last executing test programs:

4m28.876387758s ago: executing program 2 (id=200):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000002900000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000060060000000000000000000018110000", @ANYRESOCT=r2, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000000300000095"], &(0x7f0000000000)='syzkaller\x00', 0xc, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r3}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0x30, 0x1, 0x1, 0x201, 0x0, 0x0, {0xa, 0x0, 0x8}, [@CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x71}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x100}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x4}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x40804}, 0x24040010)
r6 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
mlockall(0x5)
r7 = fsmount(r6, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r7, &(0x7f00000003c0)='./file0\x00')
r8 = socket$phonet(0x23, 0x2, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000c00)=@mangle={'mangle\x00', 0x1f, 0x6, 0x758, 0x0, 0x548, 0x338, 0x458, 0x548, 0x688, 0x688, 0x688, 0x688, 0x688, 0x6, &(0x7f00000001c0), {[{{@uncond, 0x0, 0x1f8, 0x220, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'nicvf0\x00', {0x7, 0x5, 0x60, 0x4, 0x3ff, 0x8, 0x1, 0x78}, {0x10}}}]}, @HL={0x28, 'HL\x00', 0x0, {0x3, 0x4}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x2f}, [0x0, 0xff, 0xff000000, 0xffffff00], [0x0, 0xff, 0xffffffff], 'ip_vti0\x00', 'dvmrp0\x00', {}, {}, 0x2b, 0x2a, 0x4, 0x16}, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x6}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@remote, @ipv4=@dev={0xac, 0x14, 0x14, 0x36}, 0x27, 0x35, 0x5}}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@inet=@dscp={{0x28}, {0x1}}, @inet=@rpfilter={{0x28}}]}, @HL={0x28, 'HL\x00', 0x0, {0x3, 0x9}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@mcast2, @ipv6=@loopback, 0x1d, 0xe, 0x3}}}, {{@uncond, 0x0, 0x118, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@dst={{0x48}, {0x6, 0x6, 0x1, [0x80, 0x5, 0x2, 0x81, 0x5, 0x64, 0x594e, 0x9, 0x7ff, 0x8000, 0x3, 0x2, 0xa6, 0x5, 0xd9, 0x7], 0x8}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x7b8)
sendto$phonet(r8, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x23, 0x0, 0x2}, 0x10)
readlinkat(r7, &(0x7f0000000700)='./file0/../file0\x00', &(0x7f00000002c0)=""/184, 0xb8)

4m28.683327401s ago: executing program 2 (id=203):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000ffffff000000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{0x83, 0x8, 0x8, 0x2}, {0x2, 0xfc, 0x1, 0x9}, {0x6, 0x5, 0x39, 0x2}, {0xfd, 0x4, 0x8, 0xd7f}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r5 = memfd_secret(0x80000)
r6 = socket(0x10, 0x803, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001600)=@newtfilter={0x3c, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r8, {0xfff2, 0x4}, {}, {0x5, 0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0x10, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0xf0}, {0x4}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'syztnl2\x00', r8, 0x8000, 0x700, 0x3, 0x6, {{0x17, 0x4, 0x0, 0x6, 0x5c, 0x66, 0x0, 0x3, 0x2f, 0x0, @rand_addr=0x64010102, @local, {[@ssrr={0x89, 0x1b, 0x63, [@remote, @broadcast, @private=0xa010101, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, @remote]}, @timestamp_addr={0x44, 0x2c, 0xce, 0x1, 0x6, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3}, {@dev={0xac, 0x14, 0x14, 0x21}, 0x5}, {@dev={0xac, 0x14, 0x14, 0xd}, 0x6}, {@local, 0x80000001}, {@broadcast, 0x4}]}]}}}}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
lseek(0xffffffffffffffff, 0x7, 0x4)

4m28.527853404s ago: executing program 2 (id=204):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd63"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x3d0, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x200, 0x230, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x430)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
ioctl$FS_IOC_GETFSSYSFSPATH(0xffffffffffffffff, 0x80811501, &(0x7f0000000180)={0x80})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
msgsnd(0x0, &(0x7f00000006c0)={0x0, "a9c759745117fbd2ad2f584a5fffb621ff9f28531db6237b7fdc0c37f356611430420d08f85a0071161f596103ba27eaef6062764123ad3163285726e76052f934297fc498dc90a1610636793cd55747ad61ded5905cd2e81d42d0c5339a66457f026f540a744fb56d993c27bb614a7ec0efe43c0c645f1dd44b826c1ed5a7136ccfdae1483fedd0684aa0ac04f96d6f8f2459683195f3867dbebd4168767a91c009eb9eb22927e9417ab41283e4be36e25a6b66ba6150e34d1eea71876c33e5de83edf55b7d97b32a0268b219dbba5138e0ec24abb68b9354cd2985b4d7380a151110f7b680354d2d5d43134f12a6473df4624ec7e684"}, 0xff, 0x800)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x12, 0x8, 0x4, 0x7cb4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x300, 0x2}, 0x48)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x0, 0x41, &(0x7f00000002c0)="c26bca8b7597f49c865a0489549ff1a88262d4d306f16074", 0x18, 0x0, 0xfffffffe, 0xfffffffe, 0x5, 0x71a8, 0x0})

4m28.173665279s ago: executing program 2 (id=215):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x2, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010004000000000004000500a9930000100000000000000020"], 0x24, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000140)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x2000000000000000}, 0x18)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x70bd2a, 0x3, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20000010)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200), 0x60400, 0x0)
close_range(r3, r4, 0x200000000000000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioprio_get$pid(0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x20000261, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r7, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000800)="e9", 0x9500}, {&(0x7f00000017c0)="ea0189bdebb0c16d420ee9b95082abd6431cc7afc22c4a6b8adecef68f76bd81a86e89f9c80e5c868a12b09e80ba8c01eb3f4b7be71f9fc2355c336cedc15eb778e3a3b35c3f72629ea4d9ae42cf4c17255815fb8a47aafd8b8ff0c202b4e09f7c42811261b5e113fcce27b4329ccb792df14b7d6dcfaf2cf8dbb51946e89c862e9252731f680ec50326fc16386aeefe654bac24", 0x94}], 0x2, &(0x7f0000000100)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xd}, @loopback}}}], 0x20}, 0xe900)
open(&(0x7f0000000000)='./bus\x00', 0x1c71c1, 0x170)

4m27.575357509s ago: executing program 2 (id=220):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x14, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000980), 0x0, 0x2f, 0xe8034000, 0x0, 0x0, 0x0, 0x0, 0x5dc}, 0xffffffffffffff38)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001860000000000000e9ff00000400000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080))

4m25.972050383s ago: executing program 2 (id=231):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110490000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
r2 = dup2(r1, r0)
ioctl$SIOCX25SFACILITIES(r1, 0x89e3, &(0x7f0000000000)={0x9, 0x2, 0x4, 0x7, 0x80000000, 0x81})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'veth1_to_hsr\x00'})

4m25.962392434s ago: executing program 32 (id=231):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110490000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
r2 = dup2(r1, r0)
ioctl$SIOCX25SFACILITIES(r1, 0x89e3, &(0x7f0000000000)={0x9, 0x2, 0x4, 0x7, 0x80000000, 0x81})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'veth1_to_hsr\x00'})

3m43.859624195s ago: executing program 0 (id=924):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713aceb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x6c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)

3m43.841904956s ago: executing program 0 (id=925):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0)
syz_io_uring_setup(0x800053d3, &(0x7f00000004c0)={0x0, 0x7d89, 0x4000, 0x0, 0x286, 0x0, r1}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000700)=<r3=>0x0)
ptrace$getsig(0x4202, 0x0, 0x7, &(0x7f0000000540))
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd=r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)=""/158, 0x9e}, {0x0}], 0x2})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2e}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
arch_prctl$ARCH_REQ_XCOMP_GUEST_PERM(0x1025, 0x6)
socket$pppl2tp(0x18, 0x1, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500000001"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x6)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000040)={'team0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x220, 0x0, 0x25, 0x148, 0x158, 0x60, 0x358, 0x2a8, 0x2a8, 0x358, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8, 0x0, {0x200003ae, 0x7f00}}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x280)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r10}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x1400, &(0x7f0000000180)=[{&(0x7f00000001c0)="d80000001c0081064e81f782db44b9040a1d08040e00000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162756aa5e8d7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000"], 0x0}, 0x94)

3m43.793408226s ago: executing program 0 (id=927):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kfree\x00', r0}, 0x18)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x5, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810d8, 0x8})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x40505330, &(0x7f00000001c0)={0x800000, 0x80, 0xfdfffffd, 0x5, 0x3ffd, 0x7})
r2 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff})

3m43.615855219s ago: executing program 0 (id=932):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x7}, 0x18)
prctl$PR_SET_NAME(0xf, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100), 0x1, 0x58a, &(0x7f0000001b40)="$eJzs3T1sG2UfAPD/neOmH3nf9JXeV3pBHSpAKlJVJ+kHFKZ2RVSq1AGJBSLHjao4cRUn0EQZ0r1CdECAupQNBkYQAwNiYWRlATEjVTQCqekARv5K09QJTohjyP1+0tnPc3f2/3nu/H/sO93JAWTW8fpDGvFURFxOIobXLRuI1sLjzfVWV5aKD1eWiknUald+TiKJiAcrS8X2+knr+UhELEfE/yPi63zEyXTtLQ+0C9WFxanxcrk026qPzE1fH6kuLJ66Nj0+WZoszZx58aVz58+eGzs9tr65D2vra/nt9fXWD7ffufXtK3dvf/LpseXie+NJXIih1rL1/dhNzW2Sjwsb5p/tRbA+SvrdAHYk18rzeir9L4Yj18r6TmrrB4fBPWke0EO1wYgakFGJ/IeMav8OqB//tqe9/P1x72LzAKQed7U1NZcMNM9NxMHGscnhX5LHjkzqx5tH97Kh7EvLNyNidGDgyc9/0vr87dzobjSQnvrqYnNHPbn/07XxJzqMP0Ptc6d/UXv8W31i/HsUP7fJ+He5yxi/vf7jh5vGvxnxdMf4yVr8pEP8NCLe7DL+nde+OL/ZstpHESeic/y2ZOvzwyNXr5VLo83HjjG+PHHs5a36f3iT+M1ztgcbXzOdtn/aZf8//+azZ5a3iP/8s1vv/07b/1BEvNtl/P88+PjVzZbdu5ncr/8K2O7+TyIfd7uM/8KF49+3is4aAgAAAAAAAADALkob17IlaWGtnKaFQvMe3v/G4bRcqc6dvFqZn5loXvN2NPJp+0qr4WY9qdfHWtfjtuunN9TP5FoBc4ca9UKxUp7oc98BAAAAAAAAAAAAAAAAAADg7+LIhvv/f8017v/f+HfVwH61+V9+A/ud/Ifsejz/k761A9h7vv8hs2ryH7JL/kN2yX/ILvkP2SX/IbvkP2SX/AcAAAAAAAAAAAAAAAAAAAAAAAAAgJ64fOlSfao9XFkq1usTAwvzU5W3Tk2UqlOF6flioViZvV6YrFQmy6VCsTL9Z++XVCrXR2Nm/sbIXKk6N1JdWHxjujI/0/5P0VK+5z0CAAAAAAAAAAAAAAAAAACAf56hxpSkhYh8s56mhULEvyLiaBLJ1Wvl0mhE/DsivsvlB+v1sX43GgAAAAAAAAAAAAAAAAAAAPaZ6sLi1Hi5XJrtXWGgFaqHIbovDGxn5YhY3t1m1N9x26/KtzZgnzedQqYKfRyUAAAAAAAAAAAAAAAAAAAgox7d9NvtK37vbYMAAAAAAAAAAAAAAAAAAAAgk9KfkoioTyeGnxvauPRAspprPEfE23euvH9jfG5udqw+//7a/LkPWvNP96P9QLfaeZpGRD2PAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEeqC4tT4+VyaXaHhcEu1ul3HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB24o8AAAD//+mR0Yo=")
r2 = openat(0xffffffffffffff9c, 0x0, 0x143041, 0x0)
write$UHID_INPUT(r2, 0x0, 0x0)
pwritev2(r2, 0x0, 0x0, 0xe7b, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
execveat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x100)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000380)=@ipv6_getaddr={0x18, 0x16, 0x1, 0x0, 0x25dfdbfc}, 0x18}, 0x1, 0x0, 0x0, 0x40080}, 0x0)
syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000740)=[{&(0x7f00000003c0)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e570028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}, {&(0x7f0000000480)="1e980d58c38eb3397b6cf0378525d7b3d02b71f7e9edba7ac3d8a02036f7", 0x1e}], 0x2)
r5 = socket(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r7}, 0x18)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100fffe08000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f840000000c0a01030000000000000000010000000900020073797a32000000005800038054000080080003400000000248000b80200001800a00010071756f7461000000100002800c0001400000000000000000100001800c000100636f756e74657200140001800a00010072616e6765000000040002800900010073797a30"], 0x108}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYRES16=r5], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r10}, 0x18)

3m43.428154722s ago: executing program 0 (id=939):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd63"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
ioctl$FS_IOC_GETFSSYSFSPATH(0xffffffffffffffff, 0x80811501, &(0x7f0000000180)={0x80})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
msgsnd(0x0, &(0x7f00000006c0)={0x0, "a9c759745117fbd2ad2f584a5fffb621ff9f28531db6237b7fdc0c37f356611430420d08f85a0071161f596103ba27eaef6062764123ad3163285726e76052f934297fc498dc90a1610636793cd55747ad61ded5905cd2e81d42d0c5339a66457f026f540a744fb56d993c27bb614a7ec0efe43c0c645f1dd44b826c1ed5a7136ccfdae1483fedd0684aa0ac04f96d6f8f2459683195f3867dbebd4168767a91c009eb9eb22927e9417ab41283e4be36e25a6b66ba6150e34d1eea71876c33e5de83edf55b7d97b32a0268b219dbba5138e0ec24abb68b9354cd2985b4d7380a151110f7b680354d2d5d43134f12a6473df4624ec7e684"}, 0xff, 0x800)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x12, 0x8, 0x4, 0x7cb4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x300, 0x2}, 0x48)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x0, 0x41, &(0x7f00000002c0)="c26bca8b7597f49c865a0489549ff1a88262d4d306f16074", 0x18, 0x0, 0xfffffffe, 0xfffffffe, 0x5, 0x71a8, 0x0})

3m42.88796957s ago: executing program 0 (id=946):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x11, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

3m42.88767337s ago: executing program 33 (id=946):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x11, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1m19.662044987s ago: executing program 5 (id=3571):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x1000040, &(0x7f0000000040)=ANY=[], 0x85, 0x1237, &(0x7f00000006c0)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==")
openat(0xffffffffffffff9c, &(0x7f0000002800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x42, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
rename(&(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (fail_nth: 5)

1m19.47618841s ago: executing program 5 (id=3577):
getpid() (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) (async, rerun: 32)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async, rerun: 32)
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) (async, rerun: 64)
r3 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) (rerun: 64)
fallocate(r3, 0x0, 0x400000000000000, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) (async, rerun: 64)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) (async, rerun: 64)
pipe(&(0x7f0000000000))

1m19.412779561s ago: executing program 5 (id=3579):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
lsm_list_modules(&(0x7f0000002600)=[0x0, 0x0], &(0x7f0000000000)=0x10, 0x0)

1m19.380369561s ago: executing program 5 (id=3581):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000580)='ext4_sync_fs\x00'}, 0x18)
syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff) (async)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000380)={&(0x7f0000000080), 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="680001", @ANYRES16=r1, @ANYBLOB="01002cbd7000fedbdf25010000000000000008410000004c00180000000173797a3000"/98], 0x68}, 0x1, 0x0, 0x0, 0x4802}, 0x84840)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
semget$private(0x0, 0x6, 0x40d)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
ioperm(0x0, 0xd, 0x4000000000000020)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x9a) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x9a)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000004c0)='ntfs\x00', 0x4, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00') (async)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r3, &(0x7f0000001240)=[{&(0x7f0000000a40)}, {&(0x7f0000000b00)="9b5937bbf46a0a752f10243253d99fbb3227121bb4836b8073322d1ac20976026ad7649ec309fb239ebb9c2cd94e3c0a9d3ae6ba455d59f9121db45c1e3f9819cdbc953deaafd98b8131db4b498bc0addfc7e4ee821a6bcee9b07b6b4c5e8997eb7c74a5c85b0cf77de5346e9a72baa07d1096a2cf190170c4afda7fa59bd94e11bb77019f82de797869753f2b1bebfed1fdbd0f1edc487e9bf6bb46a696fd31f957a4b9109df7026a6dcc1626387f9b551cdb820d568a83df198b9c4ec31516929c32f9294778c656d42591359cf5057865524d", 0xd4}, {&(0x7f0000000500)="2a6dfe6b588f0649b7c62468b77834dbabbd4b954da4", 0x16}, {&(0x7f0000000c00)="acf5964b4d2aba2c68c363b6bc49a8c7becac3bbb7dfcc8b79d6d4f52be12eeb2b79d208ff301d18aa1e5b70729f3b4aa941103981c5f58d8d4971d20b6aa6c7bc3d371b296f014d7bec9aed7f966e46d306d93dabbef889580d6d6e78ba9c72b644dfe391899db31310e59eb3e734ccda545701b2fc7dbb748af3f4f2f22510c8965985c95e73ec6c46ac80a4a74288351133b2890706681f10d66dec0d89e27fdd35fe7ddfe33b4a8d99acecc1586f6d1d257e22e1bf7e390d6d4dbe967e616ccaba4ce0491838ad8469dbfe3c4280330a5c7fc0192c113affde67d5805e2181281f44c3", 0xe5}, {&(0x7f0000000d00)="35b67d93a84d33eb70ff581e3a9d9d0da6dc5d9e513fd7f0d6a7e1a170a9fd02e1e8ab7be3d54f2942d30bb052ff1db99d44bbba505f4ec35bbda360e6b433a93f22eaa64d7024893d4a99395bd583c81e435a0b3c52004bf44246828d6b76a7bd", 0x61}, {&(0x7f0000000e00)="3737510ba7998eb0a92eb479b9ac482e6adde06f82a7ed40961de2f2044db9ddc090c9ad2b99c28af1c0147e8302afcf6fdcf929bec6a1a7739a151623ff9e7b9f32748cb18596", 0x47}, {&(0x7f0000000900)="77b4e397d715192fe3359683aa3821a5743791eb874ff73cb6f2c8611e3a8e43ac1284712eab0840d89426", 0x2b}, {&(0x7f0000000e80)="414cc229ebe174b727f00ec3f1d02a27c4bab19ef5ff046bb5aaec1fa8b6d8b49c4ca80426f1d27aaa0a3a5f74b020a430b1cc1f485e8c9013fdfe42f6f11c3e2686e59c5a7738096c5826f442e5b049f8dd9b7ef8aca94c0a7f7553c48bca6b78498c8f52bea41749243422a96cabd158f601376639e11bd9acdcca6296ab8f4212d1c47c37329f2aa90197826b918c914e4d11f8a79eaaddf1", 0x9a}, {&(0x7f0000001040)="02e5570de9bd58f3ae924514eb95d3085d5b4ffc3ad1b8cdf7f7086f87dfad4ff604ecaacc625a44eea266710d093ac57e807436b57559bc78129208b4f028c7e81351dfef9e381d85c5d7f74e505af08f656fc416ece1fe515b610553eae1493e2459694cff2e285b0950b6fbf41125552e543886087d7a4b2f3712e4936fa9a603d367e7a557ec66248ea8ff43257b7d39a1d3e0a6b44079f21d6fed50bdeddf27c762dfec391b025a0c2d839c5394e86baa36", 0xb4}], 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x14, &(0x7f0000000d80)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x200000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800"], 0x69)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x11, 0xd, &(0x7f0000001300)=ANY=[@ANYRES32, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8fe00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095c9536b18d2daca7aa0707c4623a5cbb2fb6895094f1549131a3eccd0e42f847cbbaa0ae555ae8ae5b86c56d324706d5eca08c1551cc11b77b1e9ef0be689c8e720a6c2ffdee9988aac9bf74f3676ec4d06b85a9e8d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2b, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x11, 0xd, &(0x7f0000001300)=ANY=[@ANYRES32, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8fe00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095c9536b18d2daca7aa0707c4623a5cbb2fb6895094f1549131a3eccd0e42f847cbbaa0ae555ae8ae5b86c56d324706d5eca08c1551cc11b77b1e9ef0be689c8e720a6c2ffdee9988aac9bf74f3676ec4d06b85a9e8d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2b, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='f2fs_filemap_fault\x00', r5, 0x0, 0x5}, 0x18)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a00100000000280", 0x2a}], 0x1}, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x80000072)
r6 = socket$netlink(0x10, 0x3, 0x14)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xb, 0xc, &(0x7f0000000f40)=ANY=[@ANYBLOB, @ANYRESDEC=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000002100"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000840)=@bpf_tracing={0x1a, 0x7, &(0x7f0000000a00)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="00000000000000009500000000000000"], &(0x7f0000000540)='GPL\x00', 0x9, 0xb4, &(0x7f0000000640)=""/180, 0x41000, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000580)={0x3, 0xc, 0x80000000, 0x10}, 0x10, 0x2c226, r7, 0x0, &(0x7f0000000700)=[r4, r4, 0xffffffffffffffff], 0x0, 0x10, 0x9}, 0x94)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f00000013c0)=""/242, 0xf2}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00'}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00'}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1m19.228077184s ago: executing program 5 (id=3582):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$SMC_PNETID_ADD(r2, 0x0, 0xc800)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r1, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0) (fail_nth: 2)

1m19.017420097s ago: executing program 5 (id=3586):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, 0x0, &(0x7f00000001c0)}, 0x20)
r1 = syz_io_uring_setup(0x121d, &(0x7f0000000500)={0x0, 0x7d0c, 0x80, 0x3, 0x237}, &(0x7f0000000040)=<r2=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket(0x2a, 0x2, 0x0)
r4 = memfd_secret(0x80000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x18)
fcntl$setlease(r4, 0x400, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x2f})
io_uring_enter(r1, 0x47b4, 0xed69, 0x0, 0x0, 0x0)

1m18.993893288s ago: executing program 34 (id=3586):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, 0x0, &(0x7f00000001c0)}, 0x20)
r1 = syz_io_uring_setup(0x121d, &(0x7f0000000500)={0x0, 0x7d0c, 0x80, 0x3, 0x237}, &(0x7f0000000040)=<r2=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket(0x2a, 0x2, 0x0)
r4 = memfd_secret(0x80000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x18)
fcntl$setlease(r4, 0x400, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x2f})
io_uring_enter(r1, 0x47b4, 0xed69, 0x0, 0x0, 0x0)

23.071912863s ago: executing program 4 (id=4479):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000003580)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8, 0x0)

23.064686463s ago: executing program 4 (id=4480):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000005c0)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_open_dev$mouse(&(0x7f0000000040), 0x0, 0x20400)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x3d, 0xfff6, 0x65, 0x5, 0x5, 0x4, 0x3, @rand_addr=0x64010102, @local}}}}}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000440)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x20, 0xdc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x67, 0x5}}}}}, 0x0)

23.024392363s ago: executing program 4 (id=4483):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r4 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r4, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000000080)=[@in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
getsockopt$sock_buf(r5, 0x1, 0x1c, 0x0, &(0x7f0000000040)=0x1c00)
r6 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x28c, 0x0, r2}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
set_mempolicy(0x1, 0x0, 0x4)
r9 = signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x5]}, 0x8)
name_to_handle_at(r9, &(0x7f00000000c0)='\x00', 0x0, 0x0, 0x1400)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000820000008600000095000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r10}, 0x10)
r11 = dup(r6)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="48000000100003042dbd7000fedbdf2500007400", @ANYRES32=0x0, @ANYBLOB="00080000075005002800128008000100677470001c000280080003000700000008000700dfffdf0105000500"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0)
connect$l2tp6(r11, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r4, 0x0, 0x0})
dup3(r4, r12, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0x10, 0xd}}, [@TCA_RATE={0xfffffffffffffe2c, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)
openat(r9, 0x0, 0x5c3842, 0x0)
io_uring_enter(r6, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
close_range(r3, r4, 0x0)

22.187282847s ago: executing program 4 (id=4501):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pwrite64(r0, 0x0, 0x0, 0x4)
r1 = syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r2 = syz_clone(0x81100, 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0)
fcntl$lock(r1, 0x24, &(0x7f0000000340)={0x1, 0x0, 0x8, 0x7f, r2})

21.94123623s ago: executing program 4 (id=4502):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
migrate_pages(0x0, 0x2, 0x0, 0x0)

19.227993632s ago: executing program 4 (id=4557):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x18)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, <r4=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000500)={0x38, 0x2c, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r4}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b6408686030"]}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @pid}, @generic="29924f6a90c7e1f0"]}]}, 0x38}], 0x1}, 0x0)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000600, r4, &(0x7f0000000240)={0x9, 0x1000, 0x1, 0x7})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000080), &(0x7f0000000440)=r1}, 0xfffffffffffffca4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x0, &(0x7f0000000080)})
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ustat(0x3, &(0x7f0000000000))

19.191415803s ago: executing program 35 (id=4557):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x18)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, <r4=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000500)={0x38, 0x2c, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r4}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b6408686030"]}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @pid}, @generic="29924f6a90c7e1f0"]}]}, 0x38}], 0x1}, 0x0)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000600, r4, &(0x7f0000000240)={0x9, 0x1000, 0x1, 0x7})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000080), &(0x7f0000000440)=r1}, 0xfffffffffffffca4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x0, &(0x7f0000000080)})
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ustat(0x3, &(0x7f0000000000))

11.058559889s ago: executing program 1 (id=4702):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20008844)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0x68f}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$netlink(0x10, 0x3, 0xe)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f0000000000)={0x13, 0xc, 0x2, 0xa, 0x0, [@empty, @local, @mcast1, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, @dev={0xfe, 0x80, '\x00', 0x16}]}, 0x68)
write(r2, &(0x7f0000004200)='t', 0x1)
syz_open_dev$usbfs(&(0x7f0000000280), 0x4, 0x121000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

10.645878815s ago: executing program 1 (id=4704):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kvm_dirty_ring_push\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}], 0x2)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r3, &(0x7f00000003c0)='./file0\x00')
memfd_create(0x0, 0x2)
r4 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000300)=0x2)
ioctl$PPPIOCSACTIVE(r5, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
read(r5, 0x0, 0x0)
readlinkat(r3, &(0x7f0000000700)='./file0/../file0\x00', &(0x7f00000002c0)=""/184, 0xb8)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
socket$inet_udp(0x2, 0x2, 0x0)

9.753409289s ago: executing program 1 (id=4714):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20008844)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0x68f}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$netlink(0x10, 0x3, 0xe)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f0000000000)={0x13, 0xc, 0x2, 0xa, 0x0, [@empty, @local, @mcast1, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, @dev={0xfe, 0x80, '\x00', 0x16}]}, 0x68)
write(r2, &(0x7f0000004200)='t', 0x1)
syz_open_dev$usbfs(&(0x7f0000000280), 0x4, 0x121000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

8.976423611s ago: executing program 1 (id=4720):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@errors_remount}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x22)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
r2 = syz_create_resource$binfmt(&(0x7f0000000080)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, r2, 0x41, 0x1ff)
pwrite64(r0, &(0x7f0000000140), 0x0, 0xfecc)

8.776536394s ago: executing program 1 (id=4727):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=ANY=[@ANYBLOB="3c000000100005ff00000000000000010000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x3c}}, 0x0)

8.38170474s ago: executing program 1 (id=4737):
cachestat(0xffffffffffffffff, &(0x7f00000001c0)={0x1, 0x8cd8}, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700"}, 0x48, 0xfffffffffffffffe)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x4, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000340)={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x43}}, {0x1, @link_local}, 0x4, {0x2, 0x0, @multicast2}, 'lo\x00'})
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000002c0), 0x800, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r6=>0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=@RTM_NEWMDB={0x38, 0x55, 0x1e5, 0x0, 0x25dfdbfd, {0x7, r6}, [@MDBA_SET_ENTRY={0x20, 0x1, {r8, 0x1, 0x0, 0x4, {@ip4=@broadcast, 0x86dd}}}]}, 0x38}}, 0x20044050)
bind$can_raw(r3, &(0x7f0000000340)={0x1d, r8}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r1, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fdeb3f2152ebdbc21520ca01f64bb821576deef4ed6696cdddc1768b5b4fbd68a687cb6ba52ecf5cc6f8f05062f26de19d6aaaeb6cbca00e46685f77d2b3e8dd9d0d099e799cd5a76c67ab283f790366f7f744508edc9e48fa101b89215bd330c4e706c1f09d781a5a50aef5e424a7a88b3241a338ca7411cda28aa167b5628b79e8a7d588efb69636181b9c54f6d296386c95f8a08e27d5792dcb20fa3b5b4f60c71f310b31bb1ab4a825c2dc10fac150a17d92bb51849d9eea53c78d427d8d1036dc906084046fcae09499c220ef50c2c7c475f392bc288eb5efb8032d1ade92e88e50a05a95dd5c6cbbdfb086fa53bca14d40c8c3f7149b39b16b7c7370978389366174db5fbc99dbe958f8c1690cd695dfbe6c384162a412c8d3cfd7cf223f9df4c67b92514111891f53d4e19826797302e1a87e7a627c52740bb3bd311771a68d349c0a68ef6f2a765f8220323add67b2b6695ca41adcda387a4264bcd94c8578a9ccca3b55ebcda45369b56068cfeec34abc2cbd94b9b12d057fa9d4328d57073f40e5ae64443e4a10ed400575bbd1168a170a0134b9ad28735dbd9603a9e417cce864f2141a92f57e1fdfcff4776f94a794d6db8d3e9e0ecc783956c7ab15a8d5639d3df1ac9da6057af913a563bd55b657f37cbf4cae2919aea6ff8a748eb4c036361b8866cc062bbad019f43d02b0c38bd6309f2baa53924466203ab8d00daaac4c9da846e645d64c10e47c32e9824e79ade4eeee7cbf71b1bb48f760800b04334745ab553dea12a85f0671eb07a4cc67ceaffa8269e0b052f25136cfb8a6b9327a2d165c42933642d3171ad00ebf0be485f5ed319021600a94072f251c8905a2451eba3ba7db2ec5fb8613463a796610629719166259ffa3261e06f09b5a69798b88848da9028ff7ed8a729c384374fce0f4f5cda3b61cc4d61da382c5708f26edb16e9b65d667ed61248dfbed35a6a886adec25361c17d9f30f94db7e3085440df135ddec94f3f01fe2e2f9edb9e19fd8ae0b93363f0dbadc858d8e0a93dea50e89b2d7674b7e0f813c38f70a87554f5d0b95b531ec006716207abc5c34bcf447f0e547516d2fa23e2871db3662c8fb30e93b939aaed219ca9ef4b30f79e3d27e1caece83168292a10c0abf24f5fe97ef6fd46045f6ee3fc33d995a79584426fdac0c663d4991364d450dd71cf86e7d298ec8500eae0fa9b26b9ba3077033e643428ec81ae9192174", 0x3da}], 0x1}}], 0x1, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x10, &(0x7f0000000600)=0x5, 0x4)

8.351922341s ago: executing program 36 (id=4737):
cachestat(0xffffffffffffffff, &(0x7f00000001c0)={0x1, 0x8cd8}, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700"}, 0x48, 0xfffffffffffffffe)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x800000, 0x4, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000340)={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x43}}, {0x1, @link_local}, 0x4, {0x2, 0x0, @multicast2}, 'lo\x00'})
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000002c0), 0x800, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r6=>0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=@RTM_NEWMDB={0x38, 0x55, 0x1e5, 0x0, 0x25dfdbfd, {0x7, r6}, [@MDBA_SET_ENTRY={0x20, 0x1, {r8, 0x1, 0x0, 0x4, {@ip4=@broadcast, 0x86dd}}}]}, 0x38}}, 0x20044050)
bind$can_raw(r3, &(0x7f0000000340)={0x1d, r8}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r1, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fdeb3f2152ebdbc21520ca01f64bb821576deef4ed6696cdddc1768b5b4fbd68a687cb6ba52ecf5cc6f8f05062f26de19d6aaaeb6cbca00e46685f77d2b3e8dd9d0d099e799cd5a76c67ab283f790366f7f744508edc9e48fa101b89215bd330c4e706c1f09d781a5a50aef5e424a7a88b3241a338ca7411cda28aa167b5628b79e8a7d588efb69636181b9c54f6d296386c95f8a08e27d5792dcb20fa3b5b4f60c71f310b31bb1ab4a825c2dc10fac150a17d92bb51849d9eea53c78d427d8d1036dc906084046fcae09499c220ef50c2c7c475f392bc288eb5efb8032d1ade92e88e50a05a95dd5c6cbbdfb086fa53bca14d40c8c3f7149b39b16b7c7370978389366174db5fbc99dbe958f8c1690cd695dfbe6c384162a412c8d3cfd7cf223f9df4c67b92514111891f53d4e19826797302e1a87e7a627c52740bb3bd311771a68d349c0a68ef6f2a765f8220323add67b2b6695ca41adcda387a4264bcd94c8578a9ccca3b55ebcda45369b56068cfeec34abc2cbd94b9b12d057fa9d4328d57073f40e5ae64443e4a10ed400575bbd1168a170a0134b9ad28735dbd9603a9e417cce864f2141a92f57e1fdfcff4776f94a794d6db8d3e9e0ecc783956c7ab15a8d5639d3df1ac9da6057af913a563bd55b657f37cbf4cae2919aea6ff8a748eb4c036361b8866cc062bbad019f43d02b0c38bd6309f2baa53924466203ab8d00daaac4c9da846e645d64c10e47c32e9824e79ade4eeee7cbf71b1bb48f760800b04334745ab553dea12a85f0671eb07a4cc67ceaffa8269e0b052f25136cfb8a6b9327a2d165c42933642d3171ad00ebf0be485f5ed319021600a94072f251c8905a2451eba3ba7db2ec5fb8613463a796610629719166259ffa3261e06f09b5a69798b88848da9028ff7ed8a729c384374fce0f4f5cda3b61cc4d61da382c5708f26edb16e9b65d667ed61248dfbed35a6a886adec25361c17d9f30f94db7e3085440df135ddec94f3f01fe2e2f9edb9e19fd8ae0b93363f0dbadc858d8e0a93dea50e89b2d7674b7e0f813c38f70a87554f5d0b95b531ec006716207abc5c34bcf447f0e547516d2fa23e2871db3662c8fb30e93b939aaed219ca9ef4b30f79e3d27e1caece83168292a10c0abf24f5fe97ef6fd46045f6ee3fc33d995a79584426fdac0c663d4991364d450dd71cf86e7d298ec8500eae0fa9b26b9ba3077033e643428ec81ae9192174", 0x3da}], 0x1}}], 0x1, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x10, &(0x7f0000000600)=0x5, 0x4)

1.495633497s ago: executing program 9 (id=4867):
r0 = syz_io_uring_setup(0xfb, &(0x7f00000003c0)={0x0, 0x4, 0x10100}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103})
sendto(r3, &(0x7f0000001680), 0x0, 0x1c015, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0), 0x4)
io_uring_enter(r0, 0x46f6, 0x0, 0x0, 0x0, 0x0)

1.478393157s ago: executing program 9 (id=4869):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x18)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, <r4=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000500)={0x38, 0x2c, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r4}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b6408686030"]}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @pid}, @generic="29924f6a90c7e1f0"]}]}, 0x38}], 0x1}, 0x0)
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000600, r4, &(0x7f0000000240)={0x9, 0x1000, 0x1, 0x7})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000080), &(0x7f0000000440)=r1}, 0xfffffffffffffca4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x0, &(0x7f0000000080)})
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x2, 0x3, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
get_robust_list(0x0, &(0x7f0000000880)=0x0, &(0x7f00000008c0))
ustat(0x3, &(0x7f0000000000))

1.371779469s ago: executing program 3 (id=4871):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kvm_dirty_ring_push\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}], 0x2)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r3, &(0x7f00000003c0)='./file0\x00')
memfd_create(0x0, 0x2)
gettid()
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000300)=0x2)
ioctl$PPPIOCSACTIVE(r4, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'veth1_to_bond\x00', 0x1000})
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
socket$inet_udp(0x2, 0x2, 0x0)

1.351194359s ago: executing program 3 (id=4873):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000068040000000000000000080000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) (async)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000001c0)={'ip6gre0\x00', &(0x7f00000004c0)={'ip6tnl0\x00', <r4=>0x0, 0x29, 0x8, 0xd1, 0x100, 0x28, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, 0x90, 0x40, 0x5, 0x400}})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r2}, 0x8) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', r4}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r6}, 0x18) (async)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000ff0000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000280050003001b000000080002400000001108000440000000040900010073797a30000000000900020073797a32"], 0x80}}, 0x0) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10) (async)
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

1.211778292s ago: executing program 3 (id=4875):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/../file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000780)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500001400000000006c907800000000000000000420880b0000000000000800000086dd0800887a00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000"], 0x0)
socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @random="b842351ec964"})
write$tun(r1, 0x0, 0x72)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(r3, 0x0, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="020000000400000008000000010000"], 0x48)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r5, 0x84, 0x15, &(0x7f00000000c0), 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback, 0x1000}], 0x1c)
writev(r5, &(0x7f0000000100)=[{&(0x7f0000000180)="c2", 0x1}], 0x1)
exit(0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000280)={@dev}, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_open_dev$usbfs(0x0, 0x204, 0x2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)

1.211505532s ago: executing program 6 (id=4876):
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4000, 0x0, 0x0, 0x2)

1.210952692s ago: executing program 8 (id=4878):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x1000000000007fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x4, @perf_config_ext={0x407fff, 0xaea}, 0x14125, 0x2e, 0xfffffbff, 0x1, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xfdffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000580)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfeffffff, 0x5d31, 0x2008, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfffd, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, r0, 0xb)

1.190990702s ago: executing program 7 (id=4879):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000600000000000000008500000007000000c5000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x200c840, &(0x7f0000000080)={[{@discard}, {@noload}]}, 0x64, 0x526, &(0x7f0000000a40)="$eJzs3c9vI1cdAPDveO0l2c3WKXCAHkqhRdkVrJ00tI04lCIhOFUCyn0JiRNFceIocdpNVNFE/AFcECBxggsXJP4DVIkLxwqpCM4gikAItnDgAAwae5zNZu04uzh26nw+0uy8N7++73n3jefNvB0HcGk9ExGvRMR/0zS9FRHlfHkhn+KgPWXbvX/vzaVsSiJNX/tbEkm+rHOsJJ9fz3ebiIivfyXiW8nDcXf29tcX6/Xadp6vNje2qjt7+7fXNhZXa6u1zfn5uRcXXlp4YWF2IPW8EREvf+lP3//uT7/88i8++8Yf7vzl5rezYk3l64/X4xEVT1vZrnqp9Vkc32H7MYNdRMVWDXOTZ9vn8BzLAwBAb9k1/ocj4lMRcSvKceX0y1kAAADgAyj9wlT8O4lIu7vabeFE9NweAAAAuIAKrTGwSaGSjwWYikKhUmmP4f1oXEvfimh+ZqWxu7ncHis7HaXCylq9NpuPFZ6OUpLl51rp+/nn2/nD9yJa+fmIeDIivleebOUrS4368qhvfgAAAMAlcf1E//+f5Xb/HwAAABgz06MuAAAAAHDu9P8BAABg/On/AwAAwFj76quvZlPa+f3r5df3dtcbr99eru2sVzZ2lypLje2tymqjsdp6Z99Gv+PVG42tz8Xm7t1qs7bTrO7s7d/ZaOxuNu+sPfAT2AAAAMAQPfmJt3+XRMTB5ydbU+Zqj22vDLVkwHkrHqWSfN6l9f/+ifb8vSEVChiKft/pvykPqSDA0BVHXQBgZEqPsrH/JwBjKemzvufgnXfy+ScHWx4AAGDwZj7e+/l/4dQ9D05fDVx4GjFcXkfP/3sN+gPGVuv5/1nbvosFGCslo/rh0uv7/L/XAIB3zhohTR+tRAAAwKBNtaakUMlv701FoVCpRNxoDfcvJStr9dpsRDwREb8tlz6U5edaeyZ9+wwAAAAAAAAAAAAAAAAAAAAAAAAAQFuaJpECAAAAYy2i8Ofkl+13+c+Un5s6eX/gavKvcuQ/EfrGj177wd3FZnN7Llv+96PlzR/my58fxR0MAAAA4KROP73TjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAQXr/3ptLnWmYcf/6xYiY7ha/GBOt+USUIuLaP5IoHtsviYgrA4h/cBgRH+sWP8mKdRSyW/zJ848f0/mn0C3+9QHEh8vs7ez880rW/q5GxPH2V4hnWvPu7a8Y8UD+cbXOf9kJrsv5t3P+u9Kj/d84cazpHjGeevfn1Z7xDyOeKnY//3TiJz3iP3vGOn7zG/v7vdalP46Y6fr9kzwQq9rc2Kru7O3fXttYXK2t1jbn5+deXHhp4YWF2erKWr2W//nQ8Ut9ypbV/1qP+NN96v/cGev/n3fv3vtIj+Jk8W8+2yX+r36Sb/Fw/EL+3ffpPJ2tn+mkD9rp457+2a+fPq3+yz3q3+/v/+YZ63/ra9/549FOAMDI7eztry/W67XtsU1kvfQLUAyJx0uc6z/RtwZ6wDRN06xN/R/HSWLkH3gnMeozEwAAMGj3L/pHXRIAAAAAAAAAAAAAAAAAAAC4vIbxOrGTMQ+OUskgXqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAQ/wsAAP//Yu/R8g==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
r2 = open(0x0, 0x4827e, 0xdc)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r2)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r3, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x34, r4, 0x8, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x1}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x1}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x3}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x351}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000010}, 0x40004)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x1, 0x1af}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000100))
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f0000000a00)={{0x2, 0x4e20, @broadcast}, {0x0, @local}, 0x64, {0x2, 0x4e21, @broadcast}, 'pim6reg0\x00'})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r5, 0x47f8, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000180)='.\x00', 0x0, 0x81)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0, 0x80000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240), 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="6400000010000304000000000000000ffe000000", @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

1.174697322s ago: executing program 6 (id=4880):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180900001200000000000000fe000000850000006d"], &(0x7f0000000980)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x65)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
syz_open_dev$vcsa(&(0x7f0000000000), 0x3, 0x113c00)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20001004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x5, 0x0, @buffer={0x2, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96e", 0x0, 0x0, 0x0, 0x0, 0x0})

1.105570023s ago: executing program 8 (id=4881):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xab) (async)
r3 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$inet_opts(r3, 0x0, 0x9, &(0x7f0000001900)="d31305a73cc11ad6829db3725d2b7cfa19dac70e2441eeebd6f31b88d635f15ab0edba4970e57637dd3e52951686d6de047d37202c4b94102d1e8b4fd3ce36b56a1c6c34ab72177b08a068d279bfcb26ac6e360f2d25734fc6a1d8ccd66423c7aba2ba548b5e6b0b727c9e1bb8fcaaec13ab81c7a4208e7bfc1402be0c38377181d4069b8b2f1396676766a570ee6cea210c0c4585629cd6384b0eaae8debf113dcc0543a7de6fe041bc1d45edff11d270995fa4191429f906d5cb87dddeda8b49bda79fd9ce96ef0e1f81fe027a1e9f144c87f060b0c3697e1d04967bb92a30ed6cfca67c354c8a7712e64b31b6fda20c8239a32122f644b49cbd6ba1be54bf7f176bb387a22f6e56029f69d0b51b23458746506721944bf6aa35b607409f3d5324aa0d4b658bbceea69992b7be095990650c5815f51ff63f1776d18d3b1709e5a17b79728809e055ea1951ba1fa16143e8ea18b2415b1afe3084deb68a7666f73406c98bdc420cb81923039b4f672fd4df77b52286e8641c27028cdc5469a13f2259dd77de3289829c6f68a6394be9d9843928219c06847872d1dcd6c5c0989339c6b1b8ef539951a0568fba30dddee6fa3deabe66e19cdbbcfa44e388eafb50515f55b355bef4d59ddb785ae8ab9a9c92bcc9cfa7f3959ed1635bcaad86630aaf75265864fc4c45ad4099c5604f845dad11823f004e32c2557c336c7e4fff9b0a281f81ccf646098b246eea282f267492573c6eb74794a13a3998a52d13709d3804f3834661b7a9f84b1042b067290b2e474ccea0b1ab3337a0905aaa1ae096320331009c17b11891bcad2515da1403d20a31d3ebaadc5e87f6a9e3ffa27575489027d9cd17deb7b2a3e20932849040bf432b0b7ac819ffd4a1f9388daa171d8f29e79b98bec5a36fbd1813b2336d1e774286290bee60a80eec4237dcefb50545b8e59a39170e25e0454b9ba2ec6d06ca48f4d72c3e193b2a6d2cf4def88981a04fc948297153187ad8b2418e74fda6d119037541d1bb09d75be7b1915a2d6fa32d47f9e33d5afd0477d34a3798a87017f5fb89f53b35975357287884718d5163f0b861afe090eee09b69327e50c098faae4233abc5fd1bd412014dc4b378e31b32300a04a655b423383b13c3cc27bd252964a447afe0d4ad8ec7ca6ce0549607d5c4821a2b29be1a82d247574d2662cfd62453f7e0cc4ed6fc5e6c7ad45a2c6f8591d3025901defdf0c75eff22e7fcbb99f7486e180d88ed68ab22a96fd8b4ebcc8f909636b7bf996659b742e73b7d29e83fddba8ffddc19404a532bbb180f9af0b50f32ec444ac25fa662d83d339df05d6b26f654163ea9bffbd51208e3a10d94d4d11938f7325e2d097c5b0dcd69f8557250318e8d7b1b07b407aa30b32000ae90e1a8cb535878400221fc7b33b1a9cc4fe3ff68b6cccfe14e980acf2ce136c8adeadc8e8dd6eee21159566357888f4dae1e434bbc4de9257ff21d79a011f74f6297f29f9b9af64d6deaf85f500a9fe501d8fd9a4427177f03e99a27d6d7334b81c9a093f58e144754271af13e01a78a15c5d14dee7f3a4dee509656e8308aef57f14a3dea577244e7869ba049ed83abf4481a97fb3b189695f47170c02000af1c3eaa25c206d4feab5b89d37a07fc379b2f41426aee602ac104d2227d6d815ae9dcf46ca88e99c665602e3fbfea19cbc4a0b90f4acb406b43a5044db27b2e1737383dd50cc9e28bc92e5aa249a2e4389f4e9a3338ccd458669727732a5d93e0f10a0ef631fc38341b673a174e2b6386d79ccf08736145bb77de10b280796a8e6789fb0e8d97121a7cf18478d6f62a2b9fda29f5cab7441bd6ef52dfe4f8d85896d890976437269b660e671a20712afac5a368aea873f6ddfeff4425cef438e7dfe5165797499eeaca3b814297eecc2fd57605d62b48e53dc0d899a842a1f260ecc4a5613ccf1ba4806da156efe3dfcd2303b74759be697391ab3a1484641fb3b5f8ef704b1f7454a959c0992ee549655363ed8bfa6f959bc8183bde6982dcc0b9b65b6b01857032711851f9854d43a6aee0bdc0bb7e8bf732e034886b2e70ab9ec7fabbed47bc08ca43c8ec4a6e152560a6514b5ef9318dae729d3356346f73c8358551f2d1322d0fa87e62f15345d2bdac9a0cd34a3d838846225327e81b18950a88135335c1eb1d501c435071d7d5b55ddd124c37570df08ffa6819e38afffcb912212729e54d9732fd1f48dd4d4aa9c7661d12803edaa3113e1b3b2020bbdc6d6ebc0720b3f8fefb7a78d777c087cbde4dcc24662aed83d50aad24ceb77a19b10592ad192af797163bf030d1eea07f2f0f62af25f49a979de64268e632426416a253e2500cd75e8a0b8a1e244a218bb2933397629f783d448097716131cb2ff4f7e2190eb7e9c3e20a7ae0110df1858b0349ea3cd35f83086f3a2a103c9b98f81ea7182dc3727dcd817d75eeda64f4b95ef6f605de52fc3cb3880d4a1e31640acb135232f7dde83845183a536c0aa30a78ef3f52fbf431e2cbfccf72ae2eaeb218429a6c10a3e3b686e23e40b3dfb84f19d3df94a10591229ecebf7e880f0ef233eadb2fc3203b4b31430afe1c294d96ec4bedfb814be4bfa5277cdcbd3f55b7be971a4bb45941dd298d469ea7f858ac76e21d4cdb2bd70fadfbf141052711c6ecdb643680a7de084de1a34ef9565443a6cf4af13401e7e9f620e9092a85780fc67499d5c15ba9feb806b492e1f8e5ccc44ac6d92d0bd6a2b0d97f570b2906a20a2a7c364d69b3be8718853d90064134cb222bff4c78c15c8a4c1bd272f9b52bec3f1805e153cc255e5e1d0add5f9e4f40786682a1541eb8e205e295a28f5de32aaa156b5988abbdd5e16e56b072955196c583e7cec0f62417af9a161426c0ff757974b0856d0c83db514913195d0f6c73d3c125634383183ff111aeeb52a6b20b071b9b9c6b48590ee83dd4a4e9b5603e91e30dbc7193d97e88787a71e55fd3e8de1c202991f46321967bc2ae7bebefc391e258ce3da06430507661b73d03e1c0c918df38f97bf353fd6cc917ba85eed93912bb447036d97166c42d4ef6106764cef82f3ecc33e4093ffd3653d34cdf2dd9f5d8b0646de819f327d44ebe655488cc6b7ad22c06501b87503fdfd607546e2f91a724d13ebe6cabe63db8aab747c6783c56f6e38ffd4dbb1e0a73f229c58e9c640da078f0b367c745504c427641a222c87259ffde294201292cb62e42f117c20cb5e397cc2c5446439f21df668d34afd43bd091a3009ef7c1a70899b1c44860b6470f08757cbd056186aeb1552e138b018498e1110496b5e0eb13df0c05a9010df9ee98a7fce21b335c0608f3817491c3dbeba5aad8f1b8dce48515f0d7c2273118145a73c060f0092af15d2d03325efef2fbb1f426476f9029416f8c1cb49f5db9e4ca1b1ac2127bf5d826adb8d9b569d5db80bb681c7c65e1579b8dfcb252ca7a7b238bd80b861bbb76a88b0b774824a932f24296755f92cecda66adc36a61846a6a93bb34b0cc95666f09df42fd366114f03da8c9f0ffae0940dee5e1710697157ddcc851e36c5498feb01f03a287126694976a8ba1b592748310f3a8b69fcf67d2fa28f02c2583555bcd04c1b94f85a1e96555344da84d3a6631332b060ae21b392ed2e4dbaca33a1bec59e046165979bdc2ed4dbdb103fe64d0196a6790da3d8b699f30a784a837b71c336afbe6d67819a557ddd5072e3ce9c5a8947f778919ce1cac1888ccff00a4614655137d8b78621dd4f11aa04228700c9a1d7f38461357eca3318581d7c7ce8229724cf3bf9252d232a0200e720de8e86ec49bdc225476e5a3af195f6d7c6b66e75dbcf72f30b7087ad6f8748ca3661984f9c59a0f3e7d25673e6ebc1490bd0882aa54f86513f219c8eb1b7d6e111ecdf762e418eab8285dc4bf3643d48d7a474522d0f40a83e8bc1d6c51b6d181cdccb2fc92f00218ad631909ce2f0a8e5ae859806f6e3ce228380bd165301370b5d103f7cac3b1c2c5d55c2fe2b173d7e5eaadaaaecb6a50443903ae96cc43d26ca84543a696f050f8b90959b212b5c815c8ea3b96fec67a2b7dfdcf434a500b2be62daf9bc7450fe4ec6a9c421ef94c234298f391c3349223fe268b94934d78abc0a5dc6077fe7c0fb9d9b557330b2d4dd2fdc2dd9771c43468360e9f844315c89edcb9931c92991cd290646365cee28d10ffa7d0d98aecbf2474cf2ce797becb68e319d0de8864e7f30e79d78b139276465caad9b4b9ca5dbf89ee2771503b898ed3cc902086b1b5a3c5ea12dacae07bfa4b82c97176a2b3eeef9c7584595e465a127a5f88abcccca64cd5ce1d7e3c1a8e74278eed93313cc6da7f02eb1bd4e508abc3e1f3d89775e37cbcae0aa6828a8514013e2be8a2006eaf4d2f90cab4a6cbcc1eb145e0d82d1c9ae70afb5542827bbbf7cac8fd94f86334ab1f549748e90971a0cb56569974546e29e4c69fabd820b7e6ef11792e754a20b8449f596f8d667d9efe83de7db106d3022837dd5964f5a0ebf2b9f1ac4eecf797665b21600d573d5563b7c50d2dc3a8ed8337cc0a220c09d8a06984bc3e74a0756b8192a8a825b57f2f69e359095b3cfd8c1be84c1011cdf6975c46ea72cce4191a19b383af1053dbd31fc811b6f0e10f7fff492ebdb30110c05fc2e983f853e5e884d8a3c8eabed75efbc5fd98678e08ebd2f0b4b53da7cf717ec952c5377d354a4ab0d445af7849b19e1c0056a3f5493b177bd8ed77a300bc5707cab14ece883a0c2bb54071f7f82a18d4110fc51dd581041e450bfbfead12bbd9d9844a78ecaddc7d230f45785ee7dcd19af8017d02da19d2f2314289d10f08387ed17025d359f847457cec2872aaa0e43f03c16a1379c8673f4a2b011c6a58d422a6b4a579ce7c0a3a01aa494782f30afa654836a9aa2c233738f782c4442a21f07b2b82ec27d342e7e05fab959fe57969a8a910f28464ddc5fb3119573253fc17472fe6d190d994840cb5ee2e7e95d856a45c823b5c2546f1569ce3316354e40c89ecff8093c31501bd9a7ca43d62e8efbc245cb74bb76755c4c8929fb0e9d885120d26aae08391cc2d984788ae09d3a145d3b154c05ded371a924a51fe7b5879cfe0921cba9b530557b13443214308bd7e7738e15304fc97af9bf4b169a0bb97ffff519359ea52549f1e764e25ce88967fd11046fa1c0897b1736d073c8b0e1e61d2807fede5fec7fadd067bd4e7afbe525e3cd3ddf08ac1da90ed569e9352e49da31e89a4448d0e0b1649b2625b31014f31abb06523be9cb5cda204007088036da9f3460e31750c40aa985e1aaac39644e94567b2c78f2b1898369ab70913fea3c9615581edc45b3c68d007db10d1ad2e1a320f097e330989ada1e0e8604217339be3e8967d95544883f256e9285201c022da82c85fcd470dc7732d1dc21f27545c99b848ee501f8b8a37b1f99432d1d05f0ab2c6d8cfa1ddeb9eeed4f4e4567e39fcdb7e73d19c477e6e1d61c69d0f6ab0f0021c03ba10c868d20492f42c8cb5c26d21762bb8b5826e7353ad3f9e43ff8e083d664aaf178236ede7bcef114dddfd066a91bae05e3729cd2e95589b64c2571bbb8759beec3f9dddc2c2eca260fd20d676d009b5db43d299177f62a452b9bb889f8db28988f9f9b36c7e3c24c54bc82e499ce256bdd23e1c89d0e21b8004daaccd6fd123a64eca8ba766532995067abcaf6ffa0d0c07310ae13b9b3827c01ddcdb2de91d0e863d854a60bf437861c383f08b13a844a3c2f524d3f36aa76f7a459e14b9b", 0x1000) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) (async)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
r5 = socket$packet(0x11, 0x3, 0x300) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @link_local}, 0x14) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001700)=ANY=[@ANYBLOB="540200001600010000000000fedbdf25ff0100000000000000000000000000010a0101010000000000000000000000004e2200004e2300000a00200021000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fc0000000000000000000000000000000000000033000000e0000002000000000000000000000000060000000000000019d000000000000009000000000000000000000000000000000000000000000008000000000000000000000000000000ff030000100000000300000000000000ffffffff00000000ffffff7f000000000900000000000000000000007f000000070000002bbd7000000000000200013f000000000000000001000000060000002c001300200100000000000000000000000000010000000000000000000000020000001c00040003004e204e210000fe"], 0x254}}, 0x0) (async)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000110000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg$kcm(r10, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000000)="d5", 0x101d0}], 0x1}, 0x0) (async)
r11 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
tgkill(r11, r11, 0x21)
wait4(r11, 0x0, 0x40000000, 0x0)

1.105250953s ago: executing program 6 (id=4882):
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
write$selinux_attr(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e000000000000"], 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = io_uring_setup(0x62c0, &(0x7f0000000580)={0x0, 0x90000000, 0x1, 0x0, 0x1d2})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000002700)=""/4096, 0x1000}], &(0x7f0000000080)=[0x2, 0x0, 0x7, 0x80000000, 0x98], 0x1}, 0x20)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000000)=0x2)
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000140)={0x1, &(0x7f0000000540)=[{0x1, 0x3, 0x35, 0x7}]})

1.104596063s ago: executing program 9 (id=4883):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kvm_dirty_ring_push\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}], 0x2)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r3, &(0x7f00000003c0)='./file0\x00')
memfd_create(0x0, 0x2)
gettid()
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000300)=0x2)
ioctl$PPPIOCSACTIVE(r4, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'veth1_to_bond\x00', 0x1000})
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
socket$inet_udp(0x2, 0x2, 0x0)

1.008116075s ago: executing program 7 (id=4884):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000142020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000e02800850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r0}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX])

1.007722855s ago: executing program 6 (id=4885):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
chdir(0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB="000000000000000f0000000000d4e76cf7000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x4, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180044f228000000000000000000000000000020000c00ffffffff9500000000"], &(0x7f0000000240)='GPL\x00', 0xd, 0x0, 0x0, 0x41000, 0x9}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
readv(r2, &(0x7f0000001140)=[{&(0x7f0000000700)=""/206, 0x18}], 0x1)
mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000ffa000/0x1000)=nil)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRES8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000800)={{}, &(0x7f0000000580), &(0x7f00000007c0)='%-5lx  \x00'}, 0x20)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vW1kZAOD3Ol9OJp1khlkAAqYMAwVVdRJ3JhrNAoYVQqgSokuQ2pC4URQ7jmKnNKGL9D8gUYkVLPkBrLtizwbBjk1ZIPERgZpKLIzu9U3qJnaTkjSO4ueRrHvOue59z0lyz6nfxD4BDKyrEbETEaMRcTcipvL2QkQkaeGz9iN93rPdh4t7uw8Xk2i1bv8zyc6nbfvXSvLjW/k1ixHxo+9F/DQ5Grextb26UK1WNvL6TLO2PtPY2r6xUltYrixX1srl+bn52U9uflw+s7G+XxvNS19++oedb/087dZk3tI5jrPUHvrIQZzIv+Y/eBPB+mAoIobzn5/clX72h9eT3ufvRsQH2f0/FUPZdxMAuMxaraloTXXWAYDLrpDlwJJCKc8FTEahUCq1c3jvxUShWm80r9+rb64ttXNl0zFSuLdSrczmucLpGEnS+lxWflEvH6rfjIh3IuIXY+NZvbRYry718z8+ADDA3jq0/v9nrL3+AwCXXLHfHQAAzp31HwAGj/UfAAaP9R8ABo/1HwAGj/UfAAaP9R8ABsoPb91KH629/POvl+5vba7W799YqjRWS7XNxdJifWO9tFyvL2ef2VM77nrVen197qPYfDD97fVGc6axtX2nVt9ca97JPtf7TmXkXEYFALzKO+8/+XMSETufjmeP6NjLwVoNl1uh3x0A+mao3x0A+sZuXzC4TvEaX3oALokuW/S+pBgR44cbW61W6811CXjDrn1B/h8GVUf+318Bw4CR/4fB1TP/f+TFPnDZtFrJSff8j5M+EQC42OT4gR6//383P/42/+XAT5YOP+Px4QbvKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBw7O//W8p37piMQqFUirgSEdMxktxbqVZmI+LtiPjT2MhYWp/rc58BgNMq/C3J9/+6NvXh5OGzo8nzsewYET/71e1fPlhoNjf+mLb/66C9+ThvL/ej/wDAcfbX6ezY8UL+2e7Dxf3Hefbn79+NiGI7/t7uaOwdxB+O4exYjJGImPh3ktfbko7cxWnsPIqIz3cbfxKTWQ6kvfPp4fhp7CvnGr/wUvxCdq59TL8WnzuDvsCgeZLOP591u/8KcTU7dr//i9kMdXr5/JdeanEvmwNfxN+f/4Z6zH9XTxrjo99/v10aP3ruUcQXhyP2Y+91zD/78ZMe8T88ermu/vKlr3zQ61zr1xHXonv8zlgzzdr6TGNr+8ZKbWG5slxZK5fn5+ZnP7n5cXkmy1HP9F4N/vHp9bd7nUvHP9EjfvGY8X/9ZMOP3/z37o+/+or43/xat/iFeO8V8dM18RsnjL8w8btir3Np/KUe4z/u+3/9hPGf/nX7yLbhAED/NLa2Vxeq1cqGgsLFL6Q/shegG10L3zmvWKPxWv+q1fq/YvWaMc4i6wZcBAc3fUQ873dnAAAAAAAAAAAAAACArs7jHUv9HiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACX1/8CAAD//yzc0nY=")
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0}, 0x94)

1.007497104s ago: executing program 8 (id=4886):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x32}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @remote}, 0x3}}, 0x2e)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @multicast1}, 0x2}}, 0x2e)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
write$UHID_DESTROY(r0, &(0x7f00000001c0), 0x4)

969.677255ms ago: executing program 8 (id=4887):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, 0x0, 0x0, 0xc0)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

968.666975ms ago: executing program 7 (id=4888):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x7, 0x30}, 0xc)
sendto$inet6(r0, &(0x7f0000000480)="aa", 0x1, 0x24000012, 0x0, 0x0)
sendmsg$inet6(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="b0", 0x1}], 0x1}, 0x4)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x1, 0x20}, 0xc)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000340)=',', 0x34000}], 0x1)

951.348715ms ago: executing program 9 (id=4889):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0xac}, 0x1, 0x0, 0x0, 0x8040}, 0x0)

948.769415ms ago: executing program 8 (id=4890):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000001180)=[{{&(0x7f0000000140)={0xa, 0x0, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4}, 0x1c, &(0x7f00000005c0)=[{&(0x7f0000000240)="81", 0x1}], 0x1}}, {{&(0x7f0000000080)={0xa, 0x4e22, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000300)="8c", 0x1}], 0x1}}, {{&(0x7f00000001c0)={0xa, 0x4e24, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000200)="0543", 0x2}], 0x1}}], 0x3, 0x4004851)
setsockopt(r1, 0x84, 0x14, &(0x7f0000000040)="020000000980ffff", 0x8)
getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000000)={0x2, 0x0, "d37283", 0x9, 0xfd})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0xcd760, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180), 0x1}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0})
socket$inet6_sctp(0xa, 0x801, 0x84)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4000, 0x0, 0x0, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xd, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
write(0xffffffffffffffff, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000f40000000000000100001524000180060005004e230000060001000200000008000300ac1414aa0800060001000000"], 0x38}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="2000000000000000180a02000000000000000000000000009500000000bb0000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x3, &(0x7f000000cf3d)=""/195}, 0x65)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000280)={@broadcast, @initdev}, &(0x7f00000002c0)=0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000680)='fsi_master_aspeed_opb_write\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000006000000000000000000"], 0x48)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0xd8100, 0x0)

933.736376ms ago: executing program 9 (id=4891):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kvm_dirty_ring_push\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}], 0x2)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x6)
r3 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000300)=0x2)
ioctl$PPPIOCSACTIVE(r4, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
read(r4, 0x0, 0x0)

683.330559ms ago: executing program 8 (id=4892):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kvm_dirty_ring_push\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}], 0x2)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x6)
r3 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000300)=0x2)
ioctl$PPPIOCSACTIVE(r4, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
read(r4, 0x0, 0x0)

444.209313ms ago: executing program 3 (id=4893):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180900001200000000000000fe000000850000006d"], &(0x7f0000000980)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x65)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
syz_open_dev$vcsa(&(0x7f0000000000), 0x3, 0x113c00)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20001004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x5, 0x0, @buffer={0x2, 0x51, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96e", 0x0, 0x0, 0x0, 0x0, 0x0})

384.053564ms ago: executing program 3 (id=4894):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={@loopback, @loopback, @loopback, 0x7, 0x3, 0x32, 0x100, 0x2, 0x82d90242})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x20200, 0x0)
ioctl$SNAPSHOT_FREE(r2, 0x3305)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
sendto$phonet(0xffffffffffffffff, &(0x7f0000000340)="9b27d46d7fb03935d2695e90ed461005708ee9a5bfe996c570347cd39e318042ea70b9bedd5b928d84986e1ce27071eead3eafd0adda2eb61f650fa7374f40fe1884f2a3e52463e8dd183a9bc8855252f02bb8def830bbed9d5fd1e437270846dcbd3dfe4714aa7c7cddc92c6db11e6d84163920346bb754cc296320812f2d1bc445a77e846593059f1387fcde83eb38c5353a55f53ec09a445cdd0fa0e1", 0x9e, 0x4000, &(0x7f0000000200)={0x23, 0x1, 0x2, 0x1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r4=>0x0})
bind$can_raw(r3, &(0x7f0000000000)={0x1d, r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x200000000000006}, 0x18)
fcntl$notify(0xffffffffffffffff, 0x402, 0x848234f1c7d17d24)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bind$can_raw(r3, &(0x7f0000000080), 0x10)

354.138525ms ago: executing program 3 (id=4895):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
chdir(0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB="000000000000000f0000000000d4e76cf7000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x4, 0x20000000000000ac, &(0x7f0000000080)=ANY=[@ANYBLOB="180044f228000000000000000000000000000020000c00ffffffff9500000000"], &(0x7f0000000240)='GPL\x00', 0xd, 0x0, 0x0, 0x41000, 0x9}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
readv(r2, &(0x7f0000001140)=[{&(0x7f0000000700)=""/206, 0x18}], 0x1)
mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000ffa000/0x1000)=nil)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRES8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000800)={{}, &(0x7f0000000580), &(0x7f00000007c0)='%-5lx  \x00'}, 0x20)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0}, 0x94)

231.454637ms ago: executing program 6 (id=4896):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x5)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'dvmrp0\x00'})
syz_open_pts(r1, 0x284080)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r0, {0x6}}, './file0\x00'})
bind$netlink(r2, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbff, 0x8}, 0xc)
bind$inet(r0, &(0x7f0000000ac0)={0x2, 0x4e24, @empty}, 0x10)

159.989038ms ago: executing program 6 (id=4897):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20008844)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0x68f}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$netlink(0x10, 0x3, 0xe)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f0000000000)={0x13, 0xc, 0x2, 0xa, 0x0, [@empty, @local, @mcast1, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, @dev={0xfe, 0x80, '\x00', 0x16}]}, 0x68)
write(r2, &(0x7f0000004200)='t', 0x1)
syz_open_dev$usbfs(&(0x7f0000000280), 0x4, 0x121000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c30000"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

151.255298ms ago: executing program 7 (id=4898):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000142020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000e02800850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r0}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX])

122.859648ms ago: executing program 7 (id=4899):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r1 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804071, 0x0, 0x0, 0x0, &(0x7f0000000140))
recvmsg(r0, &(0x7f0000000580)={&(0x7f0000000100)=@nfc_llcp, 0x80, &(0x7f0000000e80)=[{&(0x7f0000000500)=""/98, 0x62}, {&(0x7f0000000780)=""/89, 0x59}, {&(0x7f0000000900)=""/166, 0xa6}, {&(0x7f0000000ac0)=""/191, 0xbf}, {&(0x7f0000000d00)=""/128, 0x80}], 0x5, &(0x7f0000000f00)=""/178, 0xb2}, 0x42)
getpeername(r0, &(0x7f0000000fc0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, &(0x7f0000000640)=0x80)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
r2 = creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4004)
rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
link(&(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f00000014c0)={{0x1, 0x1, 0x18, r1, {0x65ff}}, './file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'})
lsetxattr$trusted_overlay_origin(&(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000005c0), &(0x7f0000000600), 0x2, 0x0)

54.787649ms ago: executing program 9 (id=4900):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kvm_dirty_ring_push\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}], 0x2)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r2 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x6)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r3, &(0x7f00000003c0)='./file0\x00')
memfd_create(0x0, 0x2)
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000300)=0x2)
ioctl$PPPIOCSACTIVE(r4, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'veth1_to_bond\x00', 0x1000})
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
socket$inet_udp(0x2, 0x2, 0x0)

0s ago: executing program 7 (id=4901):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f00000002c0), 0x0, 0xc0)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

kernel console output (not intermixed with test programs):

120][ T3413] lo speed is unknown, defaulting to 1000
[  277.929437][T16349] loop6: detected capacity change from 0 to 1024
[  277.940205][T16349] EXT4-fs: Ignoring removed orlov option
[  277.946094][T16349] EXT4-fs: Ignoring removed nomblk_io_submit option
[  277.955414][T16352] FAULT_INJECTION: forcing a failure.
[  277.955414][T16352] name failslab, interval 1, probability 0, space 0, times 0
[  277.968120][T16352] CPU: 1 UID: 0 PID: 16352 Comm: syz.4.4179 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  277.968160][T16352] Tainted: [W]=WARN
[  277.968239][T16352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  277.968254][T16352] Call Trace:
[  277.968260][T16352]  <TASK>
[  277.968268][T16352]  __dump_stack+0x1d/0x30
[  277.968289][T16352]  dump_stack_lvl+0xe8/0x140
[  277.968312][T16352]  dump_stack+0x15/0x1b
[  277.968357][T16352]  should_fail_ex+0x265/0x280
[  277.968395][T16352]  should_failslab+0x8c/0xb0
[  277.968424][T16352]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  277.968490][T16352]  ? sidtab_sid2str_get+0xa0/0x130
[  277.968527][T16352]  kmemdup_noprof+0x2b/0x70
[  277.968550][T16352]  sidtab_sid2str_get+0xa0/0x130
[  277.968572][T16352]  security_sid_to_context_core+0x1eb/0x2e0
[  277.968594][T16352]  security_sid_to_context+0x27/0x40
[  277.968701][T16352]  selinux_lsmprop_to_secctx+0x67/0xf0
[  277.968725][T16352]  security_lsmprop_to_secctx+0x43/0x80
[  277.968776][T16352]  audit_log_task_context+0x77/0x190
[  277.968942][T16352]  audit_log_task+0xf4/0x250
[  277.969007][T16352]  audit_seccomp+0x61/0x100
[  277.969038][T16352]  ? __seccomp_filter+0x68c/0x10d0
[  277.969097][T16352]  __seccomp_filter+0x69d/0x10d0
[  277.969149][T16352]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  277.969189][T16352]  ? vfs_write+0x75e/0x8e0
[  277.969221][T16352]  ? __rcu_read_unlock+0x4f/0x70
[  277.969312][T16352]  ? __fget_files+0x184/0x1c0
[  277.969355][T16352]  __secure_computing+0x82/0x150
[  277.969429][T16352]  syscall_trace_enter+0xcf/0x1e0
[  277.969452][T16352]  do_syscall_64+0xac/0x200
[  277.969472][T16352]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  277.969509][T16352]  ? clear_bhb_loop+0x40/0x90
[  277.969533][T16352]  ? clear_bhb_loop+0x40/0x90
[  277.969553][T16352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.969581][T16352] RIP: 0033:0x7f928a04e929
[  277.969598][T16352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.969620][T16352] RSP: 002b:00007f92886b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000021
[  277.969642][T16352] RAX: ffffffffffffffda RBX: 00007f928a275fa0 RCX: 00007f928a04e929
[  277.969670][T16352] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  277.969683][T16352] RBP: 00007f92886b7090 R08: 0000000000000000 R09: 0000000000000000
[  277.969698][T16352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.969712][T16352] R13: 0000000000000000 R14: 00007f928a275fa0 R15: 00007ffe17394e08
[  277.969734][T16352]  </TASK>
[  277.971155][T16349] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  278.391296][T16349] veth0: entered promiscuous mode
[  278.397215][T16349] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4177'.
[  278.465810][T15699] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.481082][T16367] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4184'.
[  278.542541][T16379] FAULT_INJECTION: forcing a failure.
[  278.542541][T16379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.555764][T16379] CPU: 1 UID: 0 PID: 16379 Comm: syz.7.4188 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  278.555800][T16379] Tainted: [W]=WARN
[  278.555806][T16379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  278.555863][T16379] Call Trace:
[  278.555870][T16379]  <TASK>
[  278.555879][T16379]  __dump_stack+0x1d/0x30
[  278.555919][T16379]  dump_stack_lvl+0xe8/0x140
[  278.555938][T16379]  dump_stack+0x15/0x1b
[  278.555954][T16379]  should_fail_ex+0x265/0x280
[  278.556103][T16379]  should_fail+0xb/0x20
[  278.556136][T16379]  should_fail_usercopy+0x1a/0x20
[  278.556222][T16379]  _copy_from_user+0x1c/0xb0
[  278.556246][T16379]  ____sys_sendmsg+0x1c5/0x4e0
[  278.556291][T16379]  ___sys_sendmsg+0x17b/0x1d0
[  278.556422][T16379]  __x64_sys_sendmsg+0xd4/0x160
[  278.556512][T16379]  x64_sys_call+0x2999/0x2fb0
[  278.556577][T16379]  do_syscall_64+0xd2/0x200
[  278.556596][T16379]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  278.556622][T16379]  ? clear_bhb_loop+0x40/0x90
[  278.556655][T16379]  ? clear_bhb_loop+0x40/0x90
[  278.556683][T16379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.556716][T16379] RIP: 0033:0x7ff92f31e929
[  278.556734][T16379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.556763][T16379] RSP: 002b:00007ff92d987038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  278.556786][T16379] RAX: ffffffffffffffda RBX: 00007ff92f545fa0 RCX: 00007ff92f31e929
[  278.556801][T16379] RDX: 0000000000000000 RSI: 0000200000000780 RDI: 0000000000000006
[  278.556862][T16379] RBP: 00007ff92d987090 R08: 0000000000000000 R09: 0000000000000000
[  278.556877][T16379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  278.556959][T16379] R13: 0000000000000000 R14: 00007ff92f545fa0 R15: 00007ffe35337d58
[  278.557061][T16379]  </TASK>
[  278.562422][T16378] loop6: detected capacity change from 0 to 512
[  278.790481][T16378] EXT4-fs: Ignoring removed mblk_io_submit option
[  278.797121][T16378] ext4: Unknown parameter 'obj_role'
[  279.128711][T16395] loop6: detected capacity change from 0 to 1024
[  279.136864][T16395] EXT4-fs: Ignoring removed orlov option
[  279.145803][T16395] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.492514][T15699] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.505336][T16418] wg2: entered promiscuous mode
[  279.510399][T16418] wg2: entered allmulticast mode
[  279.518117][T16420] blktrace: Concurrent blktraces are not allowed on sg0
[  279.589678][T16431] loop4: detected capacity change from 0 to 1024
[  279.599171][   T29] kauditd_printk_skb: 381 callbacks suppressed
[  279.599185][   T29] audit: type=1400 audit(1751287289.695:19615): avc:  denied  { block_suspend } for  pid=16432 comm="syz.3.4207" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  279.601695][T16431] EXT4-fs: Ignoring removed orlov option
[  279.651262][T16431] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.707990][   T29] audit: type=1326 audit(1751287289.811:19616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16439 comm="syz.6.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  279.745073][   T29] audit: type=1326 audit(1751287289.842:19617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16439 comm="syz.6.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  279.768703][   T29] audit: type=1326 audit(1751287289.842:19618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16439 comm="syz.6.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  279.792332][   T29] audit: type=1326 audit(1751287289.842:19619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16439 comm="syz.6.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  279.816141][   T29] audit: type=1326 audit(1751287289.842:19620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16439 comm="syz.6.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  279.839676][   T29] audit: type=1326 audit(1751287289.842:19621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16439 comm="syz.6.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  279.863547][   T29] audit: type=1326 audit(1751287289.842:19622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16439 comm="syz.6.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  279.887188][   T29] audit: type=1326 audit(1751287289.842:19623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16439 comm="syz.6.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  279.910703][   T29] audit: type=1326 audit(1751287289.842:19624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16439 comm="syz.6.4211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  279.941367][T16452] lo speed is unknown, defaulting to 1000
[  280.014595][T16455] loop6: detected capacity change from 0 to 512
[  280.027782][T16455] EXT4-fs: Ignoring removed orlov option
[  280.053854][T16455] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  280.071773][T16455] EXT4-fs (loop6): can't mount with commit=, fs mounted w/o journal
[  280.181717][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.209368][T16447] SELinux: ebitmap: truncated map
[  280.256789][T16447] SELinux: failed to load policy
[  280.266830][T16459] loop4: detected capacity change from 0 to 1024
[  280.276564][T16459] EXT4-fs: Ignoring removed nobh option
[  280.282178][T16459] EXT4-fs: Ignoring removed bh option
[  280.309066][T16459] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.365266][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.385669][T16469] sctp: [Deprecated]: syz.3.4218 (pid 16469) Use of struct sctp_assoc_value in delayed_ack socket option.
[  280.385669][T16469] Use struct sctp_sack_info instead
[  280.402778][T16468] sctp: [Deprecated]: syz.3.4218 (pid 16468) Use of struct sctp_assoc_value in delayed_ack socket option.
[  280.402778][T16468] Use struct sctp_sack_info instead
[  280.564158][T16482] __nla_validate_parse: 6 callbacks suppressed
[  280.564175][T16482] netlink: 164 bytes leftover after parsing attributes in process `syz.4.4221'.
[  280.615340][T16484] loop7: detected capacity change from 0 to 1024
[  280.624420][T16482] netlink: 164 bytes leftover after parsing attributes in process `syz.4.4221'.
[  280.630975][T16484] EXT4-fs: Ignoring removed orlov option
[  280.633604][T16482] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4221'.
[  280.660943][T16484] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.810441][T16497] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4230'.
[  280.993886][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.043901][T16506] loop6: detected capacity change from 0 to 1024
[  281.050924][T16506] EXT4-fs: Ignoring removed nobh option
[  281.056541][T16506] EXT4-fs: Ignoring removed bh option
[  281.082550][T16506] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.101405][T16506] EXT4-fs error (device loop6): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  281.116348][T16506] EXT4-fs (loop6): Remounting filesystem read-only
[  281.136580][T15699] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.193627][T16516] netlink: 14 bytes leftover after parsing attributes in process `syz.6.4235'.
[  281.232356][T16518] loop7: detected capacity change from 0 to 1024
[  281.240962][T16518] EXT4-fs: Ignoring removed orlov option
[  281.250320][T16518] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.278697][T16520] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4240'.
[  281.306720][T16520] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  281.314178][T16520] batman_adv: batadv0: Removing interface: batadv_slave_0
[  281.351590][T16520] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.359040][T16520] batman_adv: batadv0: Removing interface: batadv_slave_1
[  281.464827][T16529] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4242'.
[  281.543838][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.158889][T16558] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4255'.
[  282.237418][T16560] loop7: detected capacity change from 0 to 1024
[  282.254454][T16560] EXT4-fs: Ignoring removed orlov option
[  282.274316][T16560] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.495012][T16589] loop6: detected capacity change from 0 to 1024
[  282.502265][T16589] EXT4-fs: Ignoring removed nobh option
[  282.508248][T16589] EXT4-fs: Ignoring removed bh option
[  282.518507][T16589] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.549720][T16589] EXT4-fs error (device loop6): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  282.566726][T16589] EXT4-fs (loop6): Remounting filesystem read-only
[  282.587447][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.611477][T16598] loop4: detected capacity change from 0 to 1024
[  282.618245][T16598] EXT4-fs: Ignoring removed orlov option
[  282.627837][T16598] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  282.644030][T15699] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.885861][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.998859][T16614] loop4: detected capacity change from 0 to 512
[  283.036579][T16614] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  283.075712][T16614] EXT4-fs (loop4): 1 truncate cleaned up
[  283.088891][T16614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.135800][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.230915][T16621] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4279'.
[  283.296057][T16629] loop4: detected capacity change from 0 to 1024
[  283.303453][T16629] EXT4-fs: Ignoring removed nobh option
[  283.309243][T16629] EXT4-fs: Ignoring removed bh option
[  283.328075][T16629] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.363677][T16629] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  283.383616][T16629] EXT4-fs (loop4): Remounting filesystem read-only
[  283.423876][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.479350][T16641] loop4: detected capacity change from 0 to 1024
[  283.487978][T16643] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4289'.
[  283.499508][T16641] EXT4-fs: Ignoring removed orlov option
[  283.520166][T16641] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.581505][T16660] loop7: detected capacity change from 0 to 1024
[  283.588316][T16660] EXT4-fs: Ignoring removed orlov option
[  283.598506][T16660] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.859362][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.909760][T16678] loop7: detected capacity change from 0 to 1024
[  283.917831][T16678] EXT4-fs: Ignoring removed nobh option
[  283.924954][T16678] EXT4-fs: Ignoring removed bh option
[  283.937699][T16678] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.962080][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.042721][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.214307][T16694] lo speed is unknown, defaulting to 1000
[  284.362728][T16697] 9pnet_fd: Insufficient options for proto=fd
[  284.397277][T16696] netlink: 'syz.4.4305': attribute type 1 has an invalid length.
[  284.534413][   T29] kauditd_printk_skb: 367 callbacks suppressed
[  284.534428][   T29] audit: type=1326 audit(1751287294.820:19992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16700 comm="syz.1.4307" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ca690e929 code=0x0
[  284.714889][T16707] loop4: detected capacity change from 0 to 1024
[  284.727049][T16707] EXT4-fs: Ignoring removed nobh option
[  284.737588][T16707] EXT4-fs: Ignoring removed bh option
[  284.755519][T16707] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.773322][T16707] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  284.788511][T16707] EXT4-fs (loop4): Remounting filesystem read-only
[  284.807678][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.866985][T16723] loop4: detected capacity change from 0 to 1024
[  284.873761][T16723] EXT4-fs: Ignoring removed nobh option
[  284.879488][T16723] EXT4-fs: Ignoring removed bh option
[  284.937220][T16723] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.971622][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.998533][T16735] loop4: detected capacity change from 0 to 1024
[  285.005199][T16735] EXT4-fs: Ignoring removed orlov option
[  285.013768][T16735] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.039650][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.062201][T16742] loop4: detected capacity change from 0 to 1024
[  285.069039][T16742] EXT4-fs: Ignoring removed orlov option
[  285.076871][T16742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.232384][   T29] audit: type=1326 audit(1751287295.618:19993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16739 comm="syz.7.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  285.284634][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.295983][   T29] audit: type=1326 audit(1751287295.618:19994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16739 comm="syz.7.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  285.319695][   T29] audit: type=1326 audit(1751287295.618:19995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16739 comm="syz.7.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  285.343539][   T29] audit: type=1326 audit(1751287295.618:19996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16739 comm="syz.7.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  285.367124][   T29] audit: type=1326 audit(1751287295.618:19997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16739 comm="syz.7.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  285.390754][   T29] audit: type=1326 audit(1751287295.618:19998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16739 comm="syz.7.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  285.414432][   T29] audit: type=1326 audit(1751287295.618:19999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16739 comm="syz.7.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  285.438169][   T29] audit: type=1326 audit(1751287295.618:20000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16739 comm="syz.7.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  285.461756][   T29] audit: type=1326 audit(1751287295.618:20001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16739 comm="syz.7.4321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  285.545481][T16753] __nla_validate_parse: 5 callbacks suppressed
[  285.545496][T16753] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4325'.
[  285.583993][T16758] lo speed is unknown, defaulting to 1000
[  285.629174][T16766] 9pnet_fd: Insufficient options for proto=fd
[  285.644141][T16766] netlink: 'syz.6.4327': attribute type 1 has an invalid length.
[  285.692224][T16773] loop4: detected capacity change from 0 to 1024
[  285.702015][T16773] EXT4-fs: Ignoring removed nobh option
[  285.709684][T16773] EXT4-fs: Ignoring removed bh option
[  285.737352][T16773] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.755870][T16773] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  285.770858][T16773] EXT4-fs (loop4): Remounting filesystem read-only
[  285.807693][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.054813][T16812] loop7: detected capacity change from 0 to 1024
[  286.063001][T16812] EXT4-fs: Ignoring removed nobh option
[  286.068891][T16812] EXT4-fs: Ignoring removed bh option
[  286.080217][T16812] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.113205][T16812] EXT4-fs error (device loop7): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  286.128441][T16812] EXT4-fs (loop7): Remounting filesystem read-only
[  286.201445][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.217560][T16821] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4353'.
[  286.425952][T16841] netlink: 48 bytes leftover after parsing attributes in process `syz.6.4362'.
[  286.435170][T16841] netlink: 48 bytes leftover after parsing attributes in process `syz.6.4362'.
[  286.522816][T16844] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  286.522816][T16844]    program syz.6.4362 not setting count and/or reply_len properly
[  286.557401][T16848] loop7: detected capacity change from 0 to 1024
[  286.564416][T16848] EXT4-fs: Ignoring removed nobh option
[  286.570192][T16848] EXT4-fs: Ignoring removed bh option
[  286.585307][T16848] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.621996][T16848] EXT4-fs error (device loop7): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  286.657569][T16848] EXT4-fs (loop7): Remounting filesystem read-only
[  286.672843][T16857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4367'.
[  286.720182][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.738148][T16857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4367'.
[  286.765589][T16860] loop4: detected capacity change from 0 to 512
[  286.773498][T16860] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  286.788409][T16861] loop7: detected capacity change from 0 to 1024
[  286.823211][T16857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4367'.
[  286.886801][T16857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4367'.
[  286.914200][T16860] EXT4-fs (loop4): 1 truncate cleaned up
[  286.915751][T16861] EXT4-fs: Ignoring removed nobh option
[  286.922543][T16860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.971455][T16861] EXT4-fs: Ignoring removed bh option
[  286.990393][T12718] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.023465][T16857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4367'.
[  287.032559][T16857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4367'.
[  287.057035][T16861] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  287.082565][T16861] EXT4-fs error (device loop7): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  287.102337][T16861] EXT4-fs (loop7): Remounting filesystem read-only
[  287.149780][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.287717][T16892] loop7: detected capacity change from 0 to 1024
[  287.306086][T16892] EXT4-fs: Ignoring removed nobh option
[  287.312484][T16892] EXT4-fs: Ignoring removed bh option
[  287.324369][T16896] loop4: detected capacity change from 0 to 1024
[  287.332534][T16896] EXT4-fs: Ignoring removed orlov option
[  287.345475][T16892] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  287.361442][T16896] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.378128][T16892] EXT4-fs error (device loop7): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  287.393549][T16892] EXT4-fs (loop7): Remounting filesystem read-only
[  287.411704][T16905] FAULT_INJECTION: forcing a failure.
[  287.411704][T16905] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  287.424977][T16905] CPU: 1 UID: 0 PID: 16905 Comm: syz.1.4384 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  287.425032][T16905] Tainted: [W]=WARN
[  287.425038][T16905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  287.425049][T16905] Call Trace:
[  287.425054][T16905]  <TASK>
[  287.425060][T16905]  __dump_stack+0x1d/0x30
[  287.425079][T16905]  dump_stack_lvl+0xe8/0x140
[  287.425100][T16905]  dump_stack+0x15/0x1b
[  287.425179][T16905]  should_fail_ex+0x265/0x280
[  287.425277][T16905]  should_fail_alloc_page+0xf2/0x100
[  287.425362][T16905]  __alloc_frozen_pages_noprof+0xff/0x360
[  287.425403][T16905]  alloc_pages_mpol+0xb3/0x250
[  287.425438][T16905]  alloc_pages_noprof+0x90/0x130
[  287.425473][T16905]  blk_rq_map_user_iov+0x89f/0x14a0
[  287.425513][T16905]  blk_rq_map_user_io+0x18f/0x260
[  287.425552][T16905]  ? selinux_capable+0x1f9/0x270
[  287.425592][T16905]  ? security_capable+0x83/0x90
[  287.425643][T16905]  sg_io+0x382/0x460
[  287.425667][T16905]  scsi_ioctl+0xe7d/0x14d0
[  287.425692][T16905]  ? do_vfs_ioctl+0x9df/0x11d0
[  287.425777][T16905]  sg_ioctl+0x12fb/0x1360
[  287.425870][T16905]  ? __pfx_sg_ioctl+0x10/0x10
[  287.425902][T16905]  __se_sys_ioctl+0xce/0x140
[  287.425972][T16905]  __x64_sys_ioctl+0x43/0x50
[  287.426004][T16905]  x64_sys_call+0x19a8/0x2fb0
[  287.426103][T16905]  do_syscall_64+0xd2/0x200
[  287.426119][T16905]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  287.426142][T16905]  ? clear_bhb_loop+0x40/0x90
[  287.426189][T16905]  ? clear_bhb_loop+0x40/0x90
[  287.426257][T16905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.426282][T16905] RIP: 0033:0x7f5ca690e929
[  287.426299][T16905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.426318][T16905] RSP: 002b:00007f5ca4f77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  287.426335][T16905] RAX: ffffffffffffffda RBX: 00007f5ca6b35fa0 RCX: 00007f5ca690e929
[  287.426365][T16905] RDX: 0000200000000000 RSI: 0000000000005393 RDI: 0000000000000005
[  287.426403][T16905] RBP: 00007f5ca4f77090 R08: 0000000000000000 R09: 0000000000000000
[  287.426487][T16905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.426498][T16905] R13: 0000000000000000 R14: 00007f5ca6b35fa0 R15: 00007fff4e936178
[  287.426515][T16905]  </TASK>
[  287.689972][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.998710][T16925] loop4: detected capacity change from 0 to 8192
[  288.018596][T16931] lo speed is unknown, defaulting to 1000
[  288.190065][T16937] 9pnet_fd: Insufficient options for proto=fd
[  288.252620][T16925] loop4: detected capacity change from 0 to 512
[  288.281104][T16925] ext4: Unknown parameter 'euid<00000000000000000000'
[  288.403952][T16936] netlink: 'syz.1.4393': attribute type 1 has an invalid length.
[  288.541978][T16948] loop7: detected capacity change from 0 to 1024
[  288.560489][T16948] EXT4-fs: Ignoring removed orlov option
[  288.583691][T16957] loop4: detected capacity change from 0 to 1024
[  288.590446][T16957] EXT4-fs: Ignoring removed orlov option
[  288.602391][T16957] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  288.830675][T16977] FAULT_INJECTION: forcing a failure.
[  288.830675][T16977] name failslab, interval 1, probability 0, space 0, times 0
[  288.843523][T16977] CPU: 0 UID: 0 PID: 16977 Comm: syz.6.4408 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  288.843558][T16977] Tainted: [W]=WARN
[  288.843565][T16977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  288.843583][T16977] Call Trace:
[  288.843590][T16977]  <TASK>
[  288.843598][T16977]  __dump_stack+0x1d/0x30
[  288.843621][T16977]  dump_stack_lvl+0xe8/0x140
[  288.843641][T16977]  dump_stack+0x15/0x1b
[  288.843659][T16977]  should_fail_ex+0x265/0x280
[  288.843693][T16977]  should_failslab+0x8c/0xb0
[  288.843792][T16977]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  288.843838][T16977]  ? kstrdup_const+0x3e/0x50
[  288.843866][T16977]  kstrdup+0x3e/0xd0
[  288.843890][T16977]  kstrdup_const+0x3e/0x50
[  288.843985][T16977]  alloc_vfsmnt+0xe7/0x360
[  288.844014][T16977]  clone_mnt+0x41/0x750
[  288.844044][T16977]  copy_tree+0x2f1/0x820
[  288.844121][T16977]  copy_mnt_ns+0x120/0x5e0
[  288.844150][T16977]  ? kmem_cache_alloc_noprof+0x220/0x310
[  288.844179][T16977]  ? create_new_namespaces+0x3c/0x3d0
[  288.844331][T16977]  create_new_namespaces+0x83/0x3d0
[  288.844358][T16977]  unshare_nsproxy_namespaces+0xe8/0x120
[  288.844394][T16977]  ksys_unshare+0x3d0/0x6d0
[  288.844492][T16977]  ? ksys_write+0x192/0x1a0
[  288.844530][T16977]  __x64_sys_unshare+0x1f/0x30
[  288.844560][T16977]  x64_sys_call+0x2d4b/0x2fb0
[  288.844578][T16977]  do_syscall_64+0xd2/0x200
[  288.844641][T16977]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  288.844670][T16977]  ? clear_bhb_loop+0x40/0x90
[  288.844693][T16977]  ? clear_bhb_loop+0x40/0x90
[  288.844714][T16977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.844743][T16977] RIP: 0033:0x7f4fb6a6e929
[  288.844807][T16977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.844825][T16977] RSP: 002b:00007f4fb50d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  288.844846][T16977] RAX: ffffffffffffffda RBX: 00007f4fb6c95fa0 RCX: 00007f4fb6a6e929
[  288.844859][T16977] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020060400
[  288.844872][T16977] RBP: 00007f4fb50d7090 R08: 0000000000000000 R09: 0000000000000000
[  288.844885][T16977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  288.844970][T16977] R13: 0000000000000000 R14: 00007f4fb6c95fa0 R15: 00007fff8618fbb8
[  288.844991][T16977]  </TASK>
[  289.410752][   T29] kauditd_printk_skb: 205 callbacks suppressed
[  289.410768][   T29] audit: type=1326 audit(1751287299.996:20207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.6.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  289.440608][   T29] audit: type=1326 audit(1751287300.007:20208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.6.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  289.472093][   T29] audit: type=1326 audit(1751287300.059:20209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.6.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  289.495731][   T29] audit: type=1326 audit(1751287300.059:20210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.6.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  289.502976][T16983] lo speed is unknown, defaulting to 1000
[  289.519372][   T29] audit: type=1326 audit(1751287300.059:20211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.6.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  289.548854][   T29] audit: type=1326 audit(1751287300.059:20212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.6.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  289.572514][   T29] audit: type=1326 audit(1751287300.059:20213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.6.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  289.596157][   T29] audit: type=1326 audit(1751287300.059:20214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.6.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  289.619791][   T29] audit: type=1326 audit(1751287300.059:20215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.6.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  289.643463][   T29] audit: type=1326 audit(1751287300.059:20216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16978 comm="syz.6.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  289.694297][T16985] 9pnet_fd: Insufficient options for proto=fd
[  289.700845][T16985] netlink: 'syz.1.4411': attribute type 1 has an invalid length.
[  289.920663][T17005] loop6: detected capacity change from 0 to 1024
[  289.959960][T17005] EXT4-fs: Ignoring removed nobh option
[  289.977049][T17005] EXT4-fs: Ignoring removed bh option
[  290.442351][T17019] loop7: detected capacity change from 0 to 1024
[  290.449226][T17019] EXT4-fs: Ignoring removed orlov option
[  290.508952][T17027] loop4: detected capacity change from 0 to 1024
[  290.515854][T17027] EXT4-fs: Ignoring removed nobh option
[  290.521628][T17027] EXT4-fs: Ignoring removed bh option
[  290.536210][T17025] __nla_validate_parse: 9 callbacks suppressed
[  290.536221][T17025] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4423'.
[  290.588783][T17034] lo speed is unknown, defaulting to 1000
[  290.636274][T17035] 9pnet_fd: Insufficient options for proto=fd
[  290.696203][T17038] netlink: 'syz.6.4425': attribute type 1 has an invalid length.
[  290.728008][T17037] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4426'.
[  290.803089][T17047] FAULT_INJECTION: forcing a failure.
[  290.803089][T17047] name failslab, interval 1, probability 0, space 0, times 0
[  290.815904][T17047] CPU: 1 UID: 0 PID: 17047 Comm: syz.4.4429 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  290.815936][T17047] Tainted: [W]=WARN
[  290.815943][T17047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  290.815981][T17047] Call Trace:
[  290.815988][T17047]  <TASK>
[  290.815996][T17047]  __dump_stack+0x1d/0x30
[  290.816020][T17047]  dump_stack_lvl+0xe8/0x140
[  290.816056][T17047]  dump_stack+0x15/0x1b
[  290.816075][T17047]  should_fail_ex+0x265/0x280
[  290.816109][T17047]  should_failslab+0x8c/0xb0
[  290.816134][T17047]  kmem_cache_alloc_noprof+0x50/0x310
[  290.816307][T17047]  ? skb_clone+0x151/0x1f0
[  290.816325][T17047]  skb_clone+0x151/0x1f0
[  290.816340][T17047]  __netlink_deliver_tap+0x2c9/0x500
[  290.816434][T17047]  netlink_unicast+0x64c/0x670
[  290.816467][T17047]  netlink_sendmsg+0x58b/0x6b0
[  290.816485][T17047]  ? __pfx_netlink_sendmsg+0x10/0x10
[  290.816507][T17047]  __sock_sendmsg+0x145/0x180
[  290.816558][T17047]  ____sys_sendmsg+0x31e/0x4e0
[  290.816668][T17047]  ___sys_sendmsg+0x17b/0x1d0
[  290.816713][T17047]  __x64_sys_sendmsg+0xd4/0x160
[  290.816753][T17047]  x64_sys_call+0x2999/0x2fb0
[  290.816829][T17047]  do_syscall_64+0xd2/0x200
[  290.816848][T17047]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  290.816878][T17047]  ? clear_bhb_loop+0x40/0x90
[  290.816901][T17047]  ? clear_bhb_loop+0x40/0x90
[  290.816933][T17047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.816955][T17047] RIP: 0033:0x7f928a04e929
[  290.816971][T17047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.816990][T17047] RSP: 002b:00007f92886b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  290.817010][T17047] RAX: ffffffffffffffda RBX: 00007f928a275fa0 RCX: 00007f928a04e929
[  290.817024][T17047] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000004
[  290.817051][T17047] RBP: 00007f92886b7090 R08: 0000000000000000 R09: 0000000000000000
[  290.817061][T17047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  290.817072][T17047] R13: 0000000000000000 R14: 00007f928a275fa0 R15: 00007ffe17394e08
[  290.817088][T17047]  </TASK>
[  291.037207][T17047] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.093448][T17056] loop6: detected capacity change from 0 to 1024
[  291.100586][T17056] EXT4-fs: Ignoring removed nobh option
[  291.101110][T17047] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.106230][T17056] EXT4-fs: Ignoring removed bh option
[  291.184130][T17047] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.270971][T17047] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.333490][T17047] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  291.346530][T17047] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  291.359045][T17047] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  291.380001][T17047] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  291.841621][T17087] FAULT_INJECTION: forcing a failure.
[  291.841621][T17087] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  291.854941][T17087] CPU: 1 UID: 0 PID: 17087 Comm: syz.4.4444 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  291.854968][T17087] Tainted: [W]=WARN
[  291.854974][T17087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  291.854985][T17087] Call Trace:
[  291.854991][T17087]  <TASK>
[  291.855015][T17087]  __dump_stack+0x1d/0x30
[  291.855041][T17087]  dump_stack_lvl+0xe8/0x140
[  291.855064][T17087]  dump_stack+0x15/0x1b
[  291.855084][T17087]  should_fail_ex+0x265/0x280
[  291.855121][T17087]  should_fail_alloc_page+0xf2/0x100
[  291.855146][T17087]  __alloc_frozen_pages_noprof+0xff/0x360
[  291.855224][T17087]  alloc_pages_mpol+0xb3/0x250
[  291.855262][T17087]  alloc_pages_noprof+0x90/0x130
[  291.855306][T17087]  kimage_alloc_control_pages+0x2ec/0x7d0
[  291.855352][T17087]  do_kexec_load+0x2ee/0x510
[  291.855375][T17087]  __se_sys_kexec_load+0x134/0x160
[  291.855399][T17087]  __x64_sys_kexec_load+0x55/0x70
[  291.855422][T17087]  x64_sys_call+0xa36/0x2fb0
[  291.855482][T17087]  do_syscall_64+0xd2/0x200
[  291.855498][T17087]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  291.855521][T17087]  ? clear_bhb_loop+0x40/0x90
[  291.855545][T17087]  ? clear_bhb_loop+0x40/0x90
[  291.855643][T17087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.855744][T17087] RIP: 0033:0x7f928a04e929
[  291.855760][T17087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.855776][T17087] RSP: 002b:00007f92886b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  291.855792][T17087] RAX: ffffffffffffffda RBX: 00007f928a275fa0 RCX: 00007f928a04e929
[  291.855802][T17087] RDX: 0000200000000140 RSI: 0000000000000001 RDI: 0000000000000000
[  291.855818][T17087] RBP: 00007f92886b7090 R08: 0000000000000000 R09: 0000000000000000
[  291.855832][T17087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.855887][T17087] R13: 0000000000000000 R14: 00007f928a275fa0 R15: 00007ffe17394e08
[  291.855908][T17087]  </TASK>
[  291.855917][T17087] kexec: Could not allocate swap buffer
[  292.035442][T17088] loop4: detected capacity change from 0 to 512
[  292.155070][T17088] EXT4-fs (loop4): too many log groups per flexible block group
[  292.162854][T17088] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  292.173542][T17088] EXT4-fs (loop4): mount failed
[  293.075645][T17129] lo speed is unknown, defaulting to 1000
[  293.114546][T17128] loop7: detected capacity change from 0 to 1024
[  293.121289][T17128] EXT4-fs: Ignoring removed orlov option
[  293.703462][T17167] loop7: detected capacity change from 0 to 512
[  293.718690][T17167] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  293.742932][T17167] EXT4-fs (loop7): 1 truncate cleaned up
[  293.830899][T17172] loop7: detected capacity change from 0 to 1024
[  293.846692][T17172] EXT4-fs: Ignoring removed orlov option
[  294.171236][T17201] loop4: detected capacity change from 0 to 512
[  294.181830][   T29] kauditd_printk_skb: 1095 callbacks suppressed
[  294.181844][   T29] audit: type=1326 audit(1751287305.005:21312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17196 comm="syz.1.4481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5ca690e929 code=0x7ffc0000
[  294.211842][   T29] audit: type=1326 audit(1751287305.005:21313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17196 comm="syz.1.4481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5ca690e963 code=0x7ffc0000
[  294.266378][   T29] audit: type=1326 audit(1751287305.068:21314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17196 comm="syz.1.4481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5ca690d3df code=0x7ffc0000
[  294.290016][   T29] audit: type=1326 audit(1751287305.068:21315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17184 comm="syz.6.4475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  294.313971][   T29] audit: type=1326 audit(1751287305.068:21316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17184 comm="syz.6.4475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  294.325848][T17201] ext4 filesystem being mounted at /293/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  294.337564][   T29] audit: type=1326 audit(1751287305.068:21317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17184 comm="syz.6.4475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  294.371581][   T29] audit: type=1326 audit(1751287305.068:21318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17184 comm="syz.6.4475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  294.395189][   T29] audit: type=1326 audit(1751287305.068:21319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17184 comm="syz.6.4475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  294.418998][   T29] audit: type=1326 audit(1751287305.068:21320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17184 comm="syz.6.4475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  294.442726][   T29] audit: type=1326 audit(1751287305.068:21321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17184 comm="syz.6.4475" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  294.486858][T17206] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4484'.
[  294.536474][T17216] netlink: 'syz.4.4483': attribute type 13 has an invalid length.
[  294.592815][T17217] 9pnet_fd: Insufficient options for proto=fd
[  294.601403][T17217] netlink: 'syz.7.4485': attribute type 1 has an invalid length.
[  294.789840][T17216] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  294.798437][T17216] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  294.807095][T17216] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  294.816219][T17216] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  294.827531][ T2958] lo speed is unknown, defaulting to 1000
[  294.833525][ T2958] syz0: Port: 1 Link DOWN
[  294.837934][T17210] lo speed is unknown, defaulting to 1000
[  294.965120][T17249] loop7: detected capacity change from 0 to 1024
[  294.972334][T17249] EXT4-fs: Ignoring removed orlov option
[  295.042743][T17254] loop4: detected capacity change from 0 to 512
[  295.084279][T17254] EXT4-fs (loop4): 1 orphan inode deleted
[  295.096330][T10982] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:18: Failed to release dquot type 1
[  295.112381][T17254] ext4 filesystem being mounted at /294/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.221156][T12718] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /294/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  295.277805][T12718] EXT4-fs error (device loop4): ext4_empty_dir:3084: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  295.303272][T12718] EXT4-fs warning (device loop4): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[  295.315410][T12718] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /294/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  295.342964][T12718] EXT4-fs error (device loop4): ext4_empty_dir:3084: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  295.362252][T12718] EXT4-fs warning (device loop4): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[  295.373878][T12718] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /294/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  295.410475][T12718] EXT4-fs error (device loop4): ext4_empty_dir:3084: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  295.431405][T12718] EXT4-fs warning (device loop4): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[  295.442936][T12718] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /294/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  295.463795][T17261] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4503'.
[  295.480054][T12718] EXT4-fs error (device loop4): ext4_empty_dir:3084: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  295.502690][T17267] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17267 comm=syz.1.4506
[  295.511754][T12718] EXT4-fs warning (device loop4): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[  295.528983][T12718] EXT4-fs error (device loop4): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /294/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[  295.550486][T17268] sctp: [Deprecated]: syz.7.4503 (pid 17268) Use of struct sctp_assoc_value in delayed_ack socket option.
[  295.550486][T17268] Use struct sctp_sack_info instead
[  295.570146][T12718] EXT4-fs warning (device loop4): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[  295.582201][T12718] EXT4-fs warning (device loop4): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[  295.594497][T12718] EXT4-fs warning (device loop4): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[  295.606553][T12718] EXT4-fs warning (device loop4): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[  295.618989][T12718] EXT4-fs warning (device loop4): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[  295.631150][T12718] EXT4-fs warning (device loop4): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[  295.651497][T17270] netlink: 'syz.3.4507': attribute type 298 has an invalid length.
[  295.986366][T17288] FAULT_INJECTION: forcing a failure.
[  295.986366][T17288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.988954][T17285] netlink: zone id is out of range
[  295.999491][T17288] CPU: 0 UID: 0 PID: 17288 Comm: syz.6.4514 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  295.999529][T17288] Tainted: [W]=WARN
[  295.999538][T17288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.999609][T17288] Call Trace:
[  295.999618][T17288]  <TASK>
[  295.999699][T17288]  __dump_stack+0x1d/0x30
[  295.999730][T17288]  dump_stack_lvl+0xe8/0x140
[  295.999758][T17288]  dump_stack+0x15/0x1b
[  295.999864][T17288]  should_fail_ex+0x265/0x280
[  295.999938][T17288]  should_fail+0xb/0x20
[  295.999981][T17288]  should_fail_usercopy+0x1a/0x20
[  296.000054][T17288]  _copy_from_user+0x1c/0xb0
[  296.000139][T17288]  ___sys_sendmsg+0xc1/0x1d0
[  296.000198][T17288]  __x64_sys_sendmsg+0xd4/0x160
[  296.000244][T17288]  x64_sys_call+0x2999/0x2fb0
[  296.000293][T17288]  do_syscall_64+0xd2/0x200
[  296.000340][T17288]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  296.000363][T17288]  ? clear_bhb_loop+0x40/0x90
[  296.000380][T17288]  ? clear_bhb_loop+0x40/0x90
[  296.000399][T17288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.000525][T17288] RIP: 0033:0x7f4fb6a6e929
[  296.000543][T17288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.000615][T17288] RSP: 002b:00007f4fb50d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.000639][T17288] RAX: ffffffffffffffda RBX: 00007f4fb6c95fa0 RCX: 00007f4fb6a6e929
[  296.000654][T17288] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000006
[  296.000670][T17288] RBP: 00007f4fb50d7090 R08: 0000000000000000 R09: 0000000000000000
[  296.000700][T17288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.000715][T17288] R13: 0000000000000000 R14: 00007f4fb6c95fa0 R15: 00007fff8618fbb8
[  296.000738][T17288]  </TASK>
[  296.184675][T17285] netlink: zone id is out of range
[  296.209732][T17290] loop6: detected capacity change from 0 to 512
[  296.222159][T17290] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  296.233497][T17290] EXT4-fs (loop6): 1 truncate cleaned up
[  296.323847][T17304] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4521'.
[  296.426305][T17320] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17320 comm=syz.7.4527
[  296.503414][T17325] loop7: detected capacity change from 0 to 1024
[  296.526812][T17325] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.592382][T17325] netlink: zone id is out of range
[  296.597652][T17325] netlink: zone id is out of range
[  296.631230][T17338] loop7: detected capacity change from 0 to 1024
[  296.638200][T17338] EXT4-fs: Ignoring removed orlov option
[  296.796479][T17344] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4535'.
[  296.879008][T17352] lo speed is unknown, defaulting to 1000
[  296.927003][T17353] 9pnet_fd: Insufficient options for proto=fd
[  296.950337][T17352] netlink: 'syz.1.4538': attribute type 1 has an invalid length.
[  296.988045][T17360] loop7: detected capacity change from 0 to 512
[  296.995342][T17360] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  297.007606][T17360] EXT4-fs (loop7): 1 truncate cleaned up
[  297.036993][T17363] loop7: detected capacity change from 0 to 1024
[  297.043982][T17363] EXT4-fs: Ignoring removed orlov option
[  297.152069][T17368] netlink: 'syz.6.4543': attribute type 10 has an invalid length.
[  297.160011][T17368] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4543'.
[  297.851144][T17475] loop7: detected capacity change from 0 to 1024
[  297.857897][T17475] EXT4-fs: Ignoring removed orlov option
[  298.161273][T10985] hsr_slave_0: left promiscuous mode
[  298.170988][T10985] 0·: left promiscuous mode
[  298.220382][T10985] team0 (unregistering): Port device team_slave_1 removed
[  298.246489][T10985] team0 (unregistering): Port device team_slave_0 removed
[  298.278391][T10985] team0 (unregistering): Port device dummy0 removed
[  298.433602][T17508] chnl_net:caif_netlink_parms(): no params data found
[  298.486640][T17508] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.493826][T17508] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.501492][T17508] bridge_slave_0: entered allmulticast mode
[  298.508553][T17508] bridge_slave_0: entered promiscuous mode
[  298.515997][T17508] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.523069][T17508] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.530252][T17508] bridge_slave_1: entered allmulticast mode
[  298.539442][T17508] bridge_slave_1: entered promiscuous mode
[  298.569136][T17508] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  298.580328][T17508] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  298.603135][T17508] team0: Port device team_slave_0 added
[  298.610032][T17508] team0: Port device team_slave_1 added
[  298.618136][T17559] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4564'.
[  298.632828][T17508] batman_adv: batadv0: Adding interface: batadv_slave_0
[  298.639928][T17508] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.666139][T17508] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  298.677580][T17508] batman_adv: batadv0: Adding interface: batadv_slave_1
[  298.684620][T17508] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.710711][T17508] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  298.739482][T17508] hsr_slave_0: entered promiscuous mode
[  298.745999][T17508] hsr_slave_1: entered promiscuous mode
[  298.849513][T17508] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  298.865762][T17508] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  298.873835][T17576] random: crng reseeded on system resumption
[  298.884067][T17508] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  298.896630][T17508] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  298.930571][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x4
[  298.938325][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x2
[  298.955868][T17508] 8021q: adding VLAN 0 to HW filter on device bond0
[  298.959191][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  298.970290][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  298.971243][T17508] 8021q: adding VLAN 0 to HW filter on device team0
[  298.978003][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  298.978035][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  298.989724][T10985] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.992287][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  298.999935][T10985] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.007013][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  299.015584][   T29] kauditd_printk_skb: 1048 callbacks suppressed
[  299.015600][   T29] audit: type=1326 audit(1751287310.087:22367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17573 comm="syz.6.4571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4fb6a658e7 code=0x7ffc0000
[  299.021781][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  299.021830][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  299.021853][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  299.029543][   T29] audit: type=1326 audit(1751287310.087:22368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17573 comm="syz.6.4571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4fb6a0ab19 code=0x7ffc0000
[  299.035714][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  299.059195][   T29] audit: type=1326 audit(1751287310.087:22369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17573 comm="syz.6.4571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  299.066780][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  299.086651][T10986] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.105920][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  299.113598][T10986] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.136899][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  299.146328][   T29] audit: type=1326 audit(1751287310.150:22370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17573 comm="syz.6.4571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4fb6a658e7 code=0x7ffc0000
[  299.151514][ T6255] hid-generic 0000:3000000:0000.001C: unknown main item tag 0x0
[  299.159166][   T29] audit: type=1326 audit(1751287310.150:22371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17573 comm="syz.6.4571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4fb6a0ab19 code=0x7ffc0000
[  299.229052][   T29] audit: type=1326 audit(1751287310.150:22372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17573 comm="syz.6.4571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  299.252553][   T29] audit: type=1326 audit(1751287310.150:22373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17573 comm="syz.6.4571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4fb6a658e7 code=0x7ffc0000
[  299.276172][   T29] audit: type=1326 audit(1751287310.150:22374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17573 comm="syz.6.4571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4fb6a0ab19 code=0x7ffc0000
[  299.299752][   T29] audit: type=1326 audit(1751287310.150:22375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17573 comm="syz.6.4571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  299.323178][   T29] audit: type=1326 audit(1751287310.150:22376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17573 comm="syz.6.4571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4fb6a658e7 code=0x7ffc0000
[  299.359668][T17508] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  299.370057][T17508] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  299.397220][T17589] loop7: detected capacity change from 0 to 512
[  299.406046][ T6255] hid-generic 0000:3000000:0000.001C: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  299.441064][T17589] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.442400][T17508] 8021q: adding VLAN 0 to HW filter on device batadv0
[  299.529724][T17603] netlink: 'syz.7.4573': attribute type 13 has an invalid length.
[  299.576764][T17603] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.584015][T17603] bridge0: port 1(bridge_slave_0) entered disabled state
[  299.691973][T17603] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  299.701165][T17603] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  299.710086][T17603] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  299.719047][T17603] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  299.738429][T17603] netdevsim netdevsim7 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  299.747481][T17603] netdevsim netdevsim7 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  299.756573][T17603] netdevsim netdevsim7 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  299.765491][T17603] netdevsim netdevsim7 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  299.861856][T17508] veth0_vlan: entered promiscuous mode
[  299.879652][T17508] veth1_vlan: entered promiscuous mode
[  299.897705][T17625] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4578'.
[  299.901991][T17624] loop6: detected capacity change from 0 to 1024
[  299.913960][T17624] EXT4-fs: Ignoring removed orlov option
[  299.952905][T17508] veth0_macvtap: entered promiscuous mode
[  299.963442][T17508] veth1_macvtap: entered promiscuous mode
[  300.022711][T17508] batman_adv: batadv0: Interface activated: batadv_slave_0
[  300.042751][T17508] batman_adv: batadv0: Interface activated: batadv_slave_1
[  300.114941][T17508] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  300.123857][T17508] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.132691][T17508] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.141501][T17508] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  300.271657][T17641] FAULT_INJECTION: forcing a failure.
[  300.271657][T17641] name failslab, interval 1, probability 0, space 0, times 0
[  300.284322][T17641] CPU: 0 UID: 0 PID: 17641 Comm: syz.6.4583 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  300.284401][T17641] Tainted: [W]=WARN
[  300.284407][T17641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  300.284419][T17641] Call Trace:
[  300.284426][T17641]  <TASK>
[  300.284434][T17641]  __dump_stack+0x1d/0x30
[  300.284453][T17641]  dump_stack_lvl+0xe8/0x140
[  300.284493][T17641]  dump_stack+0x15/0x1b
[  300.284551][T17641]  should_fail_ex+0x265/0x280
[  300.284659][T17641]  should_failslab+0x8c/0xb0
[  300.284682][T17641]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  300.284749][T17641]  ? sidtab_sid2str_get+0xa0/0x130
[  300.284771][T17641]  kmemdup_noprof+0x2b/0x70
[  300.284792][T17641]  sidtab_sid2str_get+0xa0/0x130
[  300.284812][T17641]  security_sid_to_context_core+0x1eb/0x2e0
[  300.284838][T17641]  security_sid_to_context+0x27/0x40
[  300.284873][T17641]  selinux_lsmprop_to_secctx+0x67/0xf0
[  300.284964][T17641]  security_lsmprop_to_secctx+0x43/0x80
[  300.284990][T17641]  audit_log_task_context+0x77/0x190
[  300.285023][T17641]  audit_log_task+0xf4/0x250
[  300.285056][T17641]  audit_seccomp+0x61/0x100
[  300.285154][T17641]  ? __seccomp_filter+0x68c/0x10d0
[  300.285177][T17641]  __seccomp_filter+0x69d/0x10d0
[  300.285203][T17641]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  300.285285][T17641]  ? vfs_write+0x75e/0x8e0
[  300.285318][T17641]  ? __rcu_read_unlock+0x4f/0x70
[  300.285415][T17641]  ? __fget_files+0x184/0x1c0
[  300.285434][T17641]  __secure_computing+0x82/0x150
[  300.285462][T17641]  syscall_trace_enter+0xcf/0x1e0
[  300.285486][T17641]  do_syscall_64+0xac/0x200
[  300.285520][T17641]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  300.285548][T17641]  ? clear_bhb_loop+0x40/0x90
[  300.285592][T17641]  ? clear_bhb_loop+0x40/0x90
[  300.285617][T17641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.285639][T17641] RIP: 0033:0x7f4fb6a6e929
[  300.285655][T17641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.285673][T17641] RSP: 002b:00007f4fb50d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  300.285689][T17641] RAX: ffffffffffffffda RBX: 00007f4fb6c95fa0 RCX: 00007f4fb6a6e929
[  300.285699][T17641] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000010
[  300.285786][T17641] RBP: 00007f4fb50d7090 R08: 0000000000000000 R09: 0000000000000000
[  300.285797][T17641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.285810][T17641] R13: 0000000000000000 R14: 00007f4fb6c95fa0 R15: 00007fff8618fbb8
[  300.285830][T17641]  </TASK>
[  300.768898][T17646] 9pnet_fd: Insufficient options for proto=fd
[  300.785370][T17646] netlink: 'syz.6.4585': attribute type 1 has an invalid length.
[  300.867984][T17657] loop1: detected capacity change from 0 to 1024
[  300.881090][T17657] EXT4-fs: Ignoring removed orlov option
[  301.094824][T17669] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4593'.
[  301.104688][T17669] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  301.112253][T17669] batman_adv: batadv0: Removing interface: batadv_slave_0
[  301.135038][T17669] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  301.142465][T17669] batman_adv: batadv0: Removing interface: batadv_slave_1
[  301.256686][T17683] loop1: detected capacity change from 0 to 2048
[  301.365811][T17691] 9pnet_fd: Insufficient options for proto=fd
[  301.378751][T17691] netlink: 'syz.1.4600': attribute type 1 has an invalid length.
[  301.480037][T17695] loop1: detected capacity change from 0 to 764
[  301.489273][T17695] Symlink component flag not implemented
[  301.495286][T17695] Symlink component flag not implemented (101)
[  301.617975][T17703] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4605'.
[  301.672161][T17705] loop1: detected capacity change from 0 to 512
[  301.687445][T17705] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  301.711231][T17705] EXT4-fs (loop1): 1 truncate cleaned up
[  302.032196][T17752] loop6: detected capacity change from 0 to 512
[  302.058913][T17752] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  302.109671][T17752] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.132607][T17761] FAULT_INJECTION: forcing a failure.
[  302.132607][T17761] name failslab, interval 1, probability 0, space 0, times 0
[  302.142559][T17752] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, 
[  302.145432][T17761] CPU: 1 UID: 0 PID: 17761 Comm: syz.7.4627 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  302.145461][T17761] Tainted: [W]=WARN
[  302.145467][T17761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.145478][T17761] Call Trace:
[  302.145483][T17761]  <TASK>
[  302.145430][T17752] block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  302.145489][T17761]  __dump_stack+0x1d/0x30
[  302.145514][T17761]  dump_stack_lvl+0xe8/0x140
[  302.145614][T17761]  dump_stack+0x15/0x1b
[  302.145653][T17761]  should_fail_ex+0x265/0x280
[  302.145695][T17761]  should_failslab+0x8c/0xb0
[  302.145726][T17761]  kmem_cache_alloc_node_noprof+0x57/0x320
[  302.145764][T17761]  ? __alloc_skb+0x101/0x320
[  302.145872][T17761]  __alloc_skb+0x101/0x320
[  302.145906][T17761]  ? audit_log_start+0x365/0x6c0
[  302.145949][T17761]  audit_log_start+0x380/0x6c0
[  302.146013][T17761]  ? __schedule+0x6a8/0xb30
[  302.146052][T17761]  ? __cond_resched+0x4e/0x90
[  302.146086][T17761]  audit_seccomp+0x48/0x100
[  302.146150][T17761]  ? __seccomp_filter+0x68c/0x10d0
[  302.146182][T17761]  __seccomp_filter+0x69d/0x10d0
[  302.146220][T17761]  ? _copy_to_user+0x7c/0xa0
[  302.146248][T17761]  ? __se_sys_shmctl+0x3de/0x420
[  302.146318][T17761]  __secure_computing+0x82/0x150
[  302.146422][T17761]  syscall_trace_enter+0xcf/0x1e0
[  302.146454][T17761]  do_syscall_64+0xac/0x200
[  302.146475][T17761]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.146625][T17761]  ? clear_bhb_loop+0x40/0x90
[  302.146703][T17761]  ? clear_bhb_loop+0x40/0x90
[  302.146788][T17761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.146880][T17761] RIP: 0033:0x7ff92f31d33c
[  302.146898][T17761] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  302.146921][T17761] RSP: 002b:00007ff92d987030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  302.147020][T17761] RAX: ffffffffffffffda RBX: 00007ff92f545fa0 RCX: 00007ff92f31d33c
[  302.147037][T17761] RDX: 000000000000000f RSI: 00007ff92d9870a0 RDI: 0000000000000003
[  302.147074][T17761] RBP: 00007ff92d987090 R08: 0000000000000000 R09: 0000000000000000
[  302.147090][T17761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  302.147105][T17761] R13: 0000000000000000 R14: 00007ff92f545fa0 R15: 00007ffe35337d58
[  302.147148][T17761]  </TASK>
[  302.389213][T17752] EXT4-fs (loop6): Delayed block allocation failed for inode 16 at logical offset 5 with max blocks 1 with error 28
[  302.401437][T17752] EXT4-fs (loop6): This should not happen!! Data will be lost
[  302.401437][T17752] 
[  302.411243][T17752] EXT4-fs (loop6): Total free blocks count 0
[  302.417235][T17752] EXT4-fs (loop6): Free/Dirty block details
[  302.423175][T17752] EXT4-fs (loop6): free_blocks=39626
[  302.428513][T17752] EXT4-fs (loop6): dirty_blocks=3
[  302.433559][T17752] EXT4-fs (loop6): Block reservation details
[  302.439625][T17752] EXT4-fs (loop6): i_reserved_data_blocks=3
[  302.446612][T17762] EXT4-fs (loop6): Delayed block allocation failed for inode 16 at logical offset 3 with max blocks 3 with error 28
[  302.458835][T17762] EXT4-fs (loop6): This should not happen!! Data will be lost
[  302.458835][T17762] 
[  302.595136][T17778] FAULT_INJECTION: forcing a failure.
[  302.595136][T17778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  302.608477][T17778] CPU: 0 UID: 0 PID: 17778 Comm: syz.7.4634 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  302.608512][T17778] Tainted: [W]=WARN
[  302.608520][T17778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.608534][T17778] Call Trace:
[  302.608588][T17778]  <TASK>
[  302.608596][T17778]  __dump_stack+0x1d/0x30
[  302.608687][T17778]  dump_stack_lvl+0xe8/0x140
[  302.608727][T17778]  dump_stack+0x15/0x1b
[  302.608764][T17778]  should_fail_ex+0x265/0x280
[  302.608800][T17778]  should_fail+0xb/0x20
[  302.608872][T17778]  should_fail_usercopy+0x1a/0x20
[  302.608900][T17778]  _copy_to_user+0x20/0xa0
[  302.608933][T17778]  simple_read_from_buffer+0xb5/0x130
[  302.608970][T17778]  proc_fail_nth_read+0x100/0x140
[  302.609081][T17778]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  302.609118][T17778]  vfs_read+0x1a0/0x6f0
[  302.609221][T17778]  ? __sys_setsockopt+0x18e/0x200
[  302.609249][T17778]  ? __rcu_read_unlock+0x4f/0x70
[  302.609273][T17778]  ? __fget_files+0x184/0x1c0
[  302.609365][T17778]  ksys_read+0xda/0x1a0
[  302.609401][T17778]  __x64_sys_read+0x40/0x50
[  302.609448][T17778]  x64_sys_call+0x2d77/0x2fb0
[  302.609473][T17778]  do_syscall_64+0xd2/0x200
[  302.609493][T17778]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.609522][T17778]  ? clear_bhb_loop+0x40/0x90
[  302.609595][T17778]  ? clear_bhb_loop+0x40/0x90
[  302.609619][T17778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.609668][T17778] RIP: 0033:0x7ff92f31d33c
[  302.609712][T17778] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  302.609728][T17778] RSP: 002b:00007ff92d987030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  302.609744][T17778] RAX: ffffffffffffffda RBX: 00007ff92f545fa0 RCX: 00007ff92f31d33c
[  302.609755][T17778] RDX: 000000000000000f RSI: 00007ff92d9870a0 RDI: 0000000000000004
[  302.609765][T17778] RBP: 00007ff92d987090 R08: 0000000000000000 R09: 0000000000000000
[  302.609778][T17778] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  302.609791][T17778] R13: 0000000000000000 R14: 00007ff92f545fa0 R15: 00007ffe35337d58
[  302.609852][T17778]  </TASK>
[  302.955527][T17796] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  303.021275][T17803] loop6: detected capacity change from 0 to 512
[  303.028658][T17803] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  303.040385][T17803] EXT4-fs (loop6): 1 truncate cleaned up
[  303.117508][T17815] netlink: 'syz.3.4647': attribute type 4 has an invalid length.
[  303.129391][T17813] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4650'.
[  303.237740][T17823] loop6: detected capacity change from 0 to 512
[  303.245070][T17823] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  303.256322][T17823] EXT4-fs (loop6): 1 truncate cleaned up
[  303.748005][T17837] netlink: 'syz.8.4658': attribute type 11 has an invalid length.
[  303.755996][T17837] netlink: 3657 bytes leftover after parsing attributes in process `syz.8.4658'.
[  303.775668][T17837] loop8: detected capacity change from 0 to 512
[  303.782164][   T29] kauditd_printk_skb: 859 callbacks suppressed
[  303.782176][   T29] audit: type=1326 audit(1751287315.085:23233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17830 comm="syz.6.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4fb6a658e7 code=0x7ffc0000
[  303.812042][   T29] audit: type=1326 audit(1751287315.085:23234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17830 comm="syz.6.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4fb6a0ab19 code=0x7ffc0000
[  303.835583][   T29] audit: type=1326 audit(1751287315.085:23235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17830 comm="syz.6.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  303.859062][   T29] audit: type=1326 audit(1751287315.085:23236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17828 comm="syz.1.4655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5ca69058e7 code=0x7ffc0000
[  303.882605][   T29] audit: type=1326 audit(1751287315.085:23237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17828 comm="syz.1.4655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5ca68aab19 code=0x7ffc0000
[  303.906133][   T29] audit: type=1326 audit(1751287315.085:23238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17828 comm="syz.1.4655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f5ca690e929 code=0x7ffc0000
[  303.932063][   T29] audit: type=1326 audit(1751287315.095:23239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17830 comm="syz.6.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4fb6a658e7 code=0x7ffc0000
[  303.955702][   T29] audit: type=1326 audit(1751287315.095:23240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17830 comm="syz.6.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4fb6a0ab19 code=0x7ffc0000
[  303.979520][   T29] audit: type=1326 audit(1751287315.095:23241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17830 comm="syz.6.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f4fb6a6e929 code=0x7ffc0000
[  304.003040][   T29] audit: type=1326 audit(1751287315.095:23242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17828 comm="syz.1.4655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5ca69058e7 code=0x7ffc0000
[  304.069945][T17837] EXT4-fs error (device loop8): ext4_orphan_get:1393: inode #15: comm syz.8.4658: iget: bad i_size value: 38620345925642
[  304.083312][T17837] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.4658: couldn't read orphan inode 15 (err -117)
[  304.098123][T17837] EXT4-fs error (device loop8): ext4_validate_block_bitmap:432: comm syz.8.4658: bg 0: block 5: invalid block bitmap
[  304.121490][T17844] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4661'.
[  304.242742][T17854] 9pnet_fd: Insufficient options for proto=fd
[  304.255567][T17855] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4665'.
[  304.270237][T17854] netlink: 'syz.1.4664': attribute type 1 has an invalid length.
[  304.369014][T17863] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4668'.
[  304.383034][T17863] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4668'.
[  304.396791][T17863] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4668'.
[  304.409316][T17863] loop1: detected capacity change from 0 to 764
[  304.416477][T17863] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  304.510533][T17870] loop1: detected capacity change from 0 to 1024
[  304.517527][T17870] EXT4-fs: Ignoring removed orlov option
[  304.537859][T17870] EXT4-fs mount: 53 callbacks suppressed
[  304.537877][T17870] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.696389][T17876] Falling back ldisc for ttyS3.
[  305.027270][T13182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.223045][T17897] loop6: detected capacity change from 0 to 1024
[  305.255820][T17897] EXT4-fs: Ignoring removed orlov option
[  305.273227][T17897] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.313898][T17904] pimreg: entered allmulticast mode
[  305.340811][T17904] netlink: 76 bytes leftover after parsing attributes in process `syz.8.4683'.
[  305.803714][T15699] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.869182][T17934] __nla_validate_parse: 1 callbacks suppressed
[  305.869200][T17934] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4693'.
[  305.923834][T17943] loop6: detected capacity change from 0 to 1024
[  305.939475][T17943] EXT4-fs: Ignoring removed orlov option
[  305.955340][T17944] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4695'.
[  305.967069][T17943] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.039044][T17950] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4698'.
[  306.145984][T17959] loop1: detected capacity change from 0 to 1024
[  306.153218][T17959] EXT4-fs: Ignoring removed orlov option
[  306.172350][T17959] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.368269][T15699] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.538879][T13182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.707518][T17978] tipc: Started in network mode
[  306.712458][T17978] tipc: Node identity aafa595b3c7f, cluster identity 4711
[  306.719725][T17978] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  306.729072][T17976] tipc: Disabling bearer <eth:syzkaller0>
[  306.736434][T17979] netlink: 'syz.6.4709': attribute type 13 has an invalid length.
[  306.794993][T17979] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.802237][T17979] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.972301][T17979] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  306.981373][T17979] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  306.990325][T17979] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  306.999272][T17979] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  307.445876][T17993] loop1: detected capacity change from 0 to 1024
[  307.464418][T17993] EXT4-fs: Ignoring removed orlov option
[  307.486848][T17993] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.654579][T18001] loop8: detected capacity change from 0 to 32768
[  307.687659][T18001]  loop8: p1 p3 < p5 p6 >
[  307.869087][T18008] FAULT_INJECTION: forcing a failure.
[  307.869087][T18008] name failslab, interval 1, probability 0, space 0, times 0
[  307.881906][T18008] CPU: 0 UID: 0 PID: 18008 Comm: syz.8.4717 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  307.881946][T18008] Tainted: [W]=WARN
[  307.881955][T18008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.881971][T18008] Call Trace:
[  307.881979][T18008]  <TASK>
[  307.881989][T18008]  __dump_stack+0x1d/0x30
[  307.882015][T18008]  dump_stack_lvl+0xe8/0x140
[  307.882050][T18008]  dump_stack+0x15/0x1b
[  307.882067][T18008]  should_fail_ex+0x265/0x280
[  307.882156][T18008]  ? alloc_mnt_ns+0x72/0x270
[  307.882193][T18008]  should_failslab+0x8c/0xb0
[  307.882275][T18008]  __kmalloc_cache_noprof+0x4c/0x320
[  307.882312][T18008]  ? inc_ucount+0xcb/0x140
[  307.882395][T18008]  alloc_mnt_ns+0x72/0x270
[  307.882481][T18008]  copy_mnt_ns+0xa5/0x5e0
[  307.882522][T18008]  ? kmem_cache_alloc_noprof+0x220/0x310
[  307.882551][T18008]  ? create_new_namespaces+0x3c/0x3d0
[  307.882714][T18008]  create_new_namespaces+0x83/0x3d0
[  307.882746][T18008]  unshare_nsproxy_namespaces+0xe8/0x120
[  307.882788][T18008]  ksys_unshare+0x3d0/0x6d0
[  307.882825][T18008]  ? ksys_write+0x192/0x1a0
[  307.882869][T18008]  __x64_sys_unshare+0x1f/0x30
[  307.882924][T18008]  x64_sys_call+0x2d4b/0x2fb0
[  307.882953][T18008]  do_syscall_64+0xd2/0x200
[  307.882976][T18008]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  307.883010][T18008]  ? clear_bhb_loop+0x40/0x90
[  307.883047][T18008]  ? clear_bhb_loop+0x40/0x90
[  307.883193][T18008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.883219][T18008] RIP: 0033:0x7fb26a1ee929
[  307.883239][T18008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.883342][T18008] RSP: 002b:00007fb268857038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  307.883363][T18008] RAX: ffffffffffffffda RBX: 00007fb26a415fa0 RCX: 00007fb26a1ee929
[  307.883377][T18008] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c020400
[  307.883387][T18008] RBP: 00007fb268857090 R08: 0000000000000000 R09: 0000000000000000
[  307.883398][T18008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.883409][T18008] R13: 0000000000000000 R14: 00007fb26a415fa0 R15: 00007fff13afca88
[  307.883426][T18008]  </TASK>
[  308.142783][T18010] loop8: detected capacity change from 0 to 512
[  308.155931][T18010] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  308.182630][T18010] EXT4-fs (loop8): 1 truncate cleaned up
[  308.188801][T18010] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.206375][T13182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.260701][T18015] loop1: detected capacity change from 0 to 1024
[  308.267437][T18015] EXT4-fs: Ignoring removed nobh option
[  308.274666][T18017] netlink: 'syz.8.4719': attribute type 1 has an invalid length.
[  308.289452][T18015] EXT4-fs: Ignoring removed bh option
[  308.320658][T18015] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  308.335661][T18019] netlink: 'syz.6.4722': attribute type 1 has an invalid length.
[  308.382171][T18015] loop1: detected capacity change from 1024 to 64
[  308.406951][T13182] EXT4-fs warning (device loop1): ext4_empty_dir:3078: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  308.437443][T18030] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4726'.
[  308.454306][T17508] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.464434][T13182] EXT4-fs warning (device loop1): ext4_empty_dir:3078: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  308.483465][T13182] EXT4-fs warning (device loop1): ext4_empty_dir:3078: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  308.506999][T13182] EXT4-fs warning (device loop1): ext4_empty_dir:3078: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  308.563818][T13182] EXT4-fs warning (device loop1): ext4_empty_dir:3078: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  308.579081][T13182] EXT4-fs warning (device loop1): ext4_empty_dir:3078: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  308.592918][T13182] EXT4-fs warning (device loop1): ext4_empty_dir:3078: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  308.606901][T13182] EXT4-fs warning (device loop1): ext4_empty_dir:3078: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  308.620844][T13182] EXT4-fs warning (device loop1): ext4_empty_dir:3078: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  308.634448][T13182] EXT4-fs warning (device loop1): ext4_empty_dir:3078: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  308.708152][T18048] loop7: detected capacity change from 0 to 1024
[  308.719036][T13182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.721111][T18048] EXT4-fs: Ignoring removed orlov option
[  308.736880][T18023] kmmpd-loop1: attempt to access beyond end of device
[  308.736880][T18023] loop1: rw=14337, sector=128, nr_sectors = 2 limit=64
[  308.738400][T18048] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.750413][T18023] Buffer I/O error on dev loop1, logical block 64, lost sync page write
[  308.772689][   T29] kauditd_printk_skb: 1357 callbacks suppressed
[  308.772704][   T29] audit: type=1400 audit(1751287320.335:24600): avc:  denied  { connect } for  pid=18052 comm="syz.6.4736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  308.828868][   T29] audit: type=1326 audit(1751287320.377:24601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18025 comm="syz.3.4725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42079e929 code=0x7ffc0000
[  308.852538][   T29] audit: type=1326 audit(1751287320.377:24602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18025 comm="syz.3.4725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42079e929 code=0x7ffc0000
[  308.915047][ T2492] tipc: Subscription rejected, illegal request
[  308.926654][T18059] loop6: detected capacity change from 0 to 512
[  308.934681][T18059] EXT4-fs (loop6): orphan cleanup on readonly fs
[  308.941526][T18059] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4736: bg 0: block 248: padding at end of block bitmap is not set
[  308.956202][T18059] Quota error (device loop6): write_blk: dquota write failed
[  308.963626][T18059] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  308.973575][T18059] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.4736: Failed to acquire dquot type 1
[  308.991896][T18059] EXT4-fs (loop6): 1 truncate cleaned up
[  309.001913][T18059] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  309.021717][T18059] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.069093][T18069] FAULT_INJECTION: forcing a failure.
[  309.069093][T18069] name failslab, interval 1, probability 0, space 0, times 0
[  309.077453][T10982] bridge_slave_1: left allmulticast mode
[  309.081755][T18069] CPU: 0 UID: 0 PID: 18069 Comm: syz.3.4739 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  309.081797][T18069] Tainted: [W]=WARN
[  309.081807][T18069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.081827][T18069] Call Trace:
[  309.081835][T18069]  <TASK>
[  309.081882][T18069]  __dump_stack+0x1d/0x30
[  309.081909][T18069]  dump_stack_lvl+0xe8/0x140
[  309.081936][T18069]  dump_stack+0x15/0x1b
[  309.081959][T18069]  should_fail_ex+0x265/0x280
[  309.082000][T18069]  should_failslab+0x8c/0xb0
[  309.082098][T18069]  __kvmalloc_node_noprof+0x123/0x4e0
[  309.082137][T18069]  ? simple_xattr_alloc+0x43/0x90
[  309.082191][T18069]  simple_xattr_alloc+0x43/0x90
[  309.082231][T18069]  shmem_initxattrs+0x18c/0x350
[  309.082265][T18069]  security_inode_init_security+0x25c/0x330
[  309.082299][T18069]  ? __pfx_shmem_initxattrs+0x10/0x10
[  309.082332][T18069]  shmem_mknod+0xad/0x180
[  309.082425][T18069]  shmem_mkdir+0x33/0x70
[  309.082453][T18069]  vfs_mkdir+0x210/0x340
[  309.082496][T18069]  do_mkdirat+0x132/0x3f0
[  309.082537][T18069]  __x64_sys_mkdirat+0x4c/0x60
[  309.082599][T18069]  x64_sys_call+0x2be0/0x2fb0
[  309.082700][T18069]  do_syscall_64+0xd2/0x200
[  309.082771][T18069]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  309.082803][T18069]  ? clear_bhb_loop+0x40/0x90
[  309.082836][T18069]  ? clear_bhb_loop+0x40/0x90
[  309.082863][T18069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.082890][T18069] RIP: 0033:0x7fd42079e929
[  309.082908][T18069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.082960][T18069] RSP: 002b:00007fd41ee07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  309.082983][T18069] RAX: ffffffffffffffda RBX: 00007fd4209c5fa0 RCX: 00007fd42079e929
[  309.082999][T18069] RDX: 0000000000000000 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  309.083014][T18069] RBP: 00007fd41ee07090 R08: 0000000000000000 R09: 0000000000000000
[  309.083030][T18069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  309.083112][T18069] R13: 0000000000000000 R14: 00007fd4209c5fa0 R15: 00007ffeb160b408
[  309.083136][T18069]  </TASK>
[  309.228736][T18073] FAULT_INJECTION: forcing a failure.
[  309.228736][T18073] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  309.232713][T10982] bridge_slave_1: left promiscuous mode
[  309.252355][T18073] CPU: 0 UID: 0 PID: 18073 Comm: syz.3.4742 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  309.252394][T18073] Tainted: [W]=WARN
[  309.252402][T18073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.252495][T18073] Call Trace:
[  309.252505][T18073]  <TASK>
[  309.252514][T18073]  __dump_stack+0x1d/0x30
[  309.252549][T18073]  dump_stack_lvl+0xe8/0x140
[  309.252638][T18073]  dump_stack+0x15/0x1b
[  309.252754][T18073]  should_fail_ex+0x265/0x280
[  309.252792][T18073]  should_fail+0xb/0x20
[  309.252827][T18073]  should_fail_usercopy+0x1a/0x20
[  309.252903][T18073]  _copy_from_user+0x1c/0xb0
[  309.252930][T18073]  ___sys_sendmsg+0xc1/0x1d0
[  309.252990][T18073]  __x64_sys_sendmsg+0xd4/0x160
[  309.253088][T18073]  x64_sys_call+0x2999/0x2fb0
[  309.253114][T18073]  do_syscall_64+0xd2/0x200
[  309.253136][T18073]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  309.253233][T18073]  ? clear_bhb_loop+0x40/0x90
[  309.253260][T18073]  ? clear_bhb_loop+0x40/0x90
[  309.253287][T18073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.253314][T18073] RIP: 0033:0x7fd42079e929
[  309.253332][T18073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.253433][T18073] RSP: 002b:00007fd41ee07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  309.253456][T18073] RAX: ffffffffffffffda RBX: 00007fd4209c5fa0 RCX: 00007fd42079e929
[  309.253472][T18073] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[  309.253487][T18073] RBP: 00007fd41ee07090 R08: 0000000000000000 R09: 0000000000000000
[  309.253502][T18073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  309.253517][T18073] R13: 0000000000000000 R14: 00007fd4209c5fa0 R15: 00007ffeb160b408
[  309.253547][T18073]  </TASK>
[  309.382433][T18077] loop8: detected capacity change from 0 to 1024
[  309.382923][T10982] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.387720][T18077] EXT4-fs: Ignoring removed orlov option
[  309.485670][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.532577][T10982] bridge_slave_0: left allmulticast mode
[  309.536986][T18077] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.538275][T10982] bridge_slave_0: left promiscuous mode
[  309.556585][T10982] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.573970][T18082] netlink: 'syz.6.4746': attribute type 10 has an invalid length.
[  309.613425][   T29] audit: type=1326 audit(1751287321.217:24603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18088 comm="syz.3.4748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42079e929 code=0x7ffc0000
[  309.637137][   T29] audit: type=1326 audit(1751287321.217:24604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18088 comm="syz.3.4748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd42079e929 code=0x7ffc0000
[  309.660756][   T29] audit: type=1326 audit(1751287321.217:24605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18088 comm="syz.3.4748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42079e929 code=0x7ffc0000
[  309.684434][   T29] audit: type=1326 audit(1751287321.217:24606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18088 comm="syz.3.4748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd42079e929 code=0x7ffc0000
[  309.717418][   T29] audit: type=1326 audit(1751287321.217:24607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18088 comm="syz.3.4748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd42079e929 code=0x7ffc0000
[  309.822173][T10982] bond0 (unregistering): Released all slaves
[  309.835236][T18082] team0: Device macvtap0 failed to register rx_handler
[  309.920465][T10982] hsr_slave_0: left promiscuous mode
[  309.927233][T17508] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.927243][T10982] hsr_slave_1: left promiscuous mode
[  309.964056][T18106] loop8: detected capacity change from 0 to 512
[  309.974970][T18106] EXT4-fs (loop8): 1 orphan inode deleted
[  309.981152][T18106] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.993946][T10985] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:21: Failed to release dquot type 1
[  310.009502][T10982] team0 (unregistering): Port device team_slave_1 removed
[  310.011281][T18106] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.033086][T18112] 9pnet_fd: Insufficient options for proto=fd
[  310.041757][T10982] team0 (unregistering): Port device team_slave_0 removed
[  310.057151][T18112] netlink: 'syz.7.4753': attribute type 1 has an invalid length.
[  310.112540][T17508] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.144831][T18057] chnl_net:caif_netlink_parms(): no params data found
[  310.280040][T18057] bridge0: port 1(bridge_slave_0) entered blocking state
[  310.287212][T18057] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.294640][T18057] bridge_slave_0: entered allmulticast mode
[  310.301242][T18057] bridge_slave_0: entered promiscuous mode
[  310.309080][T18057] bridge0: port 2(bridge_slave_1) entered blocking state
[  310.316237][T18057] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.323404][T18057] bridge_slave_1: entered allmulticast mode
[  310.329862][T18057] bridge_slave_1: entered promiscuous mode
[  310.414599][T18057] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  310.451483][T18057] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  310.519019][T18057] team0: Port device team_slave_0 added
[  310.529828][T18057] team0: Port device team_slave_1 added
[  310.564821][T18131] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  310.573683][T18131] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  310.604864][T18057] batman_adv: batadv0: Adding interface: batadv_slave_0
[  310.611976][T18057] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.638036][T18057] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  310.667918][T18142] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4758'.
[  310.706779][T18057] batman_adv: batadv0: Adding interface: batadv_slave_1
[  310.713789][T18057] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.739785][T18057] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  310.798057][T18057] hsr_slave_0: entered promiscuous mode
[  310.804688][T18057] hsr_slave_1: entered promiscuous mode
[  310.820989][T18057] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  310.838778][T18057] Cannot create hsr debugfs directory
[  310.940106][T18157] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4774'.
[  310.985905][T18163] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4766'.
[  310.994889][T18163] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4766'.
[  311.025169][T18163] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4766'.
[  311.034205][T18163] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4766'.
[  311.039524][T18057] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  311.054329][T18057] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  311.069436][T18057] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  311.079768][T18057] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  311.131713][T18057] 8021q: adding VLAN 0 to HW filter on device bond0
[  311.145816][T18057] 8021q: adding VLAN 0 to HW filter on device team0
[  311.164983][T10981] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.172045][T10981] bridge0: port 1(bridge_slave_0) entered forwarding state
[  311.185771][T18176] FAULT_INJECTION: forcing a failure.
[  311.185771][T18176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.188028][T10985] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.198883][T18176] CPU: 1 UID: 0 PID: 18176 Comm: syz.3.4769 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  311.198926][T18176] Tainted: [W]=WARN
[  311.198935][T18176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  311.198951][T18176] Call Trace:
[  311.198960][T18176]  <TASK>
[  311.198969][T18176]  __dump_stack+0x1d/0x30
[  311.199064][T18176]  dump_stack_lvl+0xe8/0x140
[  311.199089][T18176]  dump_stack+0x15/0x1b
[  311.199109][T18176]  should_fail_ex+0x265/0x280
[  311.199148][T18176]  should_fail+0xb/0x20
[  311.199224][T18176]  should_fail_usercopy+0x1a/0x20
[  311.199264][T18176]  _copy_to_user+0x20/0xa0
[  311.199289][T18176]  simple_read_from_buffer+0xb5/0x130
[  311.199412][T18176]  proc_fail_nth_read+0x100/0x140
[  311.199456][T18176]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  311.199496][T18176]  vfs_read+0x1a0/0x6f0
[  311.199561][T18176]  ? __rcu_read_unlock+0x4f/0x70
[  311.199588][T18176]  ? __fget_files+0x184/0x1c0
[  311.199622][T18176]  ksys_read+0xda/0x1a0
[  311.199680][T18176]  __x64_sys_read+0x40/0x50
[  311.199790][T18176]  x64_sys_call+0x2d77/0x2fb0
[  311.199817][T18176]  do_syscall_64+0xd2/0x200
[  311.199884][T18176]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  311.199968][T18176]  ? clear_bhb_loop+0x40/0x90
[  311.200068][T18176]  ? clear_bhb_loop+0x40/0x90
[  311.200095][T18176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.200120][T18176] RIP: 0033:0x7fd42079d33c
[  311.200139][T18176] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  311.200225][T18176] RSP: 002b:00007fd41ee07030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  311.200301][T18176] RAX: ffffffffffffffda RBX: 00007fd4209c5fa0 RCX: 00007fd42079d33c
[  311.200393][T18176] RDX: 000000000000000f RSI: 00007fd41ee070a0 RDI: 0000000000000003
[  311.200409][T18176] RBP: 00007fd41ee07090 R08: 0000000000000000 R09: 0000000000000000
[  311.200423][T18176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.200438][T18176] R13: 0000000000000001 R14: 00007fd4209c5fa0 R15: 00007ffeb160b408
[  311.200461][T18176]  </TASK>
[  311.414716][T10985] bridge0: port 2(bridge_slave_1) entered forwarding state
[  311.509945][T18057] 8021q: adding VLAN 0 to HW filter on device batadv0
[  311.523343][T18188] loop7: detected capacity change from 0 to 1024
[  311.555428][T18188] EXT4-fs: Ignoring removed orlov option
[  311.609089][T18188] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  311.649763][T18202] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4776'.
[  311.676496][T18210] loop6: detected capacity change from 0 to 2048
[  311.685058][T18210] EXT4-fs (loop6): #clusters per group too big: 151011328
[  311.702205][T18200] lo speed is unknown, defaulting to 1000
[  311.708425][T18200] lo speed is unknown, defaulting to 1000
[  311.714377][T18200] lo speed is unknown, defaulting to 1000
[  311.726139][T18200] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  311.737337][T18200] lo speed is unknown, defaulting to 1000
[  311.749273][T18200] lo speed is unknown, defaulting to 1000
[  311.755556][T18057] veth0_vlan: entered promiscuous mode
[  311.771837][T18200] lo speed is unknown, defaulting to 1000
[  311.778389][T18200] lo speed is unknown, defaulting to 1000
[  311.784615][T18200] lo speed is unknown, defaulting to 1000
[  311.790876][T18200] lo speed is unknown, defaulting to 1000
[  311.794071][T18057] veth1_vlan: entered promiscuous mode
[  311.832707][T18057] veth0_macvtap: entered promiscuous mode
[  311.860610][T18057] veth1_macvtap: entered promiscuous mode
[  311.879538][T18057] batman_adv: batadv0: Interface activated: batadv_slave_0
[  311.905149][T18057] batman_adv: batadv0: Interface activated: batadv_slave_1
[  311.924919][T18057] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.933773][T18057] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.942568][T18057] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.951355][T18057] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.971453][T18236] loop6: detected capacity change from 0 to 164
[  312.000472][T18236] syz.6.4785: attempt to access beyond end of device
[  312.000472][T18236] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  312.034758][T18236] syz.6.4785: attempt to access beyond end of device
[  312.034758][T18236] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  312.052281][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.173454][T18249] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4789'.
[  312.424949][T18264] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4794'.
[  312.516019][T18268] loop9: detected capacity change from 0 to 1024
[  312.526328][T18268] EXT4-fs: Ignoring removed orlov option
[  312.547188][T18268] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.548175][T18270] FAULT_INJECTION: forcing a failure.
[  312.548175][T18270] name failslab, interval 1, probability 0, space 0, times 0
[  312.572586][T18270] CPU: 1 UID: 0 PID: 18270 Comm: syz.6.4797 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  312.572621][T18270] Tainted: [W]=WARN
[  312.572628][T18270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  312.572708][T18270] Call Trace:
[  312.572713][T18270]  <TASK>
[  312.572768][T18270]  __dump_stack+0x1d/0x30
[  312.572788][T18270]  dump_stack_lvl+0xe8/0x140
[  312.572853][T18270]  dump_stack+0x15/0x1b
[  312.572872][T18270]  should_fail_ex+0x265/0x280
[  312.572962][T18270]  should_failslab+0x8c/0xb0
[  312.572983][T18270]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  312.573008][T18270]  ? __d_alloc+0x3d/0x350
[  312.573087][T18270]  __d_alloc+0x3d/0x350
[  312.573109][T18270]  d_alloc_parallel+0x53/0xc40
[  312.573168][T18270]  ? __d_lookup+0x316/0x340
[  312.573202][T18270]  ? lookup_noperm_common+0x1be/0x2a0
[  312.573345][T18270]  ? d_lookup+0xb2/0xd0
[  312.573375][T18270]  proc_fill_cache+0x158/0x240
[  312.573404][T18270]  ? __pfx_proc_map_files_instantiate+0x10/0x10
[  312.573456][T18270]  proc_map_files_readdir+0x500/0x680
[  312.573498][T18270]  iterate_dir+0x114/0x330
[  312.573523][T18270]  ? mutex_lock+0xd/0x30
[  312.573592][T18270]  __se_sys_getdents64+0x88/0x1b0
[  312.573625][T18270]  ? __pfx_filldir64+0x10/0x10
[  312.573731][T18270]  __x64_sys_getdents64+0x43/0x50
[  312.573763][T18270]  x64_sys_call+0x1302/0x2fb0
[  312.573787][T18270]  do_syscall_64+0xd2/0x200
[  312.573806][T18270]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  312.573908][T18270]  ? clear_bhb_loop+0x40/0x90
[  312.573926][T18270]  ? clear_bhb_loop+0x40/0x90
[  312.573945][T18270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.574034][T18270] RIP: 0033:0x7f4fb6a6e929
[  312.574067][T18270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.574086][T18270] RSP: 002b:00007f4fb50d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  312.574102][T18270] RAX: ffffffffffffffda RBX: 00007f4fb6c95fa0 RCX: 00007f4fb6a6e929
[  312.574113][T18270] RDX: 0000000000000ff6 RSI: 0000200000001fc0 RDI: 0000000000000003
[  312.574126][T18270] RBP: 00007f4fb50d7090 R08: 0000000000000000 R09: 0000000000000000
[  312.574139][T18270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.574152][T18270] R13: 0000000000000000 R14: 00007f4fb6c95fa0 R15: 00007fff8618fbb8
[  312.574184][T18270]  </TASK>
[  312.866928][T18057] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.943395][T18282] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4802'.
[  312.980314][T18295] FAULT_INJECTION: forcing a failure.
[  312.980314][T18295] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  312.993463][T18295] CPU: 1 UID: 0 PID: 18295 Comm: syz.6.4806 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  312.993542][T18295] Tainted: [W]=WARN
[  312.993551][T18295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  312.993565][T18295] Call Trace:
[  312.993572][T18295]  <TASK>
[  312.993580][T18295]  __dump_stack+0x1d/0x30
[  312.993605][T18295]  dump_stack_lvl+0xe8/0x140
[  312.993666][T18295]  dump_stack+0x15/0x1b
[  312.993680][T18295]  should_fail_ex+0x265/0x280
[  312.993736][T18295]  should_fail+0xb/0x20
[  312.993767][T18295]  should_fail_usercopy+0x1a/0x20
[  312.993853][T18295]  copy_fpstate_to_sigframe+0x628/0x7d0
[  312.993885][T18295]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[  312.993949][T18295]  ? x86_task_fpu+0x36/0x60
[  312.993982][T18295]  get_sigframe+0x34d/0x490
[  312.993998][T18295]  ? get_signal+0xdc8/0xf70
[  312.994043][T18295]  x64_setup_rt_frame+0xa8/0x580
[  312.994063][T18295]  arch_do_signal_or_restart+0x27c/0x480
[  312.994092][T18295]  exit_to_user_mode_loop+0x7a/0x100
[  312.994157][T18295]  do_syscall_64+0x1d6/0x200
[  312.994174][T18295]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  312.994407][T18295]  ? clear_bhb_loop+0x40/0x90
[  312.994479][T18295]  ? clear_bhb_loop+0x40/0x90
[  312.994499][T18295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.994519][T18295] RIP: 0033:0x7f4fb6a6e929
[  312.994589][T18295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.994605][T18295] RSP: 002b:00007f4fb50d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  312.994622][T18295] RAX: 0000000000000000 RBX: 00007f4fb6c95fa0 RCX: 00007f4fb6a6e929
[  312.994633][T18295] RDX: 0000000000000000 RSI: 000000000000017f RDI: 0000000000000009
[  312.994691][T18295] RBP: 00007f4fb50d7090 R08: 0000000000000000 R09: 0000000000000000
[  312.994702][T18295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.994713][T18295] R13: 0000000000000000 R14: 00007f4fb6c95fa0 R15: 00007fff8618fbb8
[  312.994730][T18295]  </TASK>
[  313.224780][T18302] FAULT_INJECTION: forcing a failure.
[  313.224780][T18302] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.237881][T18302] CPU: 0 UID: 0 PID: 18302 Comm: syz.7.4808 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  313.237999][T18302] Tainted: [W]=WARN
[  313.238052][T18302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  313.238066][T18302] Call Trace:
[  313.238073][T18302]  <TASK>
[  313.238082][T18302]  __dump_stack+0x1d/0x30
[  313.238109][T18302]  dump_stack_lvl+0xe8/0x140
[  313.238133][T18302]  dump_stack+0x15/0x1b
[  313.238164][T18302]  should_fail_ex+0x265/0x280
[  313.238298][T18302]  should_fail+0xb/0x20
[  313.238357][T18302]  should_fail_usercopy+0x1a/0x20
[  313.238396][T18302]  _copy_to_user+0x20/0xa0
[  313.238416][T18302]  simple_read_from_buffer+0xb5/0x130
[  313.238449][T18302]  proc_fail_nth_read+0x100/0x140
[  313.238540][T18302]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  313.238577][T18302]  vfs_read+0x1a0/0x6f0
[  313.238676][T18302]  ? __rcu_read_unlock+0x4f/0x70
[  313.238698][T18302]  ? __fget_files+0x184/0x1c0
[  313.238768][T18302]  ksys_read+0xda/0x1a0
[  313.238815][T18302]  __x64_sys_read+0x40/0x50
[  313.238852][T18302]  x64_sys_call+0x2d77/0x2fb0
[  313.238878][T18302]  do_syscall_64+0xd2/0x200
[  313.238961][T18302]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  313.238990][T18302]  ? clear_bhb_loop+0x40/0x90
[  313.239014][T18302]  ? clear_bhb_loop+0x40/0x90
[  313.239039][T18302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.239063][T18302] RIP: 0033:0x7ff92f31d33c
[  313.239091][T18302] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  313.239108][T18302] RSP: 002b:00007ff92d987030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  313.239128][T18302] RAX: ffffffffffffffda RBX: 00007ff92f545fa0 RCX: 00007ff92f31d33c
[  313.239141][T18302] RDX: 000000000000000f RSI: 00007ff92d9870a0 RDI: 0000000000000003
[  313.239163][T18302] RBP: 00007ff92d987090 R08: 0000000000000000 R09: 0000000000000000
[  313.239249][T18302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.239260][T18302] R13: 0000000000000000 R14: 00007ff92f545fa0 R15: 00007ffe35337d58
[  313.239276][T18302]  </TASK>
[  313.459682][T18308] loop8: detected capacity change from 0 to 512
[  313.467197][T18307] loop9: detected capacity change from 0 to 1024
[  313.479262][T18310] loop6: detected capacity change from 0 to 1024
[  313.486294][T18310] EXT4-fs: Ignoring removed orlov option
[  313.492448][T18307] EXT4-fs: Ignoring removed orlov option
[  313.499443][T18308] EXT4-fs error (device loop8): ext4_iget_extra_inode:5035: inode #15: comm syz.8.4811: corrupted in-inode xattr: e_value size too large
[  313.509255][T18310] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.514687][T18308] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.4811: couldn't read orphan inode 15 (err -117)
[  313.529927][T18307] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.551056][   T29] kauditd_printk_skb: 858 callbacks suppressed
[  313.551070][   T29] audit: type=1326 audit(1751288093.340:25465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.7.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff92f3158e7 code=0x7ffc0000
[  313.580930][   T29] audit: type=1326 audit(1751288093.351:25466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.7.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff92f2bab19 code=0x7ffc0000
[  313.604484][   T29] audit: type=1326 audit(1751288093.351:25467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.7.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  313.605217][T18308] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  313.634713][   T29] audit: type=1326 audit(1751288093.435:25468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.7.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff92f3158e7 code=0x7ffc0000
[  313.663497][   T29] audit: type=1326 audit(1751288093.435:25469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.7.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff92f2bab19 code=0x7ffc0000
[  313.687049][   T29] audit: type=1326 audit(1751288093.435:25470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.7.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  313.712173][   T29] audit: type=1326 audit(1751288093.509:25471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.7.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff92f3158e7 code=0x7ffc0000
[  313.735760][   T29] audit: type=1326 audit(1751288093.509:25472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.7.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff92f2bab19 code=0x7ffc0000
[  313.759311][   T29] audit: type=1326 audit(1751288093.520:25473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.7.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7ff92f31e929 code=0x7ffc0000
[  313.760843][T18317] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  313.783496][   T29] audit: type=1326 audit(1751288093.594:25474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18311 comm="syz.7.4813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ff92f3158e7 code=0x7ffc0000
[  313.837583][T18057] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.934528][T15699] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.256166][T17508] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.369848][T18354] loop8: detected capacity change from 0 to 1024
[  314.376772][T18354] EXT4-fs: Ignoring removed orlov option
[  314.387636][T18354] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.512578][T18375] x_tables: ip6_tables: mh match: only valid for protocol 135
[  314.537624][T18369] loop7: detected capacity change from 0 to 512
[  314.554951][T18369] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.567692][T18369] ext4 filesystem being mounted at /249/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.674811][T17508] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.685822][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.714826][T18384] FAULT_INJECTION: forcing a failure.
[  314.714826][T18384] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.727957][T18384] CPU: 0 UID: 0 PID: 18384 Comm: syz.8.4837 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  314.727989][T18384] Tainted: [W]=WARN
[  314.727995][T18384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  314.728008][T18384] Call Trace:
[  314.728083][T18384]  <TASK>
[  314.728092][T18384]  __dump_stack+0x1d/0x30
[  314.728165][T18384]  dump_stack_lvl+0xe8/0x140
[  314.728191][T18384]  dump_stack+0x15/0x1b
[  314.728213][T18384]  should_fail_ex+0x265/0x280
[  314.728248][T18384]  should_fail+0xb/0x20
[  314.728281][T18384]  should_fail_usercopy+0x1a/0x20
[  314.728340][T18384]  _copy_from_user+0x1c/0xb0
[  314.728358][T18384]  ___sys_sendmsg+0xc1/0x1d0
[  314.728410][T18384]  __x64_sys_sendmsg+0xd4/0x160
[  314.728487][T18384]  x64_sys_call+0x2999/0x2fb0
[  314.728506][T18384]  do_syscall_64+0xd2/0x200
[  314.728521][T18384]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  314.728617][T18384]  ? clear_bhb_loop+0x40/0x90
[  314.728640][T18384]  ? clear_bhb_loop+0x40/0x90
[  314.728659][T18384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.728712][T18384] RIP: 0033:0x7fb26a1ee929
[  314.728728][T18384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.728761][T18384] RSP: 002b:00007fb268857038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.728780][T18384] RAX: ffffffffffffffda RBX: 00007fb26a415fa0 RCX: 00007fb26a1ee929
[  314.728794][T18384] RDX: 0000000000000004 RSI: 0000200000000480 RDI: 0000000000000004
[  314.728808][T18384] RBP: 00007fb268857090 R08: 0000000000000000 R09: 0000000000000000
[  314.728822][T18384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.728836][T18384] R13: 0000000000000000 R14: 00007fb26a415fa0 R15: 00007fff13afca88
[  314.728865][T18384]  </TASK>
[  315.301048][T18408] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  315.325183][T18408] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  315.396710][T18441] netlink: 'syz.9.4860': attribute type 12 has an invalid length.
[  315.440885][T18446] FAULT_INJECTION: forcing a failure.
[  315.440885][T18446] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  315.454351][T18446] CPU: 1 UID: 0 PID: 18446 Comm: syz.3.4862 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  315.454387][T18446] Tainted: [W]=WARN
[  315.454395][T18446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  315.454463][T18446] Call Trace:
[  315.454469][T18446]  <TASK>
[  315.454478][T18446]  __dump_stack+0x1d/0x30
[  315.454503][T18446]  dump_stack_lvl+0xe8/0x140
[  315.454526][T18446]  dump_stack+0x15/0x1b
[  315.454564][T18446]  should_fail_ex+0x265/0x280
[  315.454595][T18446]  should_fail_alloc_page+0xf2/0x100
[  315.454689][T18446]  __alloc_frozen_pages_noprof+0xff/0x360
[  315.454820][T18446]  alloc_pages_mpol+0xb3/0x250
[  315.454855][T18446]  folio_alloc_mpol_noprof+0x39/0x80
[  315.454957][T18446]  shmem_get_folio_gfp+0x3cf/0xd60
[  315.455038][T18446]  shmem_fallocate+0x57c/0x840
[  315.455067][T18446]  vfs_fallocate+0x410/0x450
[  315.455089][T18446]  __x64_sys_fallocate+0x7a/0xd0
[  315.455108][T18446]  x64_sys_call+0x2b88/0x2fb0
[  315.455126][T18446]  do_syscall_64+0xd2/0x200
[  315.455199][T18446]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  315.455223][T18446]  ? clear_bhb_loop+0x40/0x90
[  315.455246][T18446]  ? clear_bhb_loop+0x40/0x90
[  315.455290][T18446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.455375][T18446] RIP: 0033:0x7fd42079e929
[  315.455388][T18446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.455403][T18446] RSP: 002b:00007fd41ee07038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  315.455422][T18446] RAX: ffffffffffffffda RBX: 00007fd4209c5fa0 RCX: 00007fd42079e929
[  315.455435][T18446] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  315.455448][T18446] RBP: 00007fd41ee07090 R08: 0000000000000000 R09: 0000000000000000
[  315.455507][T18446] R10: 0000000008000c62 R11: 0000000000000246 R12: 0000000000000002
[  315.455518][T18446] R13: 0000000000000000 R14: 00007fd4209c5fa0 R15: 00007ffeb160b408
[  315.455536][T18446]  </TASK>
[  315.843103][T18470] 9pnet_fd: Insufficient options for proto=fd
[  315.862841][T18472] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  315.915044][T18477] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4874'.
[  316.000034][T18488] loop7: detected capacity change from 0 to 512
[  316.021466][T18488] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4879: Failed to acquire dquot type 1
[  316.047477][T18488] EXT4-fs (loop7): 1 truncate cleaned up
[  316.055334][T18488] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.082544][T18488] ext4 filesystem being mounted at /267/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  316.103455][T18497] netlink: 268 bytes leftover after parsing attributes in process `syz.8.4881'.
[  316.116505][T18488] 8021q: VLANs not supported on nlmon0
[  316.146619][T14486] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.172448][   T10] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[  316.180518][   T10] hid-generic 0000:0000:0000.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  316.192406][T18511] 9pnet_fd: Insufficient options for proto=fd
[  316.803215][T18531] Restarting kernel threads ...
[  316.808624][T18531] Done restarting kernel threads.
[  316.990550][T18541] loop6: detected capacity change from 0 to 1024
[  316.997290][T18541] EXT4-fs: Ignoring removed orlov option
[  317.005885][T18541] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.041332][T18545] 9pnet_fd: Insufficient options for proto=fd
[  317.072948][T18547] loop7: detected capacity change from 0 to 128
[  317.080408][T18547] EXT4-fs: Ignoring removed nobh option
[  317.087869][T18547] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  317.100283][T18547] ext4 filesystem being mounted at /271/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  317.146341][T14486] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  317.197322][T18541] ==================================================================
[  317.205426][T18541] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  317.213675][T18541] 
[  317.215991][T18541] write to 0xffff888109292460 of 4 bytes by task 18549 on cpu 1:
[  317.223700][T18541]  writeback_single_inode+0x14a/0x3e0
[  317.229075][T18541]  sync_inode_metadata+0x5b/0x90
[  317.234018][T18541]  generic_buffers_fsync_noflush+0xd9/0x120
[  317.239918][T18541]  ext4_sync_file+0x1ab/0x690
[  317.244626][T18541]  vfs_fsync_range+0x10a/0x130
[  317.249433][T18541]  ext4_buffered_write_iter+0x34f/0x3c0
[  317.254977][T18541]  ext4_file_write_iter+0x383/0xf00
[  317.260173][T18541]  iter_file_splice_write+0x5ef/0x970
[  317.265577][T18541]  direct_splice_actor+0x153/0x2a0
[  317.270738][T18541]  splice_direct_to_actor+0x30f/0x680
[  317.276130][T18541]  do_splice_direct+0xda/0x150
[  317.280906][T18541]  do_sendfile+0x380/0x650
[  317.285328][T18541]  __x64_sys_sendfile64+0x105/0x150
[  317.290546][T18541]  x64_sys_call+0xb39/0x2fb0
[  317.295149][T18541]  do_syscall_64+0xd2/0x200
[  317.299659][T18541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.305549][T18541] 
[  317.307880][T18541] read to 0xffff888109292460 of 4 bytes by task 18541 on cpu 0:
[  317.315517][T18541]  __mark_inode_dirty+0x52/0x760
[  317.320450][T18541]  ext4_write_inline_data_end+0x3e5/0x5f0
[  317.326176][T18541]  ext4_write_end+0x4cd/0x730
[  317.330868][T18541]  generic_perform_write+0x312/0x490
[  317.336146][T18541]  ext4_buffered_write_iter+0x1ee/0x3c0
[  317.341695][T18541]  ext4_file_write_iter+0x383/0xf00
[  317.346911][T18541]  iter_file_splice_write+0x5ef/0x970
[  317.352296][T18541]  direct_splice_actor+0x153/0x2a0
[  317.357432][T18541]  splice_direct_to_actor+0x30f/0x680
[  317.362819][T18541]  do_splice_direct+0xda/0x150
[  317.367609][T18541]  do_sendfile+0x380/0x650
[  317.372030][T18541]  __x64_sys_sendfile64+0x105/0x150
[  317.377230][T18541]  x64_sys_call+0xb39/0x2fb0
[  317.381826][T18541]  do_syscall_64+0xd2/0x200
[  317.386320][T18541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.392209][T18541] 
[  317.394526][T18541] value changed: 0x00000038 -> 0x00000002
[  317.400238][T18541] 
[  317.402564][T18541] Reported by Kernel Concurrency Sanitizer on:
[  317.408721][T18541] CPU: 0 UID: 0 PID: 18541 Comm: syz.6.4897 Tainted: G        W           6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  317.421046][T18541] Tainted: [W]=WARN
[  317.424838][T18541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  317.434898][T18541] ==================================================================
[  317.551425][T15699] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.