejfzWrDza/9A5afzPblz/j62t/7eemL499mOz/M81j//8yXxp/X8iSx/Nj9H/B0XrZ8uvi8LhaBigHSkuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADzhShHxn0hKEyvpUmliImIkIv4fw6Xy/MLiixfmP7g6m+7L3v9fqr3pd7S6ntTe/z9WWJ8urH8xUh5K8zoQEV/1DGX7J87Pl2e94xcAAAAAAAAAAAAAAAAAAAAyI9mc/8pA/fz/1O89nS4d0HK1p3Csxnt/x8oCtFce/5+9t+UjKwO7XxqgnTyFC7rX5uO/r6XlANqvefw/eFjJtLU4QBtp/0P32mb8+3oQ9gH1P3SrTfbpDba6HEAnqP8BAAAAAGBfOXD4zi9JRCy/OpQtUZj8a7A/7G+lpnvM7IX9zhhe6F69850uAdAp7vGBZCX1d8PJ/s1H/yetKRAAAAAAAAAAAAAAsM6RQ+b/Q7dqPv8/jO2HfW6D+f9Z8GevBnhY2cTHgSdN81d/qPthv9vgHt8Lv6BLPK62N/8fAAAAAAAAAAAAAPaAwRuXZ8rluesLS09e4vW9UYytJZZn9kQxdpoYioiVLY9ak1dfRHT+Sncv0RtR2tyHa4/g6GCZi78kGr4SEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaJN/AwAA///9jCGh")
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x18)
r9 = add_key$user(&(0x7f0000000080), &(0x7f0000000140)={'syz', 0x0}, &(0x7f00000000c0)='5', 0x1, 0xfffffffffffffffd)
keyctl$KEYCTL_MOVE(0x1e, r9, 0xfffffffffffffffb, 0xffffffffffffffff, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001180)=@newtaction={0x898, 0x30, 0x100, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0xfff9, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x3, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x247ecded, 0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x8, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xb, 0x37, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa13a, 0x0, 0x0, 0x20000, 0x0, 0xb, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0xffffffff, 0x0, 0x0, 0xfffffffe, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x9, 0x5, 0x0, 0x1, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x10000004a56}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2d, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0x40001, 0x8fc, 0xbf0, 0x9, 0x3, 0x9, 0x7ffffffd, 0x6, 0x0, 0x8, 0x800, 0x9, 0x4, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x401, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x1000004, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400000, 0x10, 0x5, 0x3, 0x10000, 0x5, 0x1, 0x0, 0x2, 0x6, 0x5, 0x6, 0xe5a, 0x4, 0x2, 0x81, 0xd44, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x2, 0x89, 0x2, 0x6, 0x6, 0x9, 0xe07a, 0x86b9, 0xff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb6, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0xfff, 0x100, 0x1, 0x8001, 0x100, 0xffff9c71, 0x20000008, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0xfffffffd, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x0, 0x5, 0x2, 0x65, 0x4, 0xfffffa0c, 0x3, 0x0, 0x2, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0xffffffff, 0x1, 0x723, 0x0, 0x9, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0xffffffff, 0x80000002, 0x0, 0x9, 0x1ff, 0xfffffffe, 0x928, 0x4, 0xffffffff, 0x5, 0x6042, 0xb85, 0x6, 0x8d8d, 0xff, 0x101, 0x3, 0x64e8, 0x8, 0x82f, 0x772, 0x80a, 0xffe, 0x3, 0x3f7, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x80]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3}}}}]}]}, 0x898}, 0x1, 0x0, 0x0, 0x50}, 0x0)

6m22.402749051s ago: executing program 4 (id=2532):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001240)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0xfffc, 0x6}, {0xff}, 0x0, 0x7f}}]}}]}, 0x58}}, 0x0)

6m22.307229649s ago: executing program 4 (id=2536):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

6m22.1698216s ago: executing program 4 (id=2542):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

6m7.015686855s ago: executing program 32 (id=2542):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

5m58.255025297s ago: executing program 3 (id=2945):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0)
semctl$GETALL(0x0, 0x0, 0xd, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa0}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc)

5m57.35290071s ago: executing program 3 (id=2951):
r0 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x505b8, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x586e, 0x2, @perf_config_ext={0x6, 0x400000008}, 0x4c58, 0x5, 0x0, 0x1, 0x2, 0x20005, 0x10, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r0, 0x0)

5m57.237317779s ago: executing program 3 (id=2955):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x3, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x44084)
socket$nl_rdma(0x10, 0x3, 0x14)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x20}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f00000002c0)='kfree\x00', r5, 0x0, 0x5}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000003000), r6)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_TP_METER(r6, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002bbd7000fbdbdf25020000000a000900aaaaaaaaaa44000008000300", @ANYRES32=r8, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)
creat(&(0x7f0000000080)='./file0\x00', 0xa)
pipe2$9p(&(0x7f0000000140)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x4800)
write$P9_RLERRORu(r10, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff"], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='transno=', @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r10, @ANYBLOB=',version=9p2000.u,\x00'])

5m57.188495473s ago: executing program 3 (id=2956):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x0, 0x4, 0x0, 0x28)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x5}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000140)='./file1\x00', 0x1000c01, &(0x7f0000000040)=ANY=[], 0x5, 0x7f2, &(0x7f0000001280)="$eJzs3U1sHPXZAPBnjJ0Eozcg3le8URTCJKFSogaztsHU4kCX9dgZWO9au+sqEaogIg6N4gAFIUpUFXKBtqpU9dQj5Yq4cGtVqZV6aHuqVA699FAJiVNFq1aqWlWVUs3sbrx2/JEPJ27h97PYmZ155j/Pf3aYZ2ezMxsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQCS1mUplPIl63lg8mW6sNtNqzm8yv9/ez1cNNllvRFL8F3v2xL7upH3/tzL7vuLhcBzoPjsQe4rBnrh41333PP6/w0P95TdJ6EYd2njWyOCTJOKtIqnzp5eXl165BYncRt/9aW9kzzUv8o/LxeNc1sjbzXy+OpelebuZTk9NVR4+MdtOZ/N61j7V7mTzaa2VVTvNVnq0diwdn56eTLOxU83FxtxMtZ71Jz720ESlMpU+NbaQVVvtZuPhp8batRN5vZ435sqYicrrUcQ8VuyIT+edtJNV59P07LnlpcmtUi2CxldN2b1qxznw4D2fvPbxX88tFTvkRo0kvR1zYnx8YmJ86tHpRx+rVIYnKhOrJ1TWiCsRMRRRRNySnZadddc604Z7e8xVMyIu3709B2+4SUO9+h/1yKMRi3Ey0khjqHxc+RuJWsxEK5oxXzz/3cia+VfV/y88/KffbLbewfrfr/L7Vmbvj7L+H+w+O7hR/b8qi+v/G7/7WiMbH3SzGZz2arwRF+N8nI7lWI6leOVGcti1ttVb+De0ve3NRRaNyKMdzchjPqrllLQ3JY3pmIqpqMSzcSJmox1pzEYe9ciiHaeiHZ3Iyj2qFq3IohqdaEYr0jgatThWvDoxHdMxGWlkMRanohmL0Yi5mIlq2crZOFdu98k1ed33red+8sJvP3m3GL8SNL5JR5LizVwR9JdNgq4q99dR//sR6v9nzZ7eMeta47fx6A0353JZ/4d3Og0AAADgFkrKT9+TiBiJ+8ux2byePbPTaQEAAADbqPxe84FiMFKM3R9Jcf5fWSfyo9ueGwAAALA9kvIauyQiRuOB7lj/cqn1PgQAAAAA/guV//5/sBiMRrxZTnD+DwAAAJ8x397oHvsf7+rdY7e9sDv52Z+j1RpJLi2cfDC5UC3iqhfu6C7XG3zlSoud2f3J3l4j5WBq+OJdSUQM17IDSf/ul//a3R1+Wj7uX7kB4Ub3+k+2SCA2T6B8Ft+LQ92YQ2e6wzP9Od21jM7m9Wys1qw/Pp70PhzpvPbiuW9E2f3vNOb3JnH23PLS2PMvLZ8pc7lUtHLpQu/28El/qYjuBRWb5HK5twXi/vV7PFJeiNFb72h3vZXB/g91Fx/avP/J4DrfjsPdmMOj3eHo6v7vKdY5Pvb4eFSre4c62cnOa5cHet/LYrzb87dW9fw6XoW340g35sjRI93BOllMrMrixauzmBjc/te2La45i3cPvXnyb79sJtnkVllM3mQWADvlbHnXn5UqdGdZhf55uasoaGvq7p39Ja/nKHd25V1Gf/mBWjccV1X39Eaq+9txtBtztPt+Ynj/OnWlss4R/eVzL/+qd0R/5P0f/uirB3/94Zq6fh1ZvB/HujG9Qdz7iw1qbNHnrz2zuqq+Vyzx3obrbdcnkrij2Ijljw/FxYfOXTj9wtILSy9OTExOVR6pVB6diJHyrUJvsEGmKg/A59smv7FTlN7kw29eCd3oV3iSR7Y4q773ylcKxuL5eCmW40wcL682iIgH1m91dOBrCMe3OGsdHfiFl+NbnFuuxE6sjd19JIkNYicHttj//6Ac/P0WvSAAcBsc3qIOJ/13CK//T2+JNRF3JMnxLc67V9fyY91z1/7ZcWxcy9fzpVu8PQDg8yBrfZqMdt5JWq184dnx6enxaudElraatafTVj4zl6V5o5O1aieqjbksXWg1O81a/6PjmaydthcXFpqtTjrbbKULzXZ+svzl97T30+/tbL7a6OS19kI9q7aztNZsdKq1TjqTt2vpwuKT9bx9ImuVC7cXslo+m9eqnbzZSNvNxVYtG0vTdpYNBOYzWaOTz+bZSJo30oVWPl9tXYqI+uJ8ls5k7VorX+g0uw3215U3Zput+bLZsTLtrw92/487sc0BYKe9+sbF86eXl5deubGR319L8E73EQBYTZUGAAAAAAAAAAAAAID/fFdfrldMva4LAUfihi8ffHV33MzVh5+9kS9+0H1ZtqPBm2nnzlWv6a7ezrLz2+e6R5574onzK1OS4cHN++Sb+078IYt+7zZpZ/3/U9a71PWdvRG7fvz97pQvbxCcDG9zTz+KiBtY/HKyScztPxYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFb+HQAA//877VKu")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_clone(0x40800000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="1809000000cc0bbde5cd5c000000a63d33860000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa1000000000000070100055ecff9d01cef42b700f8ffffffb702000008000000b703000000000000850000e0ced37f583766f0447bab648b3ca0899d32c4767e33324ea5b5715e48585c1e18a92e8f4f4cdd7931d6f95cff0908"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
syz_clone(0x60002080, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000001c0))
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000200)={@multicast1, @initdev, <r4=>0x0}, &(0x7f0000000280)=0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_SET_MESH(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000040000020f00000005002f000000000008000300", @ANYRES32=r7], 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380))
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000008c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'lo\x00'})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000440)={'ip6tnl0\x00', &(0x7f00000003c0)={'syztnl1\x00', r4, 0x4, 0x6, 0xfe, 0xa, 0x20, @empty, @private1={0xfc, 0x1, '\x00', 0x6}, 0x7, 0x700, 0xd, 0x2}})
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
dup(r11)
ioctl$sock_inet6_SIOCADDRT(r10, 0x890b, &(0x7f0000000240)={@local, @ipv4={'\x00', '\xff\xff', @empty}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20c200a2})

5m56.668095454s ago: executing program 3 (id=2960):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32, @ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="070000000400000008020000d900000000000000", @ANYRES32, @ANYBLOB="000000000000000000005c7c3a22d1cd852e6fb27b0f26000000000000000000003e88756d83cfa529b16d1b6ccbdebc1851ca61620c71b619122d5014cc310972f892452ec5d08fd3279c02ec884d2b621b524ecd5c7574420b90e9e6953203d55a2721c2d43c45bbe5a1010575f46fb83a03d9ee4fecc84764068f266b36d2f1ef9d05841e6b5537109096169523fbc7a5ab2fd6e4cbd82601e232cd13aa5f332790aa874fc1cbb9fe2901c8f21320fedecfeb89c83c91bf569561", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000500)=ANY=[@ANYRES8=r0, @ANYRES16, @ANYBLOB="0000000000000000b703000000000000855814001b000000b7004ee834d959430000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a0, &(0x7f0000000040)={'ip_vti0\x00'})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000080)={0x11, 0x1a, r3, 0x1, 0x1, 0x6, @broadcast}, 0x14)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000100)='btrfs_add_block_group\x00', r5, 0x0, 0x7}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$inet(0x2, 0x3, 0xd)
getsockopt$inet_mreqsrc(r6, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x2c)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
r8 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x19)
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x101, 0x0})
close_range(r7, 0xffffffffffffffff, 0x0)

5m56.324263142s ago: executing program 3 (id=2965):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x3, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x44084)
socket$nl_rdma(0x10, 0x3, 0x14)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x20}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f00000002c0)='kfree\x00', r5, 0x0, 0x5}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000003000), r6)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_TP_METER(r6, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002bbd7000fbdbdf25020000000a000900aaaaaaaaaa44000008000300", @ANYRES32=r8, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)
creat(&(0x7f0000000080)='./file0\x00', 0xa)
pipe2$9p(&(0x7f0000000140)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x4800)
write$P9_RLERRORu(r10, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff"], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='transno=', @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r10, @ANYBLOB=',version=9p2000.u,\x00'])

5m56.311104033s ago: executing program 33 (id=2965):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x3, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x44084)
socket$nl_rdma(0x10, 0x3, 0x14)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x20}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f00000002c0)='kfree\x00', r5, 0x0, 0x5}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000003000), r6)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_TP_METER(r6, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002bbd7000fbdbdf25020000000a000900aaaaaaaaaa44000008000300", @ANYRES32=r8, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)
creat(&(0x7f0000000080)='./file0\x00', 0xa)
pipe2$9p(&(0x7f0000000140)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x4800)
write$P9_RLERRORu(r10, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff"], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='transno=', @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r10, @ANYBLOB=',version=9p2000.u,\x00'])

5.125479759s ago: executing program 5 (id=7752):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000004c0)='\x00P\x00\x00\x01\x00\xbd\x03', &(0x7f0000000a40)="b38ea9c4", 0x4)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000280)='\x00H\xeb', 0x0, r0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='cq_free\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
io_getevents(r1, 0x4, 0x4, &(0x7f00000019c0)=[{}, {}, {}, {}], 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000140)=@gcm_256={{0x303, 0x3a}, "c4d65ab71f5ef2fe", "9e8ecc7bb5352776725e104757e7dc25c6519a85ef828f711330ff2bb17b5508", "dc5db43f", "80031f0000000200"}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0xe, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x80000000000000}, 0x18)
r5 = syz_io_uring_setup(0x10c, &(0x7f0000001800)={0x0, 0x40ed, 0x8, 0xffffffff, 0xbffffff9}, &(0x7f00000003c0)=<r6=>0x0, &(0x7f0000001780)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_RENAMEAT={0x23, 0x14, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000002d40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'})
io_uring_enter(r5, 0x1c3a, 0xe176, 0x22, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xc890, 0x4000, 0x4}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="0300"], 0x50)

4.162617776s ago: executing program 5 (id=7757):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1088aa, 0x3ff, 0xfffffffc, 0xb95b5ec032cc8e84, 0x40000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

3.450016633s ago: executing program 2 (id=7762):
prctl$PR_SET_NAME(0xf, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$rfkill(0xffffff9c, &(0x7f0000000040), 0x182, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002000)=ANY=[@ANYBLOB="757466383d312c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e39352c000f3556feecb6412e00c80bdee16891f8bf67c9f201996782a86d4bab33b4f23383380e4ccafc9da9def41b05c1dfb2cfa24e43aedf5536d3bce06ddda97c586bc37fab5366b1ab6fee95cc224e56e681e82dd4dbbde3785fdd0fc4e7df753a0e2658aa5e88e1d38366c7908a7b2b678ee4b4bfc7aafa2101c157745926241af5ac30189eced78c1611b972d03bfef046f4adcada230ef0ac02ede79fb7d92a8354670c01cb80361c1fde2cef3204a182323c318e10ef11cb24c435d589b17a396377800f"], 0x1, 0x21b, &(0x7f0000000300)="$eJzs2j+LHGUcB/DfnJHEC5dd8R8JiA9aqM2Q3doihyQgLiiaFaIgmXizuuy4e+wsBytirtLWl2AtlnaCpLS5xldgYXfNlSnEkWRjcnesxSHein4+zXzhmS88D8/w8BSz/9rXn44GdT4oZrGWZbF2JXbjbhbtWIs/7carL9/46fl3b7z/5mavd/WdlK5tXu90U0oXXvjxg8+/e/HO7Px731/44WzstT/cP+j+uvfs3sX9369/MqzTsE7jySwV6dZkMituVWXaGtajPKW3q7KoyzQc1+X0yPigmmxvz1Mx3tpY356WdZ2K8TyNynmaTdJsOk/Fx8VwnPI8Txvrwd/R//Zu08RB8/jNaJrmiW/i/J3Y+CVakT2ZsqeuZM/czJ7bzS4eNE1r1VPlH2H//98OHernIqqvdvo7/cVzMb45iGFUUcblaMVvce8zeWCRr73Ru3o53deOL6vbD/q3d/qPHe13ohXt5f3Oop+O9s/G+uF+N1rx9PJ+d2n/XLzy0qF+Hq34+aOYRBVbca/7qP9FJ6XX3+od61+6/x4AwH9Nnh5aen/L878aX/RPcD88dr86E5fOrHbtRNTzz0ZFVZVTQRCEh2HVJxOn4dGmr3omAAAAAAAAAAAAnMRp/E646jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/bn8EAAD//xrx1cI=")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setresuid(0x0, 0xffffffffffffffff, 0xee01)
msgget$private(0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)

3.353194681s ago: executing program 5 (id=7764):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10)
sendmmsg$inet(r0, &(0x7f0000001480)=[{{&(0x7f0000000100)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x2000c044)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000180)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r3}, 0x18)
sendto$inet(r0, &(0x7f0000000c80)="e8", 0x6200, 0x12000000, 0x0, 0x0)

3.284702527s ago: executing program 5 (id=7766):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
r3 = pidfd_getfd(r2, r2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r5 = inotify_init1(0x80000)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES8=r5], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000dc0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa1000000000000070100003fb0f3fa59f8ffffffb702000008000000b703000000000000850000000600002da563fe929f1df6d4e433e35a641521787378892c3d6a33acc9a43da202dad9db3952ced52d953742ec136ec02007b4ea46245d10e5cb0b86f1e7cbfd2fcef09667708b6811229defee0c", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702f8ffffffb703000008000000b70400000000000085000000c300000095000016bf9e8ba407373148f38f685acd42785b10bca1a5f53dd0bb5c91acec030f4dacf8cc63918aa315e23e34fe803838f5f40afc5c260e3cafdc6b23fc9acf00da7cd8e751f5e9ac0f6caf4e6febbccb3706f0b8fe2bcfa2d7f8473ba8dc0c2093cbbbe1e1ea85cab3eff43617b6df35ae9b5c869d5c4221554c5d7bcec011d177d6e0aaaa2675850bca8eba1783c3b66d412002a8095f96524d534a14"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, &(0x7f0000000040)})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000280)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@mb_optimize_scan}, {@lazytime}, {@quota}, {@quota}], [{@audit}, {@measure}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@permit_directio}, {@smackfsroot={'smackfsroot', 0x3d, '[:$]}^'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}]}, 0x3, 0x443, &(0x7f0000000940)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x118864, 0x10000, 0x0, 0x2, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r10 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r10, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r10, &(0x7f00000005c0)="f5", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffffc, @private2}, 0x1c)
connect$inet6(r10, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r10, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r8, 0x0, 0xf7}, 0x18)
getrandom(0xfffffffffffffffe, 0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r6, 0x0, 0x5}, 0x18)
setns(r3, 0x66020000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
write$eventfd(r3, &(0x7f00000001c0)=0xe130, 0x8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1b, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ff00000}]})
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)

3.23963322s ago: executing program 2 (id=7767):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x200000000}, 0x18)
r2 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000180)='cpu==\xff\xa4V\xa0')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0e000000040000000400000002000200000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0309"], 0x50)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f00000001c0))
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000080)=0x2, 0x5, 0x2)
writev(r7, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="08000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x8b}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
r8 = socket(0x10, 0x803, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)

2.99626828s ago: executing program 2 (id=7773):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x870bd2d, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x5}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x8, 0x4000000, 0x0, 0x1ff}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}, 0x70}}, 0x48000)
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x2, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'})
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
getpgrp(r4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(0xffffffffffffffff, 0x89fa, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r5}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
openat$ppp(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket(0x1, 0xa, 0x0)
setsockopt$SO_RDS_TRANSPORT(r7, 0x114, 0x8, &(0x7f00000008c0), 0x4)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0x4e20, 0x2000000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xb851}, 0x1c)
r8 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)

2.872773049s ago: executing program 2 (id=7774):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f00000002c0)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x5})
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x0, 0x0})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={0xffffffffffffffff, 0x18000000000002a0, 0x7, 0x0, &(0x7f0000000780)="b9ff0500000000", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffffc1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
unshare(0x40020200)

2.859012151s ago: executing program 0 (id=7775):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1010012, &(0x7f0000000080)={[{@nobh}, {@bsdgroups}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x14, 0x0, 0x400, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}}, 0x14}}, 0x881)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb000008000300030000000a000400aaaaaaaab1aa000008000500", @ANYRES32=r5], 0x68}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r5, {0x1, 0x6}, {0xd}, {0x11, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f00000011c0)='setgroups\x00')
pread64(r7, &(0x7f0000001240)=""/102392, 0x18ff8, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
connect$inet(r2, &(0x7f0000000380)={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10)
sendmmsg(r2, &(0x7f0000006140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)="65c6d96326a838047976a77611d4c4ecc94b3585c42786716ad7c93fd3a228e9a1cd93801f5b4033ea9ae2b561128c2893aba2af73f86ac4a65917672e186b297cada86c7b329c4831efa7d660040c757e6ce437d7853ac2cca9605a2e18bf6529e94453fac161511f4483dc8b5294583cc78cd79fb68fb57bd8697ac1639517070e92cd2d36932b0e26cf8fdd87e817f08f7d937282c63371e22e43e8ab5c2b3d851d147f260004a12512be6e3b6b48a430a4e4747a28d766c634658499181a54867295ad5496ef6eed69b0da6b885004a5bc869e090798f4a1139e098f282ab4aefc8a67fe2087e1eadd30c54f4c87b1fb7a", 0xf3}, {&(0x7f00000002c0)="b16b5d1ddcad4b5eedb9593060ada4a1778939f40388ef540871ce291c1010f3310edf7028093cf8709632cad4866d5e448d5385c80db3518564b1194247acfb3b463ee97c794123a991311e51e1790748a23c3301974b905bbd18b3e54cb3cc90c180fba7461df205130349d430083d2c66", 0x72}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4000)
close(r2)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x13, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@cb_func={0x18, 0x9, 0x4, 0x0, 0x7}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x6}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x6, 0x66, &(0x7f00000008c0)=""/102, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000740)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)=[r1, r1, r1, r1, r0, r1], &(0x7f0000000980), 0x10, 0xfffffff7}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r9}, 0x18)
r10 = fsmount(0xffffffffffffffff, 0x0, 0x1)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x3, 0xff, 0x4e, 0x54, 0x0, 0x3, 0x89008, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2, @perf_config_ext={0x9de, 0x7ff}, 0x1a, 0x81, 0x800, 0x6, 0x8, 0x4002, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r11 = syz_clone3(&(0x7f0000000480)={0x100002800, &(0x7f0000000140), &(0x7f0000000180), &(0x7f0000000200), {0x2c}, &(0x7f0000000300)=""/71, 0x47, &(0x7f0000000380)=""/232, 0x0, 0x0, {r10}}, 0x58)
ptrace$setregs(0xf, r11, 0xffffffffffff8001, &(0x7f0000000500)="10d8bfaf46c8a26b94f7ca9eefe38aece0176dd3b2279f12242964cb28fba726417b827bc48831de8cf393cd88ddc5cdfc610e10398135fa99ebe47294cf626fec80494d421028f07fce3de6c8312ede3aa9420b41ee4431311fb9b4e587ab167553")
r12 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_DESTROY(r12, &(0x7f0000000080), 0x4)

2.352583741s ago: executing program 0 (id=7776):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x804)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f00000007c0)={'gretap0\x00', @link_local})
write$binfmt_aout(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0x20)
r2 = open$dir(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x100, 0x45, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r3}, 0x18)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x2)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$MRT_PIM(0xffffffffffffffff, 0x0, 0xcf, &(0x7f0000000240)=0x1, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r5, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)

1.377441349s ago: executing program 0 (id=7781):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c000000090605000000000000000000060000000900020073797a300000000014000780060004404e200000060005403621000005000100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x804)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4084)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'vlan1\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, 0x0, 0x840)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="ffffff7f00"/20, @ANYRES32=r4, @ANYBLOB="010000000400"/15], 0x50)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r7)
r8 = syz_open_procfs(0xffffffffffffffff, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="a90303000000000000003200000008004001"], 0x1c}}, 0x4004050)
lseek(r8, 0x289e0cb5, 0x0)
socket$netlink(0x10, 0x3, 0x0)

1.37425718s ago: executing program 2 (id=7782):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1088aa, 0x3ff, 0xfffffffc, 0xb95b5ec032cc8e84, 0x40000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, 0x0, &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)

1.160621297s ago: executing program 2 (id=7786):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x463d, &(0x7f0000000240)={0x0, 0xb6c6, 0x800, 0x1, 0x34f}, &(0x7f00000000c0)=<r0=>0x0, &(0x7f0000000000)=<r1=>0x0)
socket(0xf, 0x4, 0x1)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(0xffffffffffffffff, 0xc0bc5310, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, 0x0)
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
r2 = gettid()
rt_tgsigqueueinfo(0x0, r2, 0x34, 0x0)
getpgid(r2)
statfs(&(0x7f0000000340)='./file0\x00', 0x0)
remap_file_pages(&(0x7f0000603000/0x3000)=nil, 0x3000, 0x0, 0x4, 0x1c0000)
syz_open_procfs(0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r7, &(0x7f0000000500)=[{&(0x7f0000000040)=@in={0x2, 0xb, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000700)=[{&(0x7f00000000c0)='l', 0x1}], 0x1, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000008400000000000000ff0700000d00000018000000000000008400000007"], 0x30, 0x14001}], 0x1, 0x4044040)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=f', @ANYBLOB, @ANYRESHEX=r4])
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffff9, 0x0, 0x4)
syz_io_uring_submit(r0, r1, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r3)
sendmsg$NL80211_CMD_NEW_STATION(r3, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="8d9e00009711037d759d6edcd806a3dd352d19e12c964c4731d6f44709e486eb33ec5340b08d2c3d3ec7dbce6e3286a97db78728c97ab3a9560e974ffcbb07ba4073cd2463c40e1871022f53eefb087a9b4c6fc13ad2adbe95cd8b89342907108d3382beabc24130525e815783ecaf406a61a9e4268a8ff9894cffea2b21f2081bb3810cdd18ab0c544046ed502a3d5159", @ANYRES16=r8, @ANYBLOB="00032abd7000fcdbdf25130000000a0013000b981b808bc800000500130101000000"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x804)
socket$nl_xfrm(0x10, 0x3, 0x6)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r9}, 0x18)

1.084620843s ago: executing program 1 (id=7788):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

1.025931128s ago: executing program 1 (id=7790):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NET_GET(r1, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040004)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NL80211_CMD_SET_KEY(r0, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xb0, r3, 0x20, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x454, 0x73}}}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}, @NL80211_ATTR_KEY={0x5c, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}, @NL80211_KEY_SEQ={0xc, 0x4, "df1207aee5196aa2"}, @NL80211_KEY_DEFAULT_TYPES={0x8, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "863bfee19cce7cdcfb1615bb2a"}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "72dd0dc7eebad1484fb8768c91"}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "ca5bb3e4dc"}]}, @NL80211_ATTR_KEY_SEQ={0xc, 0xa, "e5cbb285244e7f6a"}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "78ff6093a5"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x8, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}]}, 0xb0}, 0x1, 0x0, 0x0, 0x100}, 0x801)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000140)=0x7f)
get_mempolicy(&(0x7f00000000c0), &(0x7f0000000100), 0xffff, &(0x7f0000ffb000/0x3000)=nil, 0x5)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r5, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r7, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

700.352244ms ago: executing program 0 (id=7793):
prctl$PR_SET_NAME(0xf, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$rfkill(0xffffff9c, 0x0, 0x182, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002000)=ANY=[@ANYBLOB="757466383d312c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e39352c000f3556feecb6412e00c80bdee16891f8bf67c9f201996782a86d4bab33b4f23383380e4ccafc9da9def41b05c1dfb2cfa24e43aedf5536d3bce06ddda97c586bc37fab5366b1ab6fee95cc224e56e681e82dd4dbbde3785fdd0fc4e7df753a0e2658aa5e88e1d38366c7908a7b2b678ee4b4bfc7aafa2101c157745926241af5ac30189eced78c1611b972d03bfef046f4adcada230ef0ac02ede79fb7d92a8354670c01cb80361c1fde2cef3204a182323c318e10ef11cb24c435d589b17a396377800f"], 0x1, 0x21b, &(0x7f0000000300)="$eJzs2j+LHGUcB/DfnJHEC5dd8R8JiA9aqM2Q3doihyQgLiiaFaIgmXizuuy4e+wsBytirtLWl2AtlnaCpLS5xldgYXfNlSnEkWRjcnesxSHein4+zXzhmS88D8/w8BSz/9rXn44GdT4oZrGWZbF2JXbjbhbtWIs/7carL9/46fl3b7z/5mavd/WdlK5tXu90U0oXXvjxg8+/e/HO7Px731/44WzstT/cP+j+uvfs3sX9369/MqzTsE7jySwV6dZkMituVWXaGtajPKW3q7KoyzQc1+X0yPigmmxvz1Mx3tpY356WdZ2K8TyNynmaTdJsOk/Fx8VwnPI8Txvrwd/R//Zu08RB8/jNaJrmiW/i/J3Y+CVakT2ZsqeuZM/czJ7bzS4eNE1r1VPlH2H//98OHernIqqvdvo7/cVzMb45iGFUUcblaMVvce8zeWCRr73Ru3o53deOL6vbD/q3d/qPHe13ohXt5f3Oop+O9s/G+uF+N1rx9PJ+d2n/XLzy0qF+Hq34+aOYRBVbca/7qP9FJ6XX3+od61+6/x4AwH9Nnh5aen/L878aX/RPcD88dr86E5fOrHbtRNTzz0ZFVZVTQRCEh2HVJxOn4dGmr3omAAAAAAAAAAAAnMRp/E646jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/bn8EAAD//xrx1cI=")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setresuid(0x0, 0xffffffffffffffff, 0xee01)
msgget$private(0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)

623.23876ms ago: executing program 0 (id=7795):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x1088aa, 0x3ff, 0xfffffffc, 0xb95b5ec032cc8e84, 0x40000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c04, &(0x7f0000000340), 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

480.491331ms ago: executing program 5 (id=7799):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x870bd2d, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x5}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x8, 0x4000000, 0x0, 0x1ff}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}, 0x70}}, 0x48000)
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x2, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'})
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
getpgrp(r4)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(0xffffffffffffffff, 0x89fa, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r5}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
openat$ppp(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket(0x1, 0xa, 0x0)
setsockopt$SO_RDS_TRANSPORT(r7, 0x114, 0x8, &(0x7f00000008c0), 0x4)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0x4e20, 0x2000000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xb851}, 0x1c)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)

460.930703ms ago: executing program 6 (id=7800):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2c, r3, 0x1, 0x70bd2a, 0x0, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}]}]}, 0x2c}}, 0x0)

395.497898ms ago: executing program 6 (id=7801):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

310.027485ms ago: executing program 6 (id=7802):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYBLOB="0000000000000000b70200000000f400850000008600000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
close(r3)
accept4(r2, 0x0, 0x0, 0x400000000000000)

275.056188ms ago: executing program 1 (id=7803):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)

262.945369ms ago: executing program 5 (id=7804):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c000000090605000000000000000000060000000900020073797a300000000014000780060004404e200000060005403621000005000100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x804)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4084)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'vlan1\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, 0x0, 0x840)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="ffffff7f00"/20, @ANYRES32=r4, @ANYBLOB="010000000400"/17], 0x50)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r7)
r8 = syz_open_procfs(0xffffffffffffffff, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="a90303000000000000003200000008004001"], 0x1c}}, 0x4004050)
lseek(r8, 0x289e0cb5, 0x0)
socket$netlink(0x10, 0x3, 0x0)

224.168592ms ago: executing program 1 (id=7805):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000005c0)={r3, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

223.529332ms ago: executing program 6 (id=7806):
prctl$PR_SET_NAME(0xf, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$rfkill(0xffffff9c, 0x0, 0x182, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002000)=ANY=[@ANYBLOB="757466383d312c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e39352c000f3556feecb6412e00c80bdee16891f8bf67c9f201996782a86d4bab33b4f23383380e4ccafc9da9def41b05c1dfb2cfa24e43aedf5536d3bce06ddda97c586bc37fab5366b1ab6fee95cc224e56e681e82dd4dbbde3785fdd0fc4e7df753a0e2658aa5e88e1d38366c7908a7b2b678ee4b4bfc7aafa2101c157745926241af5ac30189eced78c1611b972d03bfef046f4adcada230ef0ac02ede79fb7d92a8354670c01cb80361c1fde2cef3204a182323c318e10ef11cb24c435d589b17a396377800f"], 0x1, 0x21b, &(0x7f0000000300)="$eJzs2j+LHGUcB/DfnJHEC5dd8R8JiA9aqM2Q3doihyQgLiiaFaIgmXizuuy4e+wsBytirtLWl2AtlnaCpLS5xldgYXfNlSnEkWRjcnesxSHein4+zXzhmS88D8/w8BSz/9rXn44GdT4oZrGWZbF2JXbjbhbtWIs/7carL9/46fl3b7z/5mavd/WdlK5tXu90U0oXXvjxg8+/e/HO7Px731/44WzstT/cP+j+uvfs3sX9369/MqzTsE7jySwV6dZkMituVWXaGtajPKW3q7KoyzQc1+X0yPigmmxvz1Mx3tpY356WdZ2K8TyNynmaTdJsOk/Fx8VwnPI8Txvrwd/R//Zu08RB8/jNaJrmiW/i/J3Y+CVakT2ZsqeuZM/czJ7bzS4eNE1r1VPlH2H//98OHernIqqvdvo7/cVzMb45iGFUUcblaMVvce8zeWCRr73Ru3o53deOL6vbD/q3d/qPHe13ohXt5f3Oop+O9s/G+uF+N1rx9PJ+d2n/XLzy0qF+Hq34+aOYRBVbca/7qP9FJ6XX3+od61+6/x4AwH9Nnh5aen/L878aX/RPcD88dr86E5fOrHbtRNTzz0ZFVZVTQRCEh2HVJxOn4dGmr3omAAAAAAAAAAAAnMRp/E646jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/bn8EAAD//xrx1cI=")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r0, 0x2007ffc)
sendfile(r0, r0, 0x0, 0x800000009)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setresuid(0x0, 0xffffffffffffffff, 0xee01)
msgget$private(0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

191.904655ms ago: executing program 1 (id=7807):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="070000000400000008000000d900000000000000", @ANYRES32, @ANYBLOB="00000e248599ef00"/24, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="00000000000000850000001b000000b7000000000000009500"/40], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000dc0)='kfree\x00', r1}, 0xffffffc4)
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x88a, &(0x7f0000000080)=ANY=[@ANYBLOB='dots,nodots,nocase,dots,nodots,debug\x00\b\x00\x00s,nodots,quiet,\x00'], 0x1, 0x162, &(0x7f0000000500)="$eJzs3DGr01AUB/DTvuh76tJZHAKCOBV1clSkglhQlA46KVSXVgp2iU79KH5BQTpIB+GKprS0tEihaerr77fkkD9Jzh2Syw0k7259GvRH44+jl9O4aDQiexR5zBrRimacRWkSa87XdwAA/5NZSvEjpZTOJ3HtW6SU6u4IAKia+R8ATs8/5/+HNTUGAFTG+h8ATs/rN2+fP+52O6/y/CLi+6ToFb1yW+ZPn3U79/K/WsujpkXRO1vk98s8X82vxPV5/mBjfjXu3i7zP9mTF1ms5jeiX/noAQAA4DS084WN6/t2e0venJfL9wNr6/ssbmaHGgUAsIvxl6+D98Phh8/7KZp7Os9Bi5+pdCz97FbcOY42FJesqPvJBFRtedPX3QkAAAAAAAAAAAAAALDNIT4n2nzlX/41DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG1+BwAA///7v1kj")
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
write$tcp_mem(r2, &(0x7f00000004c0)={0x5, 0x20, 0x10000, 0x20, 0xb13}, 0x48)
r3 = epoll_create1(0x80000)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f00000000c0)={0xe000001a})
unlink(&(0x7f0000000180)='./file1\x00')

127.12764ms ago: executing program 0 (id=7808):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1010012, &(0x7f0000000080)={[{@nobh}, {@bsdgroups}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x14, 0x0, 0x400, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}}, 0x14}}, 0x881)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[], 0x68}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x839, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r5, {0x1, 0x6}, {0xd}, {0x11, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f00000011c0)='setgroups\x00')
pread64(r7, &(0x7f0000001240)=""/102392, 0x18ff8, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
connect$inet(r2, &(0x7f0000000380)={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10)
sendmmsg(r2, &(0x7f0000006140)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)="65c6d96326a838047976a77611d4c4ecc94b3585c42786716ad7c93fd3a228e9a1cd93801f5b4033ea9ae2b561128c2893aba2af73f86ac4a65917672e186b297cada86c7b329c4831efa7d660040c757e6ce437d7853ac2cca9605a2e18bf6529e94453fac161511f4483dc8b5294583cc78cd79fb68fb57bd8697ac1639517070e92cd2d36932b0e26cf8fdd87e817f08f7d937282c63371e22e43e8ab5c2b3d851d147f260004a12512be6e3b6b48a430a4e4747a28d766c634658499181a54867295ad5496ef6eed69b0da6b885004a5bc869e090798f4a1139e098f282ab4aefc8a67fe2087e1eadd30c54f4c87b1fb7a", 0xf3}, {&(0x7f00000002c0)}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x2, 0x4000)
close(r2)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x15, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0xb54380f01d931995, 0x1, 0x0, r7}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x7}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x6}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000640)='GPL\x00', 0x6, 0x66, &(0x7f00000008c0)=""/102, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000740)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000940)=[r1, r1, r1, r1, r0, r1], &(0x7f0000000980)=[{0x3, 0x5, 0x3, 0xa}, {0x2, 0x4, 0x4, 0xb}, {0x2, 0x5, 0xa}, {0x40000000, 0x4, 0x5, 0xc}, {0x5, 0x4, 0x4, 0x1}, {0x3, 0x3, 0xb, 0x5}], 0x10, 0xfffffff7}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r9}, 0x18)
r10 = fsmount(0xffffffffffffffff, 0x0, 0x1)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x3, 0xff, 0x4e, 0x54, 0x0, 0x3, 0x89008, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2, @perf_config_ext={0x9de, 0x7ff}, 0x1a, 0x81, 0x800, 0x6, 0x8, 0x4002, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x1, 0xffffffffffffffff, 0x1)
r11 = syz_clone3(&(0x7f0000000480)={0x100002800, &(0x7f0000000140), &(0x7f0000000180), &(0x7f0000000200), {0x2c}, &(0x7f0000000300)=""/71, 0x47, &(0x7f0000000380)=""/232, 0x0, 0x0, {r10}}, 0x58)
ptrace$setregs(0xf, r11, 0xffffffffffff8001, &(0x7f0000000500)="10d8bfaf46c8a26b94f7ca9eefe38aece0176dd3b2279f12242964cb28fba726417b827bc48831de8cf393cd88ddc5cdfc610e10398135fa99ebe47294cf626fec80494d421028f07fce3de6c8312ede3aa9420b41ee4431311fb9b4e587ab167553")
write$UHID_DESTROY(0xffffffffffffffff, &(0x7f0000000080), 0x4)

110.719791ms ago: executing program 6 (id=7809):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newtaction={0x98, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0x84, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000, 0x0, 0x4}, 0x3, r4}}]}, {0x4, 0xa}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_mpls={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0)

72.308774ms ago: executing program 1 (id=7810):
socketpair(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
socket$inet6(0xa, 0x2, 0x3a)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r1, 0x0, 0x0)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

0s ago: executing program 6 (id=7811):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2c, r3, 0x1, 0x70bd2a, 0x0, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}]}]}, 0x2c}}, 0x0)

kernel console output (not intermixed with test programs):

 code=0x7ff00000
[  494.145996][   T29] audit: type=1326 audit(1755526056.796:557529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24957 comm="syz.1.7091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ff00000
[  494.157092][T25021] vhci_hcd: invalid port number 96
[  494.169787][   T29] audit: type=1326 audit(1755526056.796:557530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24957 comm="syz.1.7091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ff00000
[  494.169836][   T29] audit: type=1326 audit(1755526056.796:557531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24957 comm="syz.1.7091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ff00000
[  494.174955][T25021] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  494.177198][T25016] loop0: detected capacity change from 0 to 512
[  494.198887][   T29] audit: type=1326 audit(1755526056.796:557532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24957 comm="syz.1.7091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ff00000
[  494.268646][T25016] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  494.292922][T25016] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  494.309694][T25016] System zones: 1-12
[  494.320203][T25016] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.7110: corrupted in-inode xattr: e_value size too large
[  494.336062][T25016] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7110: couldn't read orphan inode 15 (err -117)
[  494.336823][T25026] loop2: detected capacity change from 0 to 512
[  494.348920][T25016] EXT4-fs mount: 54 callbacks suppressed
[  494.348999][T25016] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  494.397902][T25026] EXT4-fs: Ignoring removed nobh option
[  494.425636][T25026] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.7111: iget: bad i_size value: 38620345925642
[  494.442672][T25016] FAULT_INJECTION: forcing a failure.
[  494.442672][T25016] name failslab, interval 1, probability 0, space 0, times 0
[  494.455924][T25016] CPU: 1 UID: 0 PID: 25016 Comm: syz.0.7110 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  494.455950][T25016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  494.455963][T25016] Call Trace:
[  494.455970][T25016]  <TASK>
[  494.455979][T25016]  __dump_stack+0x1d/0x30
[  494.456004][T25016]  dump_stack_lvl+0xe8/0x140
[  494.456023][T25016]  dump_stack+0x15/0x1b
[  494.456038][T25016]  should_fail_ex+0x265/0x280
[  494.456060][T25016]  should_failslab+0x8c/0xb0
[  494.456118][T25016]  kmem_cache_alloc_noprof+0x50/0x310
[  494.456178][T25016]  ? security_inode_alloc+0x37/0x100
[  494.456262][T25016]  security_inode_alloc+0x37/0x100
[  494.456288][T25016]  inode_init_always_gfp+0x4b7/0x500
[  494.456310][T25016]  ? __pfx_ext4_alloc_inode+0x10/0x10
[  494.456339][T25016]  alloc_inode+0x58/0x170
[  494.456398][T25016]  iget_locked+0xf4/0x5c0
[  494.456418][T25016]  ? selinux_file_open+0x2df/0x330
[  494.456436][T25016]  ? __rcu_read_unlock+0x4f/0x70
[  494.456452][T25016]  ? perf_callchain_user+0xae0/0xb50
[  494.456487][T25016]  __ext4_iget+0x152/0x2240
[  494.456568][T25016]  ? get_perf_callchain+0x456/0x530
[  494.456596][T25016]  ext4_nfs_get_inode+0x32/0xa0
[  494.456618][T25016]  ? __pfx_ext4_nfs_get_inode+0x10/0x10
[  494.456689][T25016]  generic_fh_to_dentry+0x7a/0xa0
[  494.456708][T25016]  ext4_fh_to_dentry+0x2f/0x40
[  494.456726][T25016]  exportfs_decode_fh_raw+0xb7/0x4d0
[  494.456749][T25016]  ? __pfx_vfs_dentry_acceptable+0x10/0x10
[  494.456827][T25016]  ? kstrtouint+0x76/0xc0
[  494.456903][T25016]  do_handle_to_path+0x6c/0xe0
[  494.456930][T25016]  do_handle_open+0x4f3/0x6b0
[  494.456957][T25016]  __x64_sys_open_by_handle_at+0x44/0x50
[  494.457029][T25016]  x64_sys_call+0x279b/0x2ff0
[  494.457047][T25016]  do_syscall_64+0xd2/0x200
[  494.457072][T25016]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  494.457125][T25016]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  494.457176][T25016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.457269][T25016] RIP: 0033:0x7fa7c4cfebe9
[  494.457284][T25016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  494.457299][T25016] RSP: 002b:00007fa7c375f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  494.457315][T25016] RAX: ffffffffffffffda RBX: 00007fa7c4f25fa0 RCX: 00007fa7c4cfebe9
[  494.457325][T25016] RDX: 0000000036f0516f RSI: 0000200000000240 RDI: 0000000000000007
[  494.457336][T25016] RBP: 00007fa7c375f090 R08: 0000000000000000 R09: 0000000000000000
[  494.457347][T25016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  494.457366][T25016] R13: 00007fa7c4f26038 R14: 00007fa7c4f25fa0 R15: 00007ffd06783f58
[  494.457402][T25016]  </TASK>
[  494.579602][T25026] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.7111: couldn't read orphan inode 15 (err -117)
[  494.738125][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  494.757983][T25026] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  494.861379][T25040] loop0: detected capacity change from 0 to 128
[  494.896253][T25046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7111'.
[  494.999104][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.139583][T25063] vhci_hcd: invalid port number 96
[  495.144884][T25063] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  495.236563][T25070] loop2: detected capacity change from 0 to 2048
[  495.272755][T25070] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  495.334332][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.442293][T25078] loop0: detected capacity change from 0 to 512
[  495.470783][T25078] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  495.494477][T25078] EXT4-fs (loop0): 1 truncate cleaned up
[  495.519781][T25078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  495.541300][T25078] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.582128][T25076] loop2: detected capacity change from 0 to 764
[  495.603483][T25076] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  495.634737][T25076] Symlink component flag not implemented
[  495.648311][T25076] Symlink component flag not implemented (7)
[  495.658941][T25065] loop1: detected capacity change from 0 to 1024
[  495.705144][T25065] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  495.719164][T25085] loop0: detected capacity change from 0 to 512
[  495.739517][T25065] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  495.759926][T25085] EXT4-fs: Ignoring removed nobh option
[  495.766884][T25065] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: inode #32: comm syz.1.7122: iget: special inode unallocated
[  495.789937][T25085] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.7128: iget: bad i_size value: 38620345925642
[  495.803246][T25085] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7128: couldn't read orphan inode 15 (err -117)
[  495.825441][T25065] EXT4-fs (loop1): no journal found
[  495.851765][T25085] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  495.923099][T25085] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7128'.
[  495.983500][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.139526][T25097] loop1: detected capacity change from 0 to 512
[  496.149901][T25097] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  496.331562][T25104] loop0: detected capacity change from 0 to 2048
[  496.471234][T25104] EXT4-fs (loop0): failed to initialize system zone (-117)
[  496.506538][T25104] EXT4-fs (loop0): mount failed
[  497.338200][T25097] syz.1.7130 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  497.349225][T25097] CPU: 1 UID: 0 PID: 25097 Comm: syz.1.7130 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  497.349292][T25097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  497.349305][T25097] Call Trace:
[  497.349312][T25097]  <TASK>
[  497.349320][T25097]  __dump_stack+0x1d/0x30
[  497.349342][T25097]  dump_stack_lvl+0xe8/0x140
[  497.349361][T25097]  dump_stack+0x15/0x1b
[  497.349415][T25097]  dump_header+0x81/0x220
[  497.349443][T25097]  oom_kill_process+0x342/0x400
[  497.349475][T25097]  out_of_memory+0x979/0xb80
[  497.349558][T25097]  try_charge_memcg+0x5e6/0x9e0
[  497.349587][T25097]  charge_memcg+0x51/0xc0
[  497.349606][T25097]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  497.349627][T25097]  __read_swap_cache_async+0x1df/0x350
[  497.349757][T25097]  swap_cluster_readahead+0x277/0x3e0
[  497.349800][T25097]  swapin_readahead+0xde/0x6f0
[  497.349828][T25097]  ? __filemap_get_folio+0x4f7/0x6b0
[  497.349894][T25097]  ? swap_cache_get_folio+0x77/0x200
[  497.350003][T25097]  do_swap_page+0x301/0x2430
[  497.350027][T25097]  ? css_rstat_updated+0xb7/0x240
[  497.350132][T25097]  ? __pfx_default_wake_function+0x10/0x10
[  497.350158][T25097]  handle_mm_fault+0x9a5/0x2c20
[  497.350243][T25097]  do_user_addr_fault+0x636/0x1090
[  497.350339][T25097]  ? fpregs_restore_userregs+0xe2/0x1d0
[  497.350370][T25097]  ? switch_fpu_return+0xe/0x20
[  497.350398][T25097]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  497.350556][T25097]  exc_page_fault+0x62/0xa0
[  497.350576][T25097]  asm_exc_page_fault+0x26/0x30
[  497.350593][T25097] RIP: 0033:0x7fa17f13ed29
[  497.350607][T25097] Code: 48 89 3c 25 c0 fe ff ff eb 20 0f 1f 80 00 00 00 00 45 31 c0 31 c9 ba 80 00 00 00 48 89 de bf ca 00 00 00 31 c0 e8 a7 fe 12 00 <8b> 03 85 c0 74 e1 c7 45 08 00 00 00 00 45 84 e4 74 2d 80 3d a3 69
[  497.350626][T25097] RSP: 002b:00007fa17dcb60f0 EFLAGS: 00010286
[  497.350687][T25097] RAX: ffffffffffffffff RBX: 00007fa17f496098 RCX: ffffffffffffffa8
[  497.350698][T25097] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa17f496098
[  497.350709][T25097] RBP: 00007fa17f496090 R08: 0000000000000000 R09: 0000000000000000
[  497.350719][T25097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  497.350729][T25097] R13: 00007fa17f496128 R14: 00007fff8ee07af0 R15: 00007fff8ee07bd8
[  497.350746][T25097]  </TASK>
[  497.570630][T25097] memory: usage 307200kB, limit 307200kB, failcnt 15410
[  497.577896][T25097] memory+swap: usage 307380kB, limit 9007199254740988kB, failcnt 0
[  497.586053][T25097] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[  497.593369][T25097] Memory cgroup stats for /syz1:
[  497.781579][T25110] loop0: detected capacity change from 0 to 128
[  498.008906][T25097] cache 0
[  498.012583][T25097] rss 4096
[  498.015790][T25097] shmem 0
[  498.018744][T25097] mapped_file 0
[  498.022305][T25097] dirty 0
[  498.025238][T25097] writeback 8192
[  498.028764][T25097] workingset_refault_anon 335
[  498.033527][T25097] workingset_refault_file 7247
[  498.038280][T25097] swap 184320
[  498.041581][T25097] swapcached 12288
[  498.045328][T25097] pgpgin 748224
[  498.048779][T25097] pgpgout 748219
[  498.052341][T25097] pgfault 669695
[  498.055908][T25097] pgmajfault 189
[  498.059578][T25097] inactive_anon 12288
[  498.063545][T25097] active_anon 0
[  498.067177][T25097] inactive_file 8192
[  498.071075][T25097] active_file 0
[  498.074633][T25097] unevictable 0
[  498.078096][T25097] hierarchical_memory_limit 314572800
[  498.083486][T25097] hierarchical_memsw_limit 9223372036854771712
[  498.089666][T25097] total_cache 0
[  498.093191][T25097] total_rss 4096
[  498.096726][T25097] total_shmem 0
[  498.100388][T25097] total_mapped_file 0
[  498.104480][T25097] total_dirty 0
[  498.107944][T25097] total_writeback 8192
[  498.112291][T25097] total_workingset_refault_anon 335
[  498.117486][T25097] total_workingset_refault_file 7247
[  498.122812][T25097] total_swap 184320
[  498.126678][T25097] total_swapcached 12288
[  498.130937][T25097] total_pgpgin 748224
[  498.134982][T25097] total_pgpgout 748219
[  498.139040][T25097] total_pgfault 669695
[  498.143124][T25097] total_pgmajfault 189
[  498.147348][T25097] total_inactive_anon 12288
[  498.151858][T25097] total_active_anon 0
[  498.155922][T25097] total_inactive_file 8192
[  498.160340][T25097] total_active_file 0
[  498.164417][T25097] total_unevictable 0
[  498.168441][T25097] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.7130,pid=25089,uid=0
[  498.183447][T25097] Memory cgroup out of memory: Killed process 25089 (syz.1.7130) total-vm:93764kB, anon-rss:944kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  498.492844][T25139] loop0: detected capacity change from 0 to 128
[  499.004041][   T29] kauditd_printk_skb: 6255 callbacks suppressed
[  499.004057][   T29] audit: type=1326 audit(1755526061.806:563787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25160 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa7c4cfd69f code=0x7ffc0000
[  499.043084][T25162] loop0: detected capacity change from 0 to 512
[  499.067181][T25162] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  499.191888][   T29] audit: type=1326 audit(1755526061.846:563788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25160 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fa7c4cfec77 code=0x7ffc0000
[  499.215609][   T29] audit: type=1326 audit(1755526061.846:563789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25160 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa7c4cfd550 code=0x7ffc0000
[  499.239443][   T29] audit: type=1326 audit(1755526061.846:563790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25160 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa7c4cfe7eb code=0x7ffc0000
[  499.263031][   T29] audit: type=1326 audit(1755526061.866:563791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25160 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa7c4cfd84a code=0x7ffc0000
[  499.286524][   T29] audit: type=1326 audit(1755526061.866:563792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25160 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa7c4cfd84a code=0x7ffc0000
[  499.310108][   T29] audit: type=1326 audit(1755526061.866:563793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25160 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fa7c4cfd457 code=0x7ffc0000
[  499.333939][   T29] audit: type=1326 audit(1755526061.866:563794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25160 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fa7c4d0038a code=0x7ffc0000
[  499.357634][   T29] audit: type=1326 audit(1755526061.906:563795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25160 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa7c4cfd550 code=0x7ffc0000
[  499.381564][   T29] audit: type=1326 audit(1755526061.906:563796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25160 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa7c4cfe7eb code=0x7ffc0000
[  499.635085][T25121] loop2: detected capacity change from 0 to 1024
[  499.651548][T25121] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  499.673378][T25121] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  499.730097][T25121] EXT4-fs error (device loop2): ext4_get_journal_inode:5796: inode #32: comm syz.2.7140: iget: special inode unallocated
[  499.773468][T25121] EXT4-fs (loop2): no journal found
[  499.896062][T25168] loop1: detected capacity change from 0 to 128
[  500.123506][T25178] loop5: detected capacity change from 0 to 1024
[  500.160468][T25178] journal_path: Non-blockdev passed as './bus'
[  500.166650][T25178] EXT4-fs: error: could not find journal device path
[  500.310233][T25183] vhci_hcd: invalid port number 96
[  500.315471][T25183] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  500.392064][T25186] vhci_hcd: invalid port number 96
[  500.397336][T25186] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  500.712417][T25175] loop6: detected capacity change from 0 to 1024
[  500.745584][T25175] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  500.779528][T25206] loop1: detected capacity change from 0 to 2048
[  500.797998][T25175] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  500.835726][T25175] EXT4-fs error (device loop6): ext4_get_journal_inode:5796: inode #32: comm syz.6.7158: iget: special inode unallocated
[  500.935195][T25175] EXT4-fs (loop6): no journal found
[  501.204275][T25206] EXT4-fs (loop1): failed to initialize system zone (-117)
[  501.293499][T25206] EXT4-fs (loop1): mount failed
[  501.534654][T25217] loop6: detected capacity change from 0 to 2048
[  501.620421][T25217] EXT4-fs (loop6): failed to initialize system zone (-117)
[  501.666573][T25217] EXT4-fs (loop6): mount failed
[  501.950790][T25223] loop6: detected capacity change from 0 to 2048
[  501.990933][T25225] loop1: detected capacity change from 0 to 512
[  502.041662][T25225] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  502.063129][T25223] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  502.131406][T25225] EXT4-fs (loop1): 1 truncate cleaned up
[  502.165080][T25225] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  502.183283][T25225] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  502.312956][T25246] loop5: detected capacity change from 0 to 512
[  502.329965][T25246] EXT4-fs: Ignoring removed nobh option
[  502.351211][T25246] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.7183: iget: bad i_size value: 38620345925642
[  502.371476][T25248] loop1: detected capacity change from 0 to 2048
[  502.397792][T25246] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.7183: couldn't read orphan inode 15 (err -117)
[  502.420395][T25248] EXT4-fs (loop1): failed to initialize system zone (-117)
[  502.428567][T25246] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  502.438215][T25248] EXT4-fs (loop1): mount failed
[  502.520077][T25246] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7183'.
[  502.544019][T21914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  502.555365][T19922] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  502.734892][T25292] loop1: detected capacity change from 0 to 128
[  502.771551][T25297] 9pnet: Unknown protocol version 9p200
[  503.930228][T25314] loop2: detected capacity change from 0 to 128
[  503.967295][T25316] loop6: detected capacity change from 0 to 512
[  504.023589][T25316] EXT4-fs: Ignoring removed nobh option
[  504.040121][T25316] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.7206: iget: bad i_size value: 38620345925642
[  504.062836][T25321] loop2: detected capacity change from 0 to 2048
[  504.072320][T25316] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.7206: couldn't read orphan inode 15 (err -117)
[  504.091373][T25316] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  504.108444][T25321] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  504.109519][T25316] FAULT_INJECTION: forcing a failure.
[  504.109519][T25316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  504.134301][T25316] CPU: 0 UID: 0 PID: 25316 Comm: syz.6.7206 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  504.134333][T25316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  504.134383][T25316] Call Trace:
[  504.134391][T25316]  <TASK>
[  504.134400][T25316]  __dump_stack+0x1d/0x30
[  504.134423][T25316]  dump_stack_lvl+0xe8/0x140
[  504.134442][T25316]  dump_stack+0x15/0x1b
[  504.134460][T25316]  should_fail_ex+0x265/0x280
[  504.134480][T25316]  should_fail+0xb/0x20
[  504.134516][T25316]  should_fail_usercopy+0x1a/0x20
[  504.134619][T25316]  _copy_to_user+0x20/0xa0
[  504.134647][T25316]  simple_read_from_buffer+0xb5/0x130
[  504.134669][T25316]  proc_fail_nth_read+0x10e/0x150
[  504.134727][T25316]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  504.134752][T25316]  vfs_read+0x1a8/0x770
[  504.134772][T25316]  ? __fput+0x555/0x650
[  504.134918][T25316]  ? __rcu_read_unlock+0x4f/0x70
[  504.134941][T25316]  ? __fget_files+0x184/0x1c0
[  504.135008][T25316]  ksys_read+0xda/0x1a0
[  504.135032][T25316]  __x64_sys_read+0x40/0x50
[  504.135055][T25316]  x64_sys_call+0x27bc/0x2ff0
[  504.135077][T25316]  do_syscall_64+0xd2/0x200
[  504.135141][T25316]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  504.135165][T25316]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  504.135194][T25316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.135216][T25316] RIP: 0033:0x7f7deda5d5fc
[  504.135243][T25316] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  504.135329][T25316] RSP: 002b:00007f7dec4c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  504.135349][T25316] RAX: ffffffffffffffda RBX: 00007f7dedc85fa0 RCX: 00007f7deda5d5fc
[  504.135363][T25316] RDX: 000000000000000f RSI: 00007f7dec4c70a0 RDI: 0000000000000006
[  504.135376][T25316] RBP: 00007f7dec4c7090 R08: 0000000000000000 R09: 0000000000000000
[  504.135388][T25316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.135401][T25316] R13: 00007f7dedc86038 R14: 00007f7dedc85fa0 R15: 00007ffceb1d55c8
[  504.135419][T25316]  </TASK>
[  504.390835][T21914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.416934][T25327] vhci_hcd: invalid port number 96
[  504.422103][T25327] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  504.436463][   T29] kauditd_printk_skb: 9566 callbacks suppressed
[  504.436550][   T29] audit: type=1326 audit(1755526067.236:573363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25333 comm="syz.1.7210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  504.466949][   T29] audit: type=1326 audit(1755526067.236:573364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25333 comm="syz.1.7210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  504.523683][T25348] 9pnet: Unknown protocol version 9p200
[  504.528629][   T29] audit: type=1326 audit(1755526067.296:573365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25333 comm="syz.1.7210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  504.553005][   T29] audit: type=1326 audit(1755526067.296:573366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25333 comm="syz.1.7210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  504.577359][   T29] audit: type=1326 audit(1755526067.296:573367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25333 comm="syz.1.7210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  504.606115][T25347] loop6: detected capacity change from 0 to 128
[  504.677999][T25352] loop1: detected capacity change from 0 to 512
[  504.705537][T25350] loop0: detected capacity change from 0 to 2048
[  504.728270][T25352] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  504.747397][T25350] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  504.763080][T25352] EXT4-fs (loop1): 1 truncate cleaned up
[  504.769071][T25352] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  504.784357][T25352] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.831258][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.922027][T25365] loop2: detected capacity change from 0 to 2048
[  504.966561][T25365] EXT4-fs (loop2): failed to initialize system zone (-117)
[  504.984274][T25365] EXT4-fs (loop2): mount failed
[  505.008038][T25374] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7222'.
[  505.032813][T25376] loop1: detected capacity change from 0 to 512
[  505.078654][T25376] EXT4-fs: Ignoring removed nobh option
[  505.112102][T25376] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.7224: iget: bad i_size value: 38620345925642
[  505.126502][T25376] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.7224: couldn't read orphan inode 15 (err -117)
[  505.140869][T25376] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.207421][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.255770][T25394] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7224'.
[  505.271387][T25393] FAULT_INJECTION: forcing a failure.
[  505.271387][T25393] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  505.284532][T25393] CPU: 0 UID: 0 PID: 25393 Comm: syz.5.7230 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  505.284558][T25393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  505.284569][T25393] Call Trace:
[  505.284575][T25393]  <TASK>
[  505.284600][T25393]  __dump_stack+0x1d/0x30
[  505.284619][T25393]  dump_stack_lvl+0xe8/0x140
[  505.284635][T25393]  dump_stack+0x15/0x1b
[  505.284651][T25393]  should_fail_ex+0x265/0x280
[  505.284742][T25393]  should_fail+0xb/0x20
[  505.284833][T25393]  should_fail_usercopy+0x1a/0x20
[  505.284855][T25393]  _copy_to_iter+0x24b/0xe30
[  505.284880][T25393]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  505.284982][T25393]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  505.285008][T25393]  __skb_datagram_iter+0xc6/0x690
[  505.285101][T25393]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  505.285122][T25393]  skb_copy_datagram_iter+0x3d/0x110
[  505.285141][T25393]  netlink_recvmsg+0x1a8/0x550
[  505.285181][T25393]  ? __pfx_netlink_recvmsg+0x10/0x10
[  505.285202][T25393]  sock_recvmsg+0x139/0x170
[  505.285226][T25393]  ____sys_recvmsg+0xf5/0x280
[  505.285270][T25393]  ___sys_recvmsg+0x11f/0x370
[  505.285398][T25393]  do_recvmmsg+0x1ef/0x540
[  505.285420][T25393]  ? get_timespec64+0xc9/0x100
[  505.285438][T25393]  __x64_sys_recvmmsg+0xfb/0x170
[  505.285458][T25393]  x64_sys_call+0x27a6/0x2ff0
[  505.285548][T25393]  do_syscall_64+0xd2/0x200
[  505.285632][T25393]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  505.285656][T25393]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  505.285681][T25393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.285698][T25393] RIP: 0033:0x7f30d266ebe9
[  505.285714][T25393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.285730][T25393] RSP: 002b:00007f30d10ae038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  505.285748][T25393] RAX: ffffffffffffffda RBX: 00007f30d2896090 RCX: 00007f30d266ebe9
[  505.285759][T25393] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  505.285771][T25393] RBP: 00007f30d10ae090 R08: 0000200000003700 R09: 0000000000000000
[  505.285809][T25393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  505.285822][T25393] R13: 00007f30d2896128 R14: 00007f30d2896090 R15: 00007ffeae84b128
[  505.285839][T25393]  </TASK>
[  505.539531][T25400] loop0: detected capacity change from 0 to 2048
[  505.612720][T25400] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  505.823353][T25406] loop5: detected capacity change from 0 to 512
[  505.859630][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.863012][T25406] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  505.891068][T25406] EXT4-fs (loop5): 1 truncate cleaned up
[  505.914804][T25406] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  505.978264][T25406] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.034545][T25411] loop1: detected capacity change from 0 to 512
[  506.056810][T25411] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  506.079613][T25411] EXT4-fs (loop1): orphan cleanup on readonly fs
[  506.086158][T25411] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.7235: Block bitmap for bg 0 marked uninitialized
[  506.102235][T25397] loop6: detected capacity change from 0 to 1024
[  506.122643][T25397] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  506.124089][T25417] loop5: detected capacity change from 0 to 2048
[  506.132742][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.153187][T25411] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  506.153882][T25397] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  506.181417][T25417] EXT4-fs (loop5): failed to initialize system zone (-117)
[  506.188656][T25417] EXT4-fs (loop5): mount failed
[  506.194341][T25411] EXT4-fs (loop1): 1 orphan inode deleted
[  506.201819][T25411] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  506.218420][T25397] EXT4-fs error (device loop6): ext4_get_journal_inode:5796: inode #32: comm syz.6.7232: iget: special inode unallocated
[  506.242069][T25411] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  506.259353][T25397] EXT4-fs (loop6): no journal found
[  506.264937][T25411] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  506.284428][T25411] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:517: comm syz.1.7235: Block bitmap for bg 0 marked uninitialized
[  506.298474][   T29] audit: type=1400 audit(1755526069.086:573368): avc:  denied  { setopt } for  pid=25410 comm="syz.1.7235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  506.494718][   T29] audit: type=1326 audit(1755526069.296:573369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25433 comm="syz.2.7242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a3e7ebe9 code=0x7ffc0000
[  506.495472][   T29] audit: type=1326 audit(1755526069.296:573370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25433 comm="syz.2.7242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f15a3e7ebe9 code=0x7ffc0000
[  506.495671][   T29] audit: type=1326 audit(1755526069.296:573371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25433 comm="syz.2.7242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a3e7ebe9 code=0x7ffc0000
[  506.577798][T25436] loop2: detected capacity change from 0 to 512
[  506.609459][T25436] EXT4-fs: Ignoring removed nobh option
[  506.620912][T25436] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.7243: iget: bad i_size value: 38620345925642
[  506.621092][T25436] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.7243: couldn't read orphan inode 15 (err -117)
[  506.626002][T25436] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  506.713261][T25439] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7243'.
[  506.797950][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.303476][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.934416][T25461] loop1: detected capacity change from 0 to 512
[  507.974506][T25459] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7249'.
[  507.987768][T25461] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  508.031036][T25461] EXT4-fs (loop1): 1 truncate cleaned up
[  508.036975][T25461] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  508.077719][T25466] loop0: detected capacity change from 0 to 512
[  508.078081][T25461] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  508.106353][T25466] EXT4-fs: Ignoring removed nobh option
[  508.148712][T25466] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.7252: iget: bad i_size value: 38620345925642
[  508.151110][T25472] 9pnet: Unknown protocol version 9p200
[  508.191329][T25466] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7252: couldn't read orphan inode 15 (err -117)
[  508.252396][T25466] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  508.355354][T25466] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7252'.
[  508.396117][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  508.408107][T25484] loop6: detected capacity change from 0 to 512
[  508.435521][T25484] EXT4-fs: Ignoring removed nobh option
[  508.457709][T25486] loop0: detected capacity change from 0 to 2048
[  508.465397][T25484] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.7258: iget: bad i_size value: 38620345925642
[  508.499785][T25486] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  508.519639][T25484] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.7258: couldn't read orphan inode 15 (err -117)
[  508.546266][T25484] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  508.594244][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  508.636889][   T29] audit: type=1400 audit(1755526071.436:573372): avc:  denied  { nlmsg_read } for  pid=25492 comm="syz.0.7260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  508.636920][T25493] netlink: 272 bytes leftover after parsing attributes in process `syz.0.7260'.
[  508.708891][T25484] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7258'.
[  508.721811][T25476] loop5: detected capacity change from 0 to 1024
[  508.728746][T25476] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  508.741156][T25476] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  508.752185][T25476] EXT4-fs error (device loop5): ext4_get_journal_inode:5796: inode #32: comm syz.5.7256: iget: special inode unallocated
[  508.766496][T25476] EXT4-fs (loop5): no journal found
[  508.788968][T21914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  508.888651][T25505] loop0: detected capacity change from 0 to 512
[  508.906635][T25505] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  508.986664][T25511] loop5: detected capacity change from 0 to 512
[  509.055473][T25511] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.7268: bg 0: block 248: padding at end of block bitmap is not set
[  509.095649][T25511] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.7268: Failed to acquire dquot type 1
[  509.138389][T25511] EXT4-fs (loop5): 1 truncate cleaned up
[  509.166731][T25511] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  509.207887][T25511] ext4 filesystem being mounted at /325/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  509.254971][T25518] loop1: detected capacity change from 0 to 128
[  509.320810][T19922] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  509.340553][ T3440] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  509.370810][T25520] loop1: detected capacity change from 0 to 512
[  509.389972][T25520] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  509.408370][T25522] loop6: detected capacity change from 0 to 2048
[  509.425042][T25520] EXT4-fs (loop1): 1 truncate cleaned up
[  509.435901][T25520] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  509.439487][   T29] kauditd_printk_skb: 2642 callbacks suppressed
[  509.439499][   T29] audit: type=1326 audit(1755526072.236:576012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25504 comm="syz.0.7265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ff00000
[  509.478233][   T29] audit: type=1326 audit(1755526072.236:576013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25504 comm="syz.0.7265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ff00000
[  509.502315][   T29] audit: type=1326 audit(1755526072.236:576014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25504 comm="syz.0.7265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ff00000
[  509.526472][   T29] audit: type=1326 audit(1755526072.236:576015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25504 comm="syz.0.7265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ff00000
[  509.550877][   T29] audit: type=1326 audit(1755526072.236:576016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25504 comm="syz.0.7265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ff00000
[  509.574734][   T29] audit: type=1326 audit(1755526072.236:576017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25504 comm="syz.0.7265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ff00000
[  509.598432][   T29] audit: type=1326 audit(1755526072.236:576018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25504 comm="syz.0.7265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ff00000
[  509.617826][T25520] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  509.622219][   T29] audit: type=1326 audit(1755526072.236:576019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25504 comm="syz.0.7265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ff00000
[  509.654791][   T29] audit: type=1326 audit(1755526072.236:576020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25504 comm="syz.0.7265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ff00000
[  509.678765][   T29] audit: type=1326 audit(1755526072.236:576021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25504 comm="syz.0.7265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ff00000
[  509.723438][T25522] EXT4-fs (loop6): failed to initialize system zone (-117)
[  509.730829][T25522] EXT4-fs (loop6): mount failed
[  509.874523][T25538] loop6: detected capacity change from 0 to 2048
[  509.892573][T25538] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  509.925911][T25540] loop1: detected capacity change from 0 to 2048
[  509.933424][T25544] capability: warning: `syz.5.7275' uses 32-bit capabilities (legacy support in use)
[  509.984169][T25546] netlink: 'syz.5.7275': attribute type 21 has an invalid length.
[  509.985255][T25540] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  509.992094][T25546] netlink: 128 bytes leftover after parsing attributes in process `syz.5.7275'.
[  510.017916][T25546] netlink: 'syz.5.7275': attribute type 5 has an invalid length.
[  510.025818][T25546] netlink: 'syz.5.7275': attribute type 6 has an invalid length.
[  510.033656][T25546] netlink: 3 bytes leftover after parsing attributes in process `syz.5.7275'.
[  510.251894][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  510.383714][T25554] loop1: detected capacity change from 0 to 512
[  510.422721][T25554] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.7282: bg 0: block 248: padding at end of block bitmap is not set
[  510.449787][T21914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  510.453316][T25554] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.7282: Failed to acquire dquot type 1
[  510.490947][T25554] EXT4-fs (loop1): 1 truncate cleaned up
[  510.732351][T25562] loop5: detected capacity change from 0 to 2048
[  510.799234][T25562] EXT4-fs (loop5): failed to initialize system zone (-117)
[  510.810545][T25562] EXT4-fs (loop5): mount failed
[  511.460658][T25554] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  511.483433][T25554] ext4 filesystem being mounted at /336/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  511.509126][T25568] loop5: detected capacity change from 0 to 2048
[  511.563245][T25568] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  511.593181][T25568] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7286'.
[  511.631023][T19922] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.641651][T25574] FAULT_INJECTION: forcing a failure.
[  511.641651][T25574] name failslab, interval 1, probability 0, space 0, times 0
[  511.654309][T25574] CPU: 0 UID: 0 PID: 25574 Comm: syz.6.7287 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  511.654445][T25574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  511.654455][T25574] Call Trace:
[  511.654461][T25574]  <TASK>
[  511.654468][T25574]  __dump_stack+0x1d/0x30
[  511.654568][T25574]  dump_stack_lvl+0xe8/0x140
[  511.654585][T25574]  dump_stack+0x15/0x1b
[  511.654598][T25574]  should_fail_ex+0x265/0x280
[  511.654618][T25574]  should_failslab+0x8c/0xb0
[  511.654723][T25574]  kmem_cache_alloc_noprof+0x50/0x310
[  511.654751][T25574]  ? skb_clone+0x151/0x1f0
[  511.654792][T25574]  skb_clone+0x151/0x1f0
[  511.654809][T25574]  __netlink_deliver_tap+0x2c9/0x500
[  511.654830][T25574]  netlink_unicast+0x66b/0x690
[  511.654859][T25574]  netlink_sendmsg+0x58b/0x6b0
[  511.654879][T25574]  ? __pfx_netlink_sendmsg+0x10/0x10
[  511.655003][T25574]  __sock_sendmsg+0x142/0x180
[  511.655031][T25574]  ____sys_sendmsg+0x31e/0x4e0
[  511.655056][T25574]  ___sys_sendmsg+0x17b/0x1d0
[  511.655090][T25574]  __x64_sys_sendmsg+0xd4/0x160
[  511.655116][T25574]  x64_sys_call+0x191e/0x2ff0
[  511.655135][T25574]  do_syscall_64+0xd2/0x200
[  511.655157][T25574]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  511.655252][T25574]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  511.655358][T25574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.655379][T25574] RIP: 0033:0x7f7deda5ebe9
[  511.655392][T25574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.655406][T25574] RSP: 002b:00007f7dec485038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  511.655447][T25574] RAX: ffffffffffffffda RBX: 00007f7dedc86180 RCX: 00007f7deda5ebe9
[  511.655459][T25574] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  511.655469][T25574] RBP: 00007f7dec485090 R08: 0000000000000000 R09: 0000000000000000
[  511.655480][T25574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  511.655491][T25574] R13: 00007f7dedc86218 R14: 00007f7dedc86180 R15: 00007ffceb1d55c8
[  511.655534][T25574]  </TASK>
[  511.931555][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.950475][T25581] loop5: detected capacity change from 0 to 512
[  512.051129][T25581] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  512.071583][ T3440] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  512.072614][T25581] EXT4-fs (loop5): 1 truncate cleaned up
[  512.089196][T25581] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  512.896608][T25581] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  513.054200][T25595] loop2: detected capacity change from 0 to 512
[  513.090686][T25597] loop0: detected capacity change from 0 to 512
[  513.128734][T25597] EXT4-fs: Ignoring removed nobh option
[  513.153380][T25595] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7294: bg 0: block 248: padding at end of block bitmap is not set
[  513.200279][T25595] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.7294: Failed to acquire dquot type 1
[  513.214292][T25595] EXT4-fs (loop2): 1 truncate cleaned up
[  513.221502][T25595] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  513.234595][T25595] ext4 filesystem being mounted at /254/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  513.246740][T25597] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.7295: iget: bad i_size value: 38620345925642
[  513.260815][T25597] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7295: couldn't read orphan inode 15 (err -117)
[  513.285901][T25597] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  513.314664][T25597] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7295'.
[  513.358061][T25606] loop5: detected capacity change from 0 to 128
[  513.505195][T25609] loop5: detected capacity change from 0 to 512
[  513.520901][T25609] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  513.973037][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  513.983742][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  514.002338][  T159] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  514.614330][   T29] kauditd_printk_skb: 13097 callbacks suppressed
[  514.620722][   T29] audit: type=1326 audit(1755526076.856:589034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25607 comm="syz.5.7300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ff00000
[  514.649862][   T29] audit: type=1326 audit(1755526077.416:589114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25607 comm="syz.5.7300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ff00000
[  514.673608][   T29] audit: type=1326 audit(1755526077.456:589115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25607 comm="syz.5.7300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ff00000
[  514.697466][   T29] audit: type=1326 audit(1755526077.456:589116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25607 comm="syz.5.7300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ff00000
[  514.721192][   T29] audit: type=1326 audit(1755526077.456:589117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25607 comm="syz.5.7300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ff00000
[  514.744957][   T29] audit: type=1326 audit(1755526077.456:589118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25607 comm="syz.5.7300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ff00000
[  514.768842][   T29] audit: type=1326 audit(1755526077.456:589119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25607 comm="syz.5.7300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ff00000
[  514.792494][   T29] audit: type=1326 audit(1755526077.456:589120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25607 comm="syz.5.7300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ff00000
[  514.816163][   T29] audit: type=1326 audit(1755526077.456:589121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25607 comm="syz.5.7300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ff00000
[  514.839905][   T29] audit: type=1326 audit(1755526077.456:589122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25607 comm="syz.5.7300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ff00000
[  515.222938][T25633] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7298'.
[  515.411123][T25633] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[  515.420536][T25633] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[  515.469049][T25638] vhci_hcd: invalid port number 96
[  515.474857][T25638] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  516.753301][T25656] loop1: detected capacity change from 0 to 2048
[  516.816521][T25656] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  516.987835][T25675] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7319'.
[  517.113185][T25678] loop6: detected capacity change from 0 to 512
[  517.158122][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  517.178159][T25678] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  517.333604][T25683] loop1: detected capacity change from 0 to 2048
[  517.372777][T25683] EXT4-fs (loop1): failed to initialize system zone (-117)
[  517.382812][T25687] loop0: detected capacity change from 0 to 512
[  517.396811][T25687] EXT4-fs: Ignoring removed nobh option
[  517.419505][T25687] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.7324: iget: bad i_size value: 38620345925642
[  517.439261][T25683] EXT4-fs (loop1): mount failed
[  517.442589][T25687] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7324: couldn't read orphan inode 15 (err -117)
[  517.472213][T25687] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  517.478353][T25685] loop5: detected capacity change from 0 to 128
[  517.597603][T25687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7324'.
[  517.637295][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  517.732670][T25696] loop6: detected capacity change from 0 to 764
[  517.760376][T25696] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  517.776223][T25701] loop1: detected capacity change from 0 to 764
[  517.805712][T25701] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  517.824119][T25709] loop0: detected capacity change from 0 to 512
[  517.850417][T25709] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  518.056569][T25713] loop5: detected capacity change from 0 to 2048
[  518.251232][T20418] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  518.262161][T20418] CPU: 0 UID: 0 PID: 20418 Comm: syz-executor Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  518.262187][T20418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  518.262200][T20418] Call Trace:
[  518.262207][T20418]  <TASK>
[  518.262215][T20418]  __dump_stack+0x1d/0x30
[  518.262295][T20418]  dump_stack_lvl+0xe8/0x140
[  518.262313][T20418]  dump_stack+0x15/0x1b
[  518.262326][T20418]  dump_header+0x81/0x220
[  518.262354][T20418]  oom_kill_process+0x342/0x400
[  518.262398][T20418]  out_of_memory+0x979/0xb80
[  518.262459][T20418]  try_charge_memcg+0x5e6/0x9e0
[  518.262483][T20418]  charge_memcg+0x51/0xc0
[  518.262523][T20418]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  518.262545][T20418]  __read_swap_cache_async+0x1df/0x350
[  518.262637][T20418]  swap_cluster_readahead+0x277/0x3e0
[  518.262671][T20418]  swapin_readahead+0xde/0x6f0
[  518.262697][T20418]  ? __filemap_get_folio+0x4f7/0x6b0
[  518.262724][T20418]  ? ktime_get+0x1eb/0x210
[  518.262806][T20418]  ? swap_cache_get_folio+0x77/0x200
[  518.262849][T20418]  do_swap_page+0x301/0x2430
[  518.262872][T20418]  ? finish_task_switch+0xad/0x2b0
[  518.262894][T20418]  ? __pfx_default_wake_function+0x10/0x10
[  518.262914][T20418]  handle_mm_fault+0x9a5/0x2c20
[  518.263019][T20418]  do_user_addr_fault+0x636/0x1090
[  518.263047][T20418]  ? fpregs_restore_userregs+0xe2/0x1d0
[  518.263071][T20418]  ? switch_fpu_return+0xe/0x20
[  518.263094][T20418]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  518.263165][T20418]  exc_page_fault+0x62/0xa0
[  518.263336][T20418]  asm_exc_page_fault+0x26/0x30
[  518.263357][T20418] RIP: 0033:0x7fa7c4d31465
[  518.263372][T20418] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d fe 70 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  518.263390][T20418] RSP: 002b:00007ffd06784298 EFLAGS: 00010246
[  518.263441][T20418] RAX: 0000000000000000 RBX: 00000000000002d9 RCX: 00007fa7c4d31463
[  518.263455][T20418] RDX: 00007ffd067842b0 RSI: 0000000000000000 RDI: 0000000000000000
[  518.263508][T20418] RBP: 00007ffd0678431c R08: 000000000c5b8ac3 R09: 0000000000000000
[  518.263518][T20418] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  518.263528][T20418] R13: 00000000000927c0 R14: 000000000007e74e R15: 00007ffd06784370
[  518.263543][T20418]  </TASK>
[  518.263581][T20418] memory: usage 307200kB, limit 307200kB, failcnt 16830
[  518.495693][T20418] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0
[  518.503682][T20418] kmem: usage 307072kB, limit 9007199254740988kB, failcnt 0
[  518.511026][T20418] Memory cgroup stats for /syz0:
[  518.532676][T25720] loop6: detected capacity change from 0 to 512
[  518.570992][T25720] EXT4-fs: Ignoring removed nobh option
[  518.608330][T25720] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.7332: iget: bad i_size value: 38620345925642
[  518.650418][T20418] cache 0
[  518.653430][T20418] rss 12288
[  518.656600][T20418] shmem 0
[  518.659652][T20418] mapped_file 0
[  518.663107][T20418] dirty 0
[  518.663115][T20418] writeback 8192
[  518.663122][T20418] workingset_refault_anon 300
[  518.674411][T20418] workingset_refault_file 10670
[  518.676411][T25720] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.7332: couldn't read orphan inode 15 (err -117)
[  518.679386][T20418] swap 172032
[  518.679394][T20418] swapcached 20480
[  518.679482][T20418] pgpgin 831403
[  518.679489][T20418] pgpgout 831395
[  518.679496][T20418] pgfault 765052
[  518.679502][T20418] pgmajfault 209
[  518.710254][T25726] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7333'.
[  518.712678][T20418] inactive_anon 12288
[  518.725538][T20418] active_anon 12288
[  518.729495][T20418] inactive_file 4096
[  518.733411][T20418] active_file 0
[  518.736889][T20418] unevictable 0
[  518.740377][T20418] hierarchical_memory_limit 314572800
[  518.745749][T20418] hierarchical_memsw_limit 9223372036854771712
[  518.751938][T20418] total_cache 0
[  518.755386][T20418] total_rss 12288
[  518.759043][T20418] total_shmem 0
[  518.762540][T20418] total_mapped_file 0
[  518.766593][T20418] total_dirty 0
[  518.770152][T20418] total_writeback 8192
[  518.774292][T20418] total_workingset_refault_anon 300
[  518.779526][T20418] total_workingset_refault_file 10670
[  518.784908][T20418] total_swap 172032
[  518.788754][T20418] total_swapcached 20480
[  518.793030][T20418] total_pgpgin 831403
[  518.796997][T20418] total_pgpgout 831395
[  518.801112][T20418] total_pgfault 765052
[  518.805273][T20418] total_pgmajfault 209
[  518.809339][T20418] total_inactive_anon 12288
[  518.814042][T20418] total_active_anon 12288
[  518.818357][T20418] total_inactive_file 4096
[  518.822815][T20418] total_active_file 0
[  518.826785][T20418] total_unevictable 0
[  518.830776][T20418] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.7329,pid=25706,uid=0
[  518.845671][T20418] Memory cgroup out of memory: Killed process 25706 (syz.0.7329) total-vm:93764kB, anon-rss:1072kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  518.883588][T25720] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7332'.
[  518.928365][T25730] loop1: detected capacity change from 0 to 512
[  518.935859][T25730] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  518.946049][T25735] loop5: detected capacity change from 0 to 128
[  518.977977][T25730] EXT4-fs (loop1): 1 truncate cleaned up
[  518.988759][T25739] 9pnet: Unknown protocol version 9p2
[  518.997788][T25738] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7336'.
[  519.145512][T25749] loop6: detected capacity change from 0 to 512
[  519.190265][T25749] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.7342: bg 0: block 248: padding at end of block bitmap is not set
[  519.215459][T25749] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.7342: Failed to acquire dquot type 1
[  519.227559][T25749] EXT4-fs (loop6): 1 truncate cleaned up
[  519.234282][T25755] netlink: 'syz.0.7344': attribute type 10 has an invalid length.
[  519.242747][T25749] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  519.311365][ T3440] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  519.323869][T25745] loop1: detected capacity change from 0 to 764
[  519.340685][T25745] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  519.366230][T25751] loop5: detected capacity change from 0 to 764
[  519.423700][T25751] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  519.587254][T25765] loop6: detected capacity change from 0 to 2048
[  519.610918][T25765] EXT4-fs (loop6): failed to initialize system zone (-117)
[  519.618222][T25765] EXT4-fs (loop6): mount failed
[  519.673063][T25771] 9pnet: Unknown protocol version 9p200
[  519.924976][T25794] netlink: 272 bytes leftover after parsing attributes in process `syz.2.7358'.
[  519.936259][T25794] 9pnet_fd: Insufficient options for proto=fd
[  520.096994][T25804] vhci_hcd: invalid port number 96
[  520.102328][T25804] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  520.237352][T25808] loop2: detected capacity change from 0 to 2048
[  520.551016][T25808] EXT4-fs (loop2): failed to initialize system zone (-117)
[  520.568214][T25808] EXT4-fs (loop2): mount failed
[  520.657781][T25835] netlink: 272 bytes leftover after parsing attributes in process `syz.2.7371'.
[  520.660217][T25831] loop5: detected capacity change from 0 to 128
[  520.670970][T25835] 9pnet_fd: Insufficient options for proto=fd
[  520.816603][T25827] loop1: detected capacity change from 0 to 764
[  520.832818][T25827] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  520.885500][T25837] loop6: detected capacity change from 0 to 764
[  520.905657][T25837] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  520.928656][T25837] Symlink component flag not implemented
[  520.936490][T25837] Symlink component flag not implemented (7)
[  521.050631][T25858] loop5: detected capacity change from 0 to 2048
[  521.060798][T25858] EXT4-fs (loop5): failed to initialize system zone (-117)
[  521.074474][T25864] FAULT_INJECTION: forcing a failure.
[  521.074474][T25864] name failslab, interval 1, probability 0, space 0, times 0
[  521.076498][T25858] EXT4-fs (loop5): mount failed
[  521.087149][T25864] CPU: 0 UID: 0 PID: 25864 Comm: syz.0.7382 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  521.087173][T25864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  521.087184][T25864] Call Trace:
[  521.087191][T25864]  <TASK>
[  521.087234][T25864]  __dump_stack+0x1d/0x30
[  521.087256][T25864]  dump_stack_lvl+0xe8/0x140
[  521.087274][T25864]  dump_stack+0x15/0x1b
[  521.087288][T25864]  should_fail_ex+0x265/0x280
[  521.087316][T25864]  should_failslab+0x8c/0xb0
[  521.087356][T25864]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  521.087383][T25864]  ? __d_alloc+0x3d/0x340
[  521.087410][T25864]  __d_alloc+0x3d/0x340
[  521.087436][T25864]  d_alloc_pseudo+0x1e/0x80
[  521.087553][T25864]  alloc_file_pseudo+0x71/0x160
[  521.087593][T25864]  anon_inode_getfile+0xa0/0x120
[  521.087623][T25864]  bpf_link_prime+0xfc/0x1d0
[  521.087646][T25864]  tcx_link_attach+0xf9/0x5e0
[  521.087696][T25864]  link_create+0x546/0x6e0
[  521.087725][T25864]  __sys_bpf+0x61d/0x7b0
[  521.087756][T25864]  __x64_sys_bpf+0x41/0x50
[  521.087816][T25864]  x64_sys_call+0x2aea/0x2ff0
[  521.087836][T25864]  do_syscall_64+0xd2/0x200
[  521.087866][T25864]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  521.087907][T25864]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  521.087979][T25864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.087999][T25864] RIP: 0033:0x7fa7c4cfebe9
[  521.088014][T25864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.088032][T25864] RSP: 002b:00007fa7c375f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  521.088079][T25864] RAX: ffffffffffffffda RBX: 00007fa7c4f25fa0 RCX: 00007fa7c4cfebe9
[  521.088092][T25864] RDX: 0000000000000020 RSI: 0000200000000280 RDI: 000000000000001c
[  521.088104][T25864] RBP: 00007fa7c375f090 R08: 0000000000000000 R09: 0000000000000000
[  521.088116][T25864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  521.088187][T25864] R13: 00007fa7c4f26038 R14: 00007fa7c4f25fa0 R15: 00007ffd06783f58
[  521.088205][T25864]  </TASK>
[  521.133708][T25868] loop0: detected capacity change from 0 to 512
[  521.333248][T25870] loop5: detected capacity change from 0 to 2048
[  521.354453][T25868] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.7384: bg 0: block 248: padding at end of block bitmap is not set
[  521.377417][T25868] __quota_error: 8668 callbacks suppressed
[  521.377433][T25868] Quota error (device loop0): write_blk: dquota write failed
[  521.390742][T25868] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  521.402685][T25868] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.7384: Failed to acquire dquot type 1
[  521.415319][T25868] EXT4-fs (loop0): 1 truncate cleaned up
[  521.418569][   T29] audit: type=1326 audit(1755526084.216:597788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25876 comm="syz.1.7386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  521.445618][T25868] ext4 filesystem being mounted at /308/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  521.485699][   T29] audit: type=1326 audit(1755526084.256:597789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25876 comm="syz.1.7386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  521.509683][   T29] audit: type=1326 audit(1755526084.256:597790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25876 comm="syz.1.7386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  521.533398][   T29] audit: type=1326 audit(1755526084.256:597791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25876 comm="syz.1.7386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  521.557562][   T29] audit: type=1326 audit(1755526084.256:597792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25876 comm="syz.1.7386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  521.581614][   T29] audit: type=1326 audit(1755526084.256:597793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25876 comm="syz.1.7386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  521.605366][   T29] audit: type=1326 audit(1755526084.256:597794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25876 comm="syz.1.7386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  521.629119][   T29] audit: type=1326 audit(1755526084.256:597795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25876 comm="syz.1.7386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  521.713918][   T51] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  521.726385][T25885] loop2: detected capacity change from 0 to 2048
[  521.763567][T25889] loop0: detected capacity change from 0 to 512
[  521.780308][T25885] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7390'.
[  521.781786][T25889] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  521.827157][T25889] EXT4-fs (loop0): 1 truncate cleaned up
[  522.004124][T25902] loop5: detected capacity change from 0 to 2048
[  522.033075][T25902] EXT4-fs (loop5): failed to initialize system zone (-117)
[  522.053204][T25902] EXT4-fs (loop5): mount failed
[  522.140205][T25913] loop5: detected capacity change from 0 to 512
[  522.149101][T25911] loop0: detected capacity change from 0 to 128
[  522.172650][T25913] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.7400: bg 0: block 248: padding at end of block bitmap is not set
[  522.237941][T25916] FAULT_INJECTION: forcing a failure.
[  522.237941][T25916] name failslab, interval 1, probability 0, space 0, times 0
[  522.250754][T25916] CPU: 0 UID: 0 PID: 25916 Comm: syz.6.7392 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  522.250824][T25916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  522.250837][T25916] Call Trace:
[  522.250844][T25916]  <TASK>
[  522.250852][T25916]  __dump_stack+0x1d/0x30
[  522.250873][T25916]  dump_stack_lvl+0xe8/0x140
[  522.250891][T25916]  dump_stack+0x15/0x1b
[  522.250950][T25916]  should_fail_ex+0x265/0x280
[  522.251044][T25916]  should_failslab+0x8c/0xb0
[  522.251068][T25916]  kmem_cache_alloc_noprof+0x50/0x310
[  522.251096][T25916]  ? dup_fd+0x3a/0x540
[  522.251117][T25916]  dup_fd+0x3a/0x540
[  522.251137][T25916]  ? _raw_spin_unlock+0x26/0x50
[  522.251240][T25916]  ksys_unshare+0x346/0x6d0
[  522.251268][T25916]  ? ksys_write+0x192/0x1a0
[  522.251328][T25916]  __x64_sys_unshare+0x1f/0x30
[  522.251352][T25916]  x64_sys_call+0x2911/0x2ff0
[  522.251376][T25916]  do_syscall_64+0xd2/0x200
[  522.251401][T25916]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  522.251490][T25916]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  522.251515][T25916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.251537][T25916] RIP: 0033:0x7f7deda5ebe9
[  522.251551][T25916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.251566][T25916] RSP: 002b:00007f7dec485038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  522.251647][T25916] RAX: ffffffffffffffda RBX: 00007f7dedc86180 RCX: 00007f7deda5ebe9
[  522.251660][T25916] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000064000600
[  522.251673][T25916] RBP: 00007f7dec485090 R08: 0000000000000000 R09: 0000000000000000
[  522.251686][T25916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.251698][T25916] R13: 00007f7dedc86218 R14: 00007f7dedc86180 R15: 00007ffceb1d55c8
[  522.251717][T25916]  </TASK>
[  522.256134][T25913] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.7400: Failed to acquire dquot type 1
[  522.324717][T25906] loop2: detected capacity change from 0 to 764
[  522.398078][T25913] EXT4-fs (loop5): 1 truncate cleaned up
[  522.497464][T25906] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  522.589806][T25913] ext4 filesystem being mounted at /353/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  522.664823][   T41] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[  522.811118][T25928] loop6: detected capacity change from 0 to 128
[  522.890743][T25928] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7405'.
[  522.900045][T25928] unsupported nlmsg_type 40
[  523.095468][T25942] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7411'.
[  523.194707][T25945] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7413'.
[  523.238947][T25951] loop1: detected capacity change from 0 to 2048
[  523.253202][T25948] vhci_hcd: invalid port number 96
[  523.258453][T25948] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  523.270903][T25951] EXT4-fs (loop1): failed to initialize system zone (-117)
[  523.286948][T25951] EXT4-fs (loop1): mount failed
[  523.311247][T25961] 9pnet: Unknown protocol version 9p200
[  523.366840][T25967] loop2: detected capacity change from 0 to 2048
[  523.655827][T25984] loop6: detected capacity change from 0 to 2048
[  523.785995][T25984] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7426'.
[  525.402329][T25998] vhci_hcd: invalid port number 96
[  525.407579][T25998] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  525.492754][T21914] EXT4-fs unmount: 20 callbacks suppressed
[  525.492770][T21914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.532653][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.579659][T26004] loop1: detected capacity change from 0 to 2048
[  525.597398][T26006] loop0: detected capacity change from 0 to 2048
[  525.636464][T26004] EXT4-fs (loop1): failed to initialize system zone (-117)
[  525.653274][T26004] EXT4-fs (loop1): mount failed
[  525.667048][T26006] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  525.730241][T26018] loop1: detected capacity change from 0 to 512
[  525.740759][T26022] loop6: detected capacity change from 0 to 512
[  525.751621][T26022] EXT4-fs: Ignoring removed nobh option
[  525.764499][T26018] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.7436: bg 0: block 248: padding at end of block bitmap is not set
[  525.801941][T26018] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.7436: Failed to acquire dquot type 1
[  525.815119][T26022] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.7438: iget: bad i_size value: 38620345925642
[  525.843545][T26022] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.7438: couldn't read orphan inode 15 (err -117)
[  525.861644][T26022] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.879716][T26018] EXT4-fs (loop1): 1 truncate cleaned up
[  525.888106][T26018] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.901091][T26018] ext4 filesystem being mounted at /357/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  525.912689][T26022] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7438'.
[  525.949187][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.964588][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.974691][T17971] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 1
[  525.987582][T21914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  526.031410][T26037] loop1: detected capacity change from 0 to 2048
[  526.063306][T26037] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  526.106340][T26037] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7443'.
[  526.147021][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  526.161341][T26045] loop0: detected capacity change from 0 to 128
[  526.242484][T26047] loop6: detected capacity change from 0 to 2048
[  526.262785][T26047] EXT4-fs (loop6): failed to initialize system zone (-117)
[  526.290645][T26047] EXT4-fs (loop6): mount failed
[  526.445249][T26051] loop0: detected capacity change from 0 to 764
[  526.483880][T26051] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  526.704602][T26075] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7453'.
[  526.845233][T26078] loop2: detected capacity change from 0 to 512
[  526.853255][T26078] EXT4-fs: Ignoring removed nobh option
[  526.874956][T26078] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.7454: iget: bad i_size value: 38620345925642
[  526.900825][T26078] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.7454: couldn't read orphan inode 15 (err -117)
[  526.930097][T26078] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.002476][T26078] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7454'.
[  527.041128][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.108074][T26084] loop0: detected capacity change from 0 to 2048
[  527.132628][T26086] vhci_hcd: invalid port number 96
[  527.137793][T26086] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  527.155847][T26084] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  527.230312][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.244005][T26092] loop2: detected capacity change from 0 to 2048
[  527.271636][T26092] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  527.298197][T26092] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7457'.
[  527.337998][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.887325][T26121] vhci_hcd: invalid port number 96
[  527.892708][T26121] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  528.139064][T26125] loop6: detected capacity change from 0 to 2048
[  528.181672][T26125] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  528.246882][T26123] loop2: detected capacity change from 0 to 764
[  528.257300][T26125] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7470'.
[  528.339805][T26123] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  528.391556][T21914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.502864][T26142] vhci_hcd: invalid port number 96
[  528.508001][T26142] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  528.521155][   T29] kauditd_printk_skb: 62 callbacks suppressed
[  528.521171][   T29] audit: type=1326 audit(1755526091.326:597851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26143 comm="syz.6.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  528.523952][T26144] loop6: detected capacity change from 0 to 512
[  528.539829][   T29] audit: type=1326 audit(1755526091.326:597852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26143 comm="syz.6.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  528.581003][   T29] audit: type=1326 audit(1755526091.326:597853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26143 comm="syz.6.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  528.581498][T26144] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  528.604688][   T29] audit: type=1326 audit(1755526091.326:597854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26143 comm="syz.6.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7deda5ec23 code=0x7ffc0000
[  528.636432][   T29] audit: type=1326 audit(1755526091.326:597855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26143 comm="syz.6.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7deda5d69f code=0x7ffc0000
[  528.659907][   T29] audit: type=1326 audit(1755526091.326:597856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26143 comm="syz.6.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f7deda5ec77 code=0x7ffc0000
[  528.683547][   T29] audit: type=1326 audit(1755526091.326:597857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26143 comm="syz.6.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7deda5d550 code=0x7ffc0000
[  528.707435][   T29] audit: type=1326 audit(1755526091.326:597858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26143 comm="syz.6.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7deda5e7eb code=0x7ffc0000
[  528.746868][T26151] loop1: detected capacity change from 0 to 2048
[  528.762267][   T29] audit: type=1326 audit(1755526091.386:597859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26143 comm="syz.6.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7deda5d84a code=0x7ffc0000
[  528.785943][   T29] audit: type=1326 audit(1755526091.386:597860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26143 comm="syz.6.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7deda5d84a code=0x7ffc0000
[  528.813349][T26151] EXT4-fs (loop1): failed to initialize system zone (-117)
[  528.824768][T26151] EXT4-fs (loop1): mount failed
[  528.902922][T26159] loop0: detected capacity change from 0 to 512
[  528.943957][T26159] EXT4-fs: Ignoring removed nobh option
[  528.969840][T26159] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.7482: iget: bad i_size value: 38620345925642
[  528.992437][T26159] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7482: couldn't read orphan inode 15 (err -117)
[  529.081506][T26159] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  529.106969][T26166] loop2: detected capacity change from 0 to 2048
[  529.151474][T26171] 9pnet: Unknown protocol version 9p2
[  529.176690][T26166] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  529.189324][T26159] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7482'.
[  529.207448][T26166] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7485'.
[  529.221910][T26178] loop5: detected capacity change from 0 to 512
[  529.255124][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.266555][T26178] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.7489: bg 0: block 248: padding at end of block bitmap is not set
[  529.328665][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.370238][T26178] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.7489: Failed to acquire dquot type 1
[  529.414032][T26188] netlink: 272 bytes leftover after parsing attributes in process `syz.0.7493'.
[  529.430118][T26178] EXT4-fs (loop5): 1 truncate cleaned up
[  529.440141][T26178] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  529.477250][T26192] loop2: detected capacity change from 0 to 128
[  529.479635][T26178] ext4 filesystem being mounted at /364/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  529.554788][T26195] netlink: 60 bytes leftover after parsing attributes in process `syz.2.7495'.
[  529.589487][T19922] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.599898][T17971] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:9: Failed to release dquot type 1
[  529.621126][T26187] loop1: detected capacity change from 0 to 764
[  529.648856][T26187] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  529.707559][T26194] loop0: detected capacity change from 0 to 764
[  529.729768][T26194] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  530.532327][T26220] loop0: detected capacity change from 0 to 128
[  530.743374][T26231] loop5: detected capacity change from 0 to 512
[  530.793541][T26231] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.7507: bg 0: block 248: padding at end of block bitmap is not set
[  530.881817][T26231] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.7507: Failed to acquire dquot type 1
[  530.915510][T26231] EXT4-fs (loop5): 1 truncate cleaned up
[  530.941189][T26231] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  530.995940][T26231] ext4 filesystem being mounted at /368/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  531.080164][T26226] loop0: detected capacity change from 0 to 1024
[  531.089537][T19922] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.101104][   T51] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1
[  531.138238][T26226] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  531.154289][T26226] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  531.195528][T26226] EXT4-fs error (device loop0): ext4_get_journal_inode:5796: inode #32: comm syz.0.7505: iget: special inode unallocated
[  531.234682][T26243] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7509'.
[  531.253858][T26226] EXT4-fs (loop0): no journal found
[  531.309770][T26246] 9pnet: Unknown protocol version 9p200
[  531.513696][T26260] loop0: detected capacity change from 0 to 512
[  531.531042][T26260] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  531.568880][T26260] EXT4-fs (loop0): 1 truncate cleaned up
[  531.591763][T26260] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  531.595286][T26248] loop5: detected capacity change from 0 to 764
[  531.612661][T26268] 9pnet: Unknown protocol version 9p200
[  531.626048][T26269] loop1: detected capacity change from 0 to 2048
[  531.643418][T26248] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  531.651904][T26260] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.713998][T26269] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  531.735384][T26271] loop6: detected capacity change from 0 to 128
[  531.736403][T26269] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7521'.
[  531.775947][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.798645][T26280] loop0: detected capacity change from 0 to 128
[  531.894290][T26280] netlink: 60 bytes leftover after parsing attributes in process `syz.0.7525'.
[  531.959922][T26290] netlink: 272 bytes leftover after parsing attributes in process `syz.1.7529'.
[  532.071841][T26298] 9pnet: Unknown protocol version 9p200
[  532.135006][T26300] loop1: detected capacity change from 0 to 2048
[  532.162765][T26300] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  532.215129][T26310] loop0: detected capacity change from 0 to 128
[  532.273110][T26316] loop5: detected capacity change from 0 to 512
[  532.301782][T26316] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.354960][T26316] ext4 filesystem being mounted at /373/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  532.421453][T19922] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.478204][T26321] syzkaller0: entered allmulticast mode
[  532.490623][T26321] syzkaller0: entered promiscuous mode
[  532.505360][T26321] syzkaller0 (unregistering): left allmulticast mode
[  532.512183][T26321] syzkaller0 (unregistering): left promiscuous mode
[  532.565917][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.621936][T26324] loop1: detected capacity change from 0 to 128
[  532.701762][T26330] vhci_hcd: invalid port number 96
[  532.706934][T26330] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  532.716132][T26324] netlink: 60 bytes leftover after parsing attributes in process `syz.1.7541'.
[  532.782140][T26351] loop2: detected capacity change from 0 to 128
[  532.817433][T26358] loop5: detected capacity change from 0 to 128
[  532.903299][T26368] loop5: detected capacity change from 0 to 512
[  532.921070][T26368] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  532.932140][T26368] EXT4-fs (loop5): 1 truncate cleaned up
[  532.938249][T26368] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  532.951808][T26368] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.080849][T26386] loop2: detected capacity change from 0 to 128
[  533.145895][T26392] loop6: detected capacity change from 0 to 2048
[  533.158091][T26386] netlink: 60 bytes leftover after parsing attributes in process `syz.2.7563'.
[  533.165733][T26395] loop5: detected capacity change from 0 to 512
[  533.179326][T26395] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  533.198623][T26392] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  533.212735][T26395] EXT4-fs (loop5): 1 truncate cleaned up
[  533.224466][T26395] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  533.240016][T26399] loop2: detected capacity change from 0 to 2048
[  533.250914][T26395] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.265029][T26399] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  533.348916][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.386837][T21914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.582124][T26441] loop5: detected capacity change from 0 to 512
[  533.592099][T26441] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  533.615461][T26441] EXT4-fs (loop5): 1 truncate cleaned up
[  533.625216][T26441] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  533.638631][T26441] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.671236][T26451] loop0: detected capacity change from 0 to 2048
[  533.691664][T26451] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  533.745819][   T29] kauditd_printk_skb: 13346 callbacks suppressed
[  533.745834][   T29] audit: type=1326 audit(1755526096.546:611201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26456 comm="syz.5.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ffc0000
[  533.776247][   T29] audit: type=1326 audit(1755526096.546:611202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26456 comm="syz.5.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ffc0000
[  533.800365][   T29] audit: type=1326 audit(1755526096.546:611203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26456 comm="syz.5.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f30d266ebe9 code=0x7ffc0000
[  533.824423][   T29] audit: type=1326 audit(1755526096.546:611204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26456 comm="syz.5.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ffc0000
[  533.848176][   T29] audit: type=1326 audit(1755526096.546:611205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26456 comm="syz.5.7587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ffc0000
[  533.892299][T20418] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  534.172499][T26493] loop1: detected capacity change from 0 to 2048
[  534.192345][T26493] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  534.215055][T26488] pim6reg1: entered promiscuous mode
[  534.220501][T26488] pim6reg1: entered allmulticast mode
[  534.313196][T26502] loop2: detected capacity change from 0 to 2048
[  534.342412][T26502] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  534.372983][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  534.395432][   T29] audit: type=1326 audit(1755526097.196:611206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26507 comm="syz.5.7605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ffc0000
[  534.419301][   T29] audit: type=1326 audit(1755526097.196:611207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26507 comm="syz.5.7605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ffc0000
[  534.443146][   T29] audit: type=1326 audit(1755526097.196:611208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26507 comm="syz.5.7605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f30d266ebe9 code=0x7ffc0000
[  534.467181][   T29] audit: type=1326 audit(1755526097.196:611209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26507 comm="syz.5.7605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ffc0000
[  534.491340][   T29] audit: type=1326 audit(1755526097.196:611210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26507 comm="syz.5.7605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30d266ebe9 code=0x7ffc0000
[  534.574016][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  534.586479][T26518] __nla_validate_parse: 2 callbacks suppressed
[  534.586493][T26518] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7607'.
[  534.687010][T26524] loop1: detected capacity change from 0 to 2048
[  534.703103][T26525] vhci_hcd: invalid port number 96
[  534.708370][T26525] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  534.727134][T26524] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  534.767102][T26535] FAULT_INJECTION: forcing a failure.
[  534.767102][T26535] name failslab, interval 1, probability 0, space 0, times 0
[  534.779933][T26535] CPU: 0 UID: 0 PID: 26535 Comm: syz.2.7615 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  534.780013][T26535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  534.780026][T26535] Call Trace:
[  534.780033][T26535]  <TASK>
[  534.780040][T26535]  __dump_stack+0x1d/0x30
[  534.780062][T26535]  dump_stack_lvl+0xe8/0x140
[  534.780082][T26535]  dump_stack+0x15/0x1b
[  534.780108][T26535]  should_fail_ex+0x265/0x280
[  534.780126][T26535]  should_failslab+0x8c/0xb0
[  534.780147][T26535]  __kmalloc_noprof+0xa5/0x3e0
[  534.780190][T26535]  ? security_sk_alloc+0x52/0x120
[  534.780272][T26535]  ? should_failslab+0x8c/0xb0
[  534.780337][T26535]  security_sk_alloc+0x52/0x120
[  534.780361][T26535]  sk_prot_alloc+0xc2/0x190
[  534.780379][T26535]  sk_alloc+0x34/0x360
[  534.780414][T26535]  ? __pfx_genl_release+0x10/0x10
[  534.780438][T26535]  ? __pfx_genl_release+0x10/0x10
[  534.780462][T26535]  netlink_create+0x32a/0x460
[  534.780485][T26535]  ? __pfx_genl_unbind+0x10/0x10
[  534.780550][T26535]  ? __pfx_genl_bind+0x10/0x10
[  534.780571][T26535]  __sock_create+0x2e9/0x5b0
[  534.780596][T26535]  __sys_socket+0xb0/0x180
[  534.780685][T26535]  __x64_sys_socket+0x3f/0x50
[  534.780762][T26535]  x64_sys_call+0x1147/0x2ff0
[  534.780791][T26535]  do_syscall_64+0xd2/0x200
[  534.780818][T26535]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  534.780844][T26535]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  534.780873][T26535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.780953][T26535] RIP: 0033:0x7f15a3e80b07
[  534.780969][T26535] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.780989][T26535] RSP: 002b:00007f15a28ddfa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  534.781005][T26535] RAX: ffffffffffffffda RBX: 00007f15a40a5fa0 RCX: 00007f15a3e80b07
[  534.781017][T26535] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  534.781027][T26535] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  534.781038][T26535] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000001
[  534.781048][T26535] R13: 00007f15a40a6038 R14: 00007f15a40a5fa0 R15: 00007ffd7d56ff08
[  534.781137][T26535]  </TASK>
[  535.008849][T26537] loop5: detected capacity change from 0 to 2048
[  535.038457][T26543] FAULT_INJECTION: forcing a failure.
[  535.038457][T26543] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  535.051576][T26543] CPU: 0 UID: 0 PID: 26543 Comm: syz.2.7619 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  535.051600][T26543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  535.051610][T26543] Call Trace:
[  535.051617][T26543]  <TASK>
[  535.051624][T26543]  __dump_stack+0x1d/0x30
[  535.051693][T26543]  dump_stack_lvl+0xe8/0x140
[  535.051713][T26543]  dump_stack+0x15/0x1b
[  535.051728][T26543]  should_fail_ex+0x265/0x280
[  535.051746][T26543]  should_fail+0xb/0x20
[  535.051761][T26543]  should_fail_usercopy+0x1a/0x20
[  535.051803][T26543]  _copy_from_user+0x1c/0xb0
[  535.051831][T26543]  memdup_user+0x5e/0xd0
[  535.051854][T26543]  strndup_user+0x68/0xb0
[  535.051876][T26543]  perf_ioctl+0x58a/0x12e0
[  535.051912][T26543]  ? ioctl_has_perm+0x289/0x2a0
[  535.051930][T26543]  ? do_vfs_ioctl+0x866/0xe10
[  535.051946][T26543]  ? selinux_file_ioctl+0x308/0x3a0
[  535.051964][T26543]  ? __fget_files+0x184/0x1c0
[  535.051987][T26543]  ? __pfx_perf_ioctl+0x10/0x10
[  535.052011][T26543]  __se_sys_ioctl+0xcb/0x140
[  535.052040][T26543]  __x64_sys_ioctl+0x43/0x50
[  535.052135][T26543]  x64_sys_call+0x1816/0x2ff0
[  535.052155][T26543]  do_syscall_64+0xd2/0x200
[  535.052177][T26543]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  535.052197][T26543]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  535.052220][T26543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.052246][T26543] RIP: 0033:0x7f15a3e7ebe9
[  535.052259][T26543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  535.052273][T26543] RSP: 002b:00007f15a28df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  535.052289][T26543] RAX: ffffffffffffffda RBX: 00007f15a40a5fa0 RCX: 00007f15a3e7ebe9
[  535.052340][T26543] RDX: 0000200000000180 RSI: 0000000040082406 RDI: 0000000000000003
[  535.052350][T26543] RBP: 00007f15a28df090 R08: 0000000000000000 R09: 0000000000000000
[  535.052423][T26543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  535.052433][T26543] R13: 00007f15a40a6038 R14: 00007f15a40a5fa0 R15: 00007ffd7d56ff08
[  535.052448][T26543]  </TASK>
[  535.070837][T26537] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  535.081449][T19358] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.342162][T19922] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.371269][T26552] vhci_hcd: invalid port number 96
[  535.376434][T26552] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  535.385912][T26563] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7624'.
[  535.435722][T26562] vhci_hcd: invalid port number 96
[  535.440989][T26562] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  535.530240][T26575] loop5: detected capacity change from 0 to 2048
[  535.556738][T26585] loop2: detected capacity change from 0 to 512
[  535.566356][T26575] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  535.581920][T26585] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7635: bg 0: block 248: padding at end of block bitmap is not set
[  535.609704][T26585] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.7635: Failed to acquire dquot type 1
[  535.641089][T19922] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.643226][T26585] EXT4-fs (loop2): 1 truncate cleaned up
[  535.672418][T26585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  535.697662][T26585] ext4 filesystem being mounted at /309/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  535.708075][T26596] FAULT_INJECTION: forcing a failure.
[  535.708075][T26596] name failslab, interval 1, probability 0, space 0, times 0
[  535.720794][T26596] CPU: 0 UID: 0 PID: 26596 Comm: syz.5.7637 Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  535.720824][T26596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  535.720837][T26596] Call Trace:
[  535.720847][T26596]  <TASK>
[  535.720855][T26596]  __dump_stack+0x1d/0x30
[  535.720874][T26596]  dump_stack_lvl+0xe8/0x140
[  535.720899][T26596]  dump_stack+0x15/0x1b
[  535.720914][T26596]  should_fail_ex+0x265/0x280
[  535.720935][T26596]  should_failslab+0x8c/0xb0
[  535.721001][T26596]  kmem_cache_alloc_noprof+0x50/0x310
[  535.721028][T26596]  ? audit_log_start+0x365/0x6c0
[  535.721056][T26596]  audit_log_start+0x365/0x6c0
[  535.721087][T26596]  audit_seccomp+0x48/0x100
[  535.721132][T26596]  ? __seccomp_filter+0x68c/0x10d0
[  535.721153][T26596]  __seccomp_filter+0x69d/0x10d0
[  535.721175][T26596]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  535.721278][T26596]  ? vfs_write+0x7e8/0x960
[  535.721305][T26596]  __secure_computing+0x82/0x150
[  535.721324][T26596]  syscall_trace_enter+0xcf/0x1e0
[  535.721414][T26596]  do_syscall_64+0xac/0x200
[  535.721475][T26596]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  535.721571][T26596]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  535.721594][T26596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.721617][T26596] RIP: 0033:0x7f30d266ebe9
[  535.721631][T26596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  535.721726][T26596] RSP: 002b:00007f30d10cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000089
[  535.721742][T26596] RAX: ffffffffffffffda RBX: 00007f30d2895fa0 RCX: 00007f30d266ebe9
[  535.721753][T26596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000340
[  535.721765][T26596] RBP: 00007f30d10cf090 R08: 0000000000000000 R09: 0000000000000000
[  535.721778][T26596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  535.721790][T26596] R13: 00007f30d2896038 R14: 00007f30d2895fa0 R15: 00007ffeae84b128
[  535.721808][T26596]  </TASK>
[  535.977394][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.986582][  T159] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[  536.000010][T26602] vhci_hcd: invalid port number 96
[  536.005159][T26602] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  536.042316][T26606] vhci_hcd: invalid port number 96
[  536.047465][T26606] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  536.132057][T26612] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7643'.
[  536.133803][T26614] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7644'.
[  536.184730][T26600] loop5: detected capacity change from 0 to 764
[  536.201018][T26600] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  536.223877][T26623] loop6: detected capacity change from 0 to 512
[  536.231070][T26623] EXT4-fs: Ignoring removed nobh option
[  536.243800][T26623] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.7647: iget: bad i_size value: 38620345925642
[  536.267055][T26623] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.7647: couldn't read orphan inode 15 (err -117)
[  536.293596][T26623] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  536.334359][T26623] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7647'.
[  536.356136][T21914] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  536.371063][T26632] loop2: detected capacity change from 0 to 512
[  536.393520][T26632] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7651: bg 0: block 248: padding at end of block bitmap is not set
[  536.408511][T26632] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.7651: Failed to acquire dquot type 1
[  536.426909][T26632] EXT4-fs (loop2): 1 truncate cleaned up
[  536.433351][T26632] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  536.446281][T26632] ext4 filesystem being mounted at /314/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  536.448786][T26636] vhci_hcd: invalid port number 96
[  536.461938][T26636] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  536.501155][T21540] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  536.513872][   T41] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 1
[  536.532155][T26642] vhci_hcd: invalid port number 96
[  536.537303][T26642] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  536.553251][T26628] loop1: detected capacity change from 0 to 764
[  536.561236][T26628] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  536.678259][T26652] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7657'.
[  537.921016][T26666] loop2: detected capacity change from 0 to 2048
[  537.970869][T26667] loop0: detected capacity change from 0 to 512
[  537.982027][T26667] EXT4-fs: Ignoring removed nobh option
[  537.994198][T26667] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.7661: iget: bad i_size value: 38620345925642
[  538.008530][T26667] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7661: couldn't read orphan inode 15 (err -117)
[  538.024035][T26667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  538.041244][T26666] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  538.094510][T26667] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7661'.
[  538.143109][T26676] loop1: detected capacity change from 0 to 512
[  538.175244][T26676] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  538.191257][T26676] EXT4-fs (loop1): 1 truncate cleaned up
[  538.277902][T26686] loop2: detected capacity change from 0 to 512
[  538.322787][T26686] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7665: bg 0: block 248: padding at end of block bitmap is not set
[  538.347482][T26686] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.7665: Failed to acquire dquot type 1
[  538.363675][T26686] EXT4-fs (loop2): 1 truncate cleaned up
[  538.806038][T26686] ext4 filesystem being mounted at /318/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  539.073574][T26719] loop0: detected capacity change from 0 to 128
[  539.219585][ T3417] __quota_error: 61 callbacks suppressed
[  539.219602][ T3417] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5
[  539.234419][ T3417] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 1
[  539.537965][T26738] loop5: detected capacity change from 0 to 128
[  539.903575][   T29] audit: type=1326 audit(1755526102.706:611262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26750 comm="syz.6.7692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  539.927374][   T29] audit: type=1326 audit(1755526102.706:611263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26750 comm="syz.6.7692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  539.952446][T26748] loop5: detected capacity change from 0 to 512
[  539.977831][T26748] EXT4-fs: Ignoring removed nobh option
[  540.026590][   T29] audit: type=1326 audit(1755526102.776:611264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26750 comm="syz.6.7692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  540.050484][   T29] audit: type=1326 audit(1755526102.776:611265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26750 comm="syz.6.7692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  540.074147][   T29] audit: type=1326 audit(1755526102.776:611266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26750 comm="syz.6.7692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  540.097842][   T29] audit: type=1326 audit(1755526102.786:611267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26750 comm="syz.6.7692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  540.121554][   T29] audit: type=1326 audit(1755526102.786:611268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26750 comm="syz.6.7692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  540.145313][   T29] audit: type=1326 audit(1755526102.786:611269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26750 comm="syz.6.7692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  540.169112][   T29] audit: type=1326 audit(1755526102.796:611270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26750 comm="syz.6.7692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7deda5ebe9 code=0x7ffc0000
[  540.225775][T26748] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.7691: iget: bad i_size value: 38620345925642
[  540.251178][T26748] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.7691: couldn't read orphan inode 15 (err -117)
[  540.264510][T26758] loop2: detected capacity change from 0 to 2048
[  540.326441][T26748] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7691'.
[  540.342808][T26764] loop1: detected capacity change from 0 to 2048
[  540.426187][T26768] loop5: detected capacity change from 0 to 2048
[  540.475182][T26772] loop2: detected capacity change from 0 to 512
[  540.485579][T26772] journal_path: Non-blockdev passed as './bus'
[  540.491936][T26772] EXT4-fs: error: could not find journal device path
[  540.574318][T26784] loop1: detected capacity change from 0 to 2048
[  540.595792][T26784] EXT4-fs (loop1): failed to initialize system zone (-117)
[  540.603442][T26784] EXT4-fs (loop1): mount failed
[  540.654405][T26794] loop1: detected capacity change from 0 to 512
[  540.662215][T26794] EXT4-fs: Ignoring removed nobh option
[  540.678613][T26791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7700'.
[  540.691027][T26794] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.7705: iget: bad i_size value: 38620345925642
[  540.722438][T26794] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.7705: couldn't read orphan inode 15 (err -117)
[  540.814673][T26794] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7705'.
[  540.934189][T26816] vhci_hcd: invalid port number 96
[  540.939337][T26816] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  546.287080][T26848] loop1: detected capacity change from 0 to 2048
[  546.294734][T26846] loop6: detected capacity change from 0 to 512
[  546.322335][T26846] EXT4-fs: Ignoring removed nobh option
[  546.357896][T26846] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.7721: iget: bad i_size value: 38620345925642
[  546.374996][T26846] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.7721: couldn't read orphan inode 15 (err -117)
[  546.397217][T26854] loop2: detected capacity change from 0 to 512
[  546.410895][T26854] EXT4-fs: Ignoring removed nobh option
[  546.426816][T26854] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.7724: iget: bad i_size value: 38620345925642
[  546.451422][T26846] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7721'.
[  546.469843][T26854] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.7724: couldn't read orphan inode 15 (err -117)
[  546.537013][T26870] loop6: detected capacity change from 0 to 512
[  546.558770][T26866] vhci_hcd: invalid port number 96
[  546.564027][T26866] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  546.576663][T26870] journal_path: Non-blockdev passed as './bus'
[  546.582953][T26870] EXT4-fs: error: could not find journal device path
[  546.591791][T26877] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7724'.
[  546.658186][T26887] loop2: detected capacity change from 0 to 128
[  546.677164][T26881] loop1: detected capacity change from 0 to 512
[  546.820473][T26881] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  546.902861][T26881] EXT4-fs (loop1): 1 truncate cleaned up
[  546.965898][T26901] loop2: detected capacity change from 0 to 512
[  546.992081][T26901] EXT4-fs: Ignoring removed nobh option
[  547.074815][T26901] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.7738: iget: bad i_size value: 38620345925642
[  547.134163][T26901] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.7738: couldn't read orphan inode 15 (err -117)
[  547.315565][T26914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7738'.
[  547.615739][T26916] vhci_hcd: invalid port number 96
[  547.621020][T26916] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  547.749636][T26923] loop1: detected capacity change from 0 to 2048
[  547.771673][T26923] EXT4-fs (loop1): failed to initialize system zone (-117)
[  547.784120][T26923] EXT4-fs (loop1): mount failed
[  547.832320][T26928] loop6: detected capacity change from 0 to 512
[  547.844672][T26928] EXT4-fs: Ignoring removed nobh option
[  547.858334][T26928] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.7744: iget: bad i_size value: 38620345925642
[  547.872513][T26928] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.7744: couldn't read orphan inode 15 (err -117)
[  547.903292][T26928] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7744'.
[  548.000883][T26926] loop5: detected capacity change from 0 to 764
[  548.010135][T26926] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  548.237488][T26936] loop2: detected capacity change from 0 to 512
[  548.265749][T26936] journal_path: Non-blockdev passed as './bus'
[  548.272102][T26936] EXT4-fs: error: could not find journal device path
[  548.298889][T26941] loop1: detected capacity change from 0 to 2048
[  548.320414][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  548.320427][   T29] audit: type=1326 audit(1755526111.116:611282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26942 comm="syz.0.7749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ffc0000
[  548.350249][   T29] audit: type=1326 audit(1755526111.116:611283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26942 comm="syz.0.7749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ffc0000
[  548.374177][   T29] audit: type=1326 audit(1755526111.116:611284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26942 comm="syz.0.7749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fa7c4cfebe9 code=0x7ffc0000
[  548.397907][   T29] audit: type=1326 audit(1755526111.116:611285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26942 comm="syz.0.7749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ffc0000
[  548.421714][   T29] audit: type=1326 audit(1755526111.116:611286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26942 comm="syz.0.7749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ffc0000
[  548.445405][   T29] audit: type=1326 audit(1755526111.126:611287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26942 comm="syz.0.7749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fa7c4cfebe9 code=0x7ffc0000
[  548.469290][   T29] audit: type=1326 audit(1755526111.126:611288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26942 comm="syz.0.7749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ffc0000
[  548.493206][   T29] audit: type=1326 audit(1755526111.126:611289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26942 comm="syz.0.7749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ffc0000
[  548.517144][   T29] audit: type=1326 audit(1755526111.126:611290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26942 comm="syz.0.7749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fa7c4cfebe9 code=0x7ffc0000
[  548.540860][   T29] audit: type=1326 audit(1755526111.126:611291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26942 comm="syz.0.7749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa7c4cfebe9 code=0x7ffc0000
[  548.660300][T26950] vhci_hcd: invalid port number 96
[  548.665533][T26950] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  548.748111][T26958] loop2: detected capacity change from 0 to 128
[  549.687800][T26975] loop5: detected capacity change from 0 to 2048
[  549.748974][T26965] loop2: detected capacity change from 0 to 512
[  549.757667][T26965] EXT4-fs: Ignoring removed nobh option
[  550.251618][T26965] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.7755: iget: bad i_size value: 38620345925642
[  550.275999][T26965] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.7755: couldn't read orphan inode 15 (err -117)
[  550.332636][T26965] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7755'.
[  550.395164][T26992] loop1: detected capacity change from 0 to 512
[  550.410560][T26992] journal_path: Non-blockdev passed as './bus'
[  550.416900][T26992] EXT4-fs: error: could not find journal device path
[  550.459617][T26997] loop2: detected capacity change from 0 to 128
[  550.480873][T26994] loop6: detected capacity change from 0 to 2048
[  550.565586][T27001] vhci_hcd: invalid port number 96
[  550.570774][T27001] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  550.678668][T27013] loop5: detected capacity change from 0 to 512
[  550.703350][T27013] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  550.764901][T27019] 9pnet: Unknown protocol version 9p200
[  550.771923][T27017] loop0: detected capacity change from 0 to 2048
[  550.825438][T27017] EXT4-fs (loop0): failed to initialize system zone (-117)
[  550.860212][T27023] loop1: detected capacity change from 0 to 128
[  550.871834][T27017] EXT4-fs (loop0): mount failed
[  550.977971][T27032] loop0: detected capacity change from 0 to 512
[  551.009759][T27032] EXT4-fs: Ignoring removed nobh option
[  551.044851][T27032] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.7775: iget: bad i_size value: 38620345925642
[  551.183403][T27032] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7775: couldn't read orphan inode 15 (err -117)
[  551.333516][T27038] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7775'.
[  551.931681][T27046] loop1: detected capacity change from 0 to 2048
[  552.072433][T27052] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7776'.
[  552.512770][T27055] loop2: detected capacity change from 0 to 2048
[  552.856329][T19922] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  552.867510][T19922] CPU: 0 UID: 0 PID: 19922 Comm: syz-executor Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  552.867548][T19922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  552.867559][T19922] Call Trace:
[  552.867563][T19922]  <TASK>
[  552.867569][T19922]  __dump_stack+0x1d/0x30
[  552.867648][T19922]  dump_stack_lvl+0xe8/0x140
[  552.867673][T19922]  dump_stack+0x15/0x1b
[  552.867687][T19922]  dump_header+0x81/0x220
[  552.867742][T19922]  oom_kill_process+0x342/0x400
[  552.867772][T19922]  out_of_memory+0x979/0xb80
[  552.867802][T19922]  try_charge_memcg+0x5e6/0x9e0
[  552.867828][T19922]  charge_memcg+0x51/0xc0
[  552.867852][T19922]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  552.867871][T19922]  __read_swap_cache_async+0x1df/0x350
[  552.867902][T19922]  swap_cluster_readahead+0x277/0x3e0
[  552.867957][T19922]  swapin_readahead+0xde/0x6f0
[  552.867991][T19922]  ? __filemap_get_folio+0x4f7/0x6b0
[  552.868022][T19922]  ? ktime_get+0x1eb/0x210
[  552.868096][T19922]  ? swap_cache_get_folio+0x77/0x200
[  552.868126][T19922]  do_swap_page+0x301/0x2430
[  552.868177][T19922]  ? finish_task_switch+0xad/0x2b0
[  552.868207][T19922]  ? __pfx_default_wake_function+0x10/0x10
[  552.868238][T19922]  handle_mm_fault+0x9a5/0x2c20
[  552.868263][T19922]  do_user_addr_fault+0x636/0x1090
[  552.868300][T19922]  ? fpregs_restore_userregs+0xe2/0x1d0
[  552.868330][T19922]  ? switch_fpu_return+0xe/0x20
[  552.868412][T19922]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  552.868435][T19922]  exc_page_fault+0x62/0xa0
[  552.868454][T19922]  asm_exc_page_fault+0x26/0x30
[  552.868491][T19922] RIP: 0033:0x7f30d26a1465
[  552.868504][T19922] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d fe 70 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  552.868539][T19922] RSP: 002b:00007ffeae84b468 EFLAGS: 00010246
[  552.868553][T19922] RAX: 0000000000000000 RBX: 0000000000000439 RCX: 00007f30d26a1463
[  552.868563][T19922] RDX: 00007ffeae84b480 RSI: 0000000000000000 RDI: 0000000000000000
[  552.868573][T19922] RBP: 00007ffeae84b4ec R08: 0000000030b5f440 R09: 0000000000000000
[  552.868586][T19922] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  552.868599][T19922] R13: 00000000000927c0 R14: 0000000000086a8e R15: 00007ffeae84b540
[  552.868614][T19922]  </TASK>
[  552.868619][T19922] memory: usage 307200kB, limit 307200kB, failcnt 16010
[  553.102074][T19922] memory+swap: usage 95904kB, limit 9007199254740988kB, failcnt 0
[  553.102090][T19922] kmem: usage 95524kB, limit 9007199254740988kB, failcnt 0
[  553.102102][T19922] Memory cgroup stats for /syz5:
[  553.159759][T27087] loop0: detected capacity change from 0 to 128
[  553.167035][T27089] loop6: detected capacity change from 0 to 128
[  553.228554][T19922] cache 0
[  553.228565][T19922] rss 4096
[  553.228571][T19922] shmem 0
[  553.228576][T19922] mapped_file 0
[  553.228582][T19922] dirty 0
[  553.228587][T19922] writeback 4096
[  553.228593][T19922] workingset_refault_anon 163
[  553.228639][T19922] workingset_refault_file 4045
[  553.228646][T19922] swap 352256
[  553.228651][T19922] swapcached 8192
[  553.228657][T19922] pgpgin 641341
[  553.228663][T19922] pgpgout 641339
[  553.228668][T19922] pgfault 613347
[  553.228674][T19922] pgmajfault 61
[  553.228680][T19922] inactive_anon 8192
[  553.228686][T19922] active_anon 0
[  553.228692][T19922] inactive_file 0
[  553.228697][T19922] active_file 0
[  553.228740][T19922] unevictable 0
[  553.228746][T19922] hierarchical_memory_limit 314572800
[  553.228753][T19922] hierarchical_memsw_limit 9223372036854771712
[  553.228760][T19922] total_cache 0
[  553.228766][T19922] total_rss 4096
[  553.228772][T19922] total_shmem 0
[  553.228778][T19922] total_mapped_file 0
[  553.228784][T19922] total_dirty 0
[  553.228789][T19922] total_writeback 4096
[  553.228795][T19922] total_workingset_refault_anon 163
[  553.228830][T19922] total_workingset_refault_file 4045
[  553.228837][T19922] total_swap 352256
[  553.228842][T19922] total_swapcached 8192
[  553.228849][T19922] total_pgpgin 641341
[  553.228855][T19922] total_pgpgout 641339
[  553.228861][T19922] total_pgfault 613347
[  553.228867][T19922] total_pgmajfault 61
[  553.228873][T19922] total_inactive_anon 8192
[  553.228879][T19922] total_active_anon 0
[  553.228934][T19922] total_inactive_file 0
[  553.228941][T19922] total_active_file 0
[  553.228947][T19922] total_unevictable 0
[  553.228954][T19922] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.7766,pid=27006,uid=0
[  553.229062][T19922] Memory cgroup out of memory: Killed process 27006 (syz.5.7766) total-vm:95812kB, anon-rss:944kB, file-rss:22464kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  553.262584][T27091] loop0: detected capacity change from 0 to 2048
[  553.618781][T27116] loop6: detected capacity change from 0 to 128
[  553.656156][T27119] loop1: detected capacity change from 0 to 128
[  553.721681][T27122] loop0: detected capacity change from 0 to 512
[  553.744158][T27122] EXT4-fs: Ignoring removed nobh option
[  553.769644][   T29] kauditd_printk_skb: 5226 callbacks suppressed
[  553.769659][   T29] audit: type=1326 audit(1755526116.576:616518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27125 comm="syz.1.7810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  553.771178][T27122] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.7808: iget: bad i_size value: 38620345925642
[  553.806753][   T29] audit: type=1326 audit(1755526116.576:616519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27125 comm="syz.1.7810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  553.836237][   T29] audit: type=1326 audit(1755526116.576:616520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27125 comm="syz.1.7810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  553.860057][   T29] audit: type=1326 audit(1755526116.576:616521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27125 comm="syz.1.7810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  553.860214][ T2979] ==================================================================
[  553.883900][   T29] audit: type=1326 audit(1755526116.576:616522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27125 comm="syz.1.7810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  553.892366][ T2979] BUG: KCSAN: data-race in _prb_read_valid / prb_reserve
[  553.892404][ T2979] 
[  553.892408][ T2979] write to 0xffffffff868aaeb0 of 88 bytes by task 29 on cpu 0:
[  553.892422][ T2979]  prb_reserve+0x696/0xaf0
[  553.916206][   T29] audit: type=1326 audit(1755526116.576:616523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27125 comm="syz.1.7810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  553.923161][ T2979]  vprintk_store+0x56d/0x860
[  553.925485][   T29] audit: type=1326 audit(1755526116.576:616524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27125 comm="syz.1.7810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  553.933180][ T2979]  vprintk_emit+0x178/0x650
[  553.933197][ T2979]  vprintk_default+0x26/0x30
[  553.933212][ T2979]  vprintk+0x1d/0x30
[  553.933232][ T2979]  _printk+0x79/0xa0
[  553.933254][ T2979]  kauditd_hold_skb+0x1b1/0x1c0
[  553.933269][ T2979]  kauditd_send_queue+0x273/0x2c0
[  553.937655][   T29] audit: type=1326 audit(1755526116.576:616525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27125 comm="syz.1.7810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  553.961311][ T2979]  kauditd_thread+0x421/0x630
[  553.961339][ T2979]  kthread+0x489/0x510
[  553.966005][   T29] audit: type=1326 audit(1755526116.576:616526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27125 comm="syz.1.7810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  553.989570][ T2979]  ret_from_fork+0xda/0x150
[  553.989590][ T2979]  ret_from_fork_asm+0x1a/0x30
[  553.994091][   T29] audit: type=1326 audit(1755526116.576:616527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27125 comm="syz.1.7810" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa17f26ebe9 code=0x7ffc0000
[  553.998796][ T2979] 
[  553.998803][ T2979] read to 0xffffffff868aaeb0 of 8 bytes by task 2979 on cpu 1:
[  554.013910][T27122] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.7808: couldn't read orphan inode 15 (err -117)
[  554.016497][ T2979]  _prb_read_valid+0x1c4/0x920
[  554.131447][ T2979]  prb_read_valid+0x3c/0x60
[  554.135945][ T2979]  syslog_print+0xeb/0x540
[  554.140438][ T2979]  do_syslog+0x52b/0x7e0
[  554.144695][ T2979]  __x64_sys_syslog+0x41/0x50
[  554.149375][ T2979]  x64_sys_call+0x2f36/0x2ff0
[  554.154053][ T2979]  do_syscall_64+0xd2/0x200
[  554.158544][ T2979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.164422][ T2979] 
[  554.166757][ T2979] value changed: 0x0000000000002378 -> 0x0000000000004378
[  554.173843][ T2979] 
[  554.176148][ T2979] Reported by Kernel Concurrency Sanitizer on:
[  554.182283][ T2979] CPU: 1 UID: 0 PID: 2979 Comm: klogd Not tainted 6.17.0-rc2-syzkaller #0 PREEMPT(voluntary) 
[  554.192528][ T2979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  554.202576][ T2979] ==================================================================
[  554.260832][T27122] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7808'.