last executing test programs:

6m39.040847607s ago: executing program 32 (id=1163):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
setrlimit(0x40000000000008, &(0x7f0000000000))

4m10.002585731s ago: executing program 3 (id=4400):
socket$kcm(0x29, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r0}, 0x10)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r1, &(0x7f0000001c80)=[{0x0}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x74}], 0x1, 0x0)

4m9.909424492s ago: executing program 3 (id=4401):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000880)='kfree\x00', r0, 0x0, 0x200002000000}, 0x18)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000280)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0xb}, 0x1c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x80000001, @local, 0x403}, 0x1c)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0xfffffd75, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0xb}], 0x1c)
sendto$inet6(r2, &(0x7f0000000040)='l', 0x1, 0x810, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r2, 0x1)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000200)={0x28, 0x0, 0x0, @host}, 0x10)

4m9.824257882s ago: executing program 3 (id=4403):
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x5ff, &(0x7f0000000040)=<r3=>0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0)
syz_genetlink_get_family_id$devlink(0x0, r4)
io_submit(r3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
r7 = io_uring_setup(0x6a0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000080)={0xbf, 0x0, 0x400, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x10)

4m8.770409328s ago: executing program 3 (id=4407):
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f0000000a80)={&(0x7f0000000300)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000900)=[{&(0x7f0000000340)=""/231, 0xe7}, {&(0x7f00000006c0)=""/111, 0x6f}, {&(0x7f0000000740)=""/244, 0xf4}, {&(0x7f0000000840)=""/185, 0xb9}], 0x4, &(0x7f0000000a00)=[@rdma_map={0x30, 0x114, 0x3, {{&(0x7f0000000940)=""/80, 0x50}, &(0x7f00000009c0), 0x2}}, @zcopy_cookie={0x18}], 0x48, 0x20006050}, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000440)={@in={{0x2, 0x0, @local}}, 0x0, 0x0, 0xf, 0xfeff, "a69e87ad90ffb6b4b8ef2c88bd9316809d2c5e674fdae02795585a9392d651e2003294cc11be2b39bb2445999a58f0b90e69473ae585be8587529a0247ea14f5475bd7b699075f8172e05c49eb78bedd"}, 0xd8)
sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@random="e90c630faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x3, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x3, 0x2, 0x0, @val=0x80}}}}}}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x2000000, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000002dc0)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f00000004c0))
open(0x0, 0x64842, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x203, 0x8401)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/slabinfo\x00', 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e20, 0x783, @private0, 0x9}, 0x1c)
syz_clone(0x40003180, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00')

4m8.37360947s ago: executing program 4 (id=4415):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000440), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
personality(0x400000b) (fail_nth: 1)

4m8.100167412s ago: executing program 4 (id=4416):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), r3)
sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000740)={0x34, r4, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffd}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x841}, 0x400c050)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)

4m8.046443082s ago: executing program 4 (id=4420):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b6fffec850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
close(0xffffffffffffffff)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={&(0x7f0000000500)="31531c7e94a18f3a12be9e27fb32ef0b1ab7cf137a563086e232bf8a195e1ef3a503ce8d292590018709c20ca550689d34cf3ce4600c5279c5951fe7f52777e3961dcab79c6a4adfb96ef5192b875cc7dc35ae0ab1b66fcfc60904149f0a5e0e33a521959e4535e6c42bbdc38d6ec4b5ed66f18a5e114276588c3cf6047adf8eeefa4a42a4c1ae8e7852e18f878810b8ee10eb0bd1cbcc054d613ab05a1fbc0dc1ace32d47b51c38bc2c1fcfa1e21df600f81ac0511adc01cc4fbec17e7279b9b0b57fc7a833d0f359ae80e6592c970ab848bba57220796e1aee45bf9a57f0f6d02148dc93676d752ddfe565454043816afeecaf6a17cb", &(0x7f0000000600)=""/212, &(0x7f0000000700)="2cab5e02f59de351502c47c31826cf321aae798184f1bb4ec2f037a248cfa5dc8af22046d4236327b4f112e2f87d08dca75a2a1c463c303c717865590e2f91f1ab40b432ad1c69e8bd86d93a6817360e95dbe377483c20b1596f3bb6120086232cddec5ca7993d7a6fe55298fce7b43c86ff9440e7ddbde47251d84651e0fe48665074dea91ab8", &(0x7f00000000c0)="ea621ab6562e89e0fe6664d4d2ea1742615135cb664e8ea6ce0a72e8addabfe4048dba26460ed10d8634", 0xff, r1}, 0x38)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)

4m8.001841502s ago: executing program 4 (id=4422):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000100)={r2, 0x2, 0x6}, 0x10)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000000c0)={r2, 0x2, 0x6, @remote}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002025252700000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000840)={r3, 0x70000000, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB="00000000001c0000ffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r4}, &(0x7f00000004c0), &(0x7f0000000500)='%-5lx  \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x1000407, &(0x7f0000000040)={[{@abort}, {@norecovery}, {@orlov}, {@nomblk_io_submit}]}, 0x4, 0x5cd, &(0x7f0000001400)="$eJzs3c9PHFUcAPDvDAsUUMHGROvBEI22iRYKbU39cWjvTVN/3LyIhTa1tCUFo1QTaVI9mBgvHpp48mD9L7TRqycTDx68eDJNqjG9aIxZM/sDlmUXFsoylfl8kum+N2/gvSl8mTdv3tsNoLBGs3/SiH0RMZdEDDeUlaJWOFo97u6fH5zJtiTK5df+SOKZ2r768Untdaj2xf8OR/z4XRJ7e9bWO7949cLU7OzMlVp+fOHi3Pj84tWD5y9OnZs5N3Np8vnJY0ePHD02ceiezi9tSJ+8/va7w5+ceuOrL/5JJr7+5VQSx+P3s9WyxvPYLqMxGn+Vyx8278/+X49td2U56Vn+PVmRNO/g/pVUY6Q3Ih6N4ehp+GkOx0ev5No2oKvKSUQZKKhE/ENB1fsB9Xv7zu6D0y73SoCdcOdEVO7+18Z/qTo2GCOVsYHBu8mqcZ4WQ3pbktXxw/enrmdbdGkcDmht6Vp/LdUc/0klNkdiTyU3eDddFf9ZD+B07TXb/+oW6x9tyot/2DlL1yLisVb9/43j/82G+H9ri/WLfwAAAAAAANg+t05ExHOtnv+ltWdze+LJxvk/P62sEDy+DfVv/Pwvvb0N1QAt3DkR8fLq+b9J0yEjPbXn/A9WZwMmZ8/PzhyKiIci4kD09mf5iXXqOPjp3hvtyhrn/2Vb1ob6XMCq9Hapf/XXTE8tTG31fIEVd65FPF5qP/8n5kqVdf3N83+zvwdzHdax9+mbp9uVbRz/QLeUv4zY33L9z0o3IFn//TnGK/2B8XqvYK0n3v/sm3b1i3/IT3b9H1w//keSxvfrmd/c9++LiMOLpXK78rbxv9zZaN3/70te76l//8x7UwsLVyYi+pKTa/dPbq7NsFvV46EeL1n8H3hq/fG/5f5/QxwORMRSh3UOxNCv7cpc/yE/WfxPb+r6v/nE5M2Rb9vV39n435HKNf1AbY/xP1hfpwGadzsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P8ojYgHIknHltNpOjYWMRQRj8RgOnt5fuHZs5ffuTSdlVU+/z+tf9LvcDWf1D//f6QhP9mUPxwRD0fE5z0DlfzYmcuz03mfPAAAAAAAAAAAAAAAAAAAANwnhtqs/8/81pN364CuK9VexTsUTynvBgC5Ef9QXOIfikv8Q3GJfyiuLca/xwWwC7j+Q1H1dnbYnm63A8hDp9f/gS63AwAAAAAA2Ba3XnrhRhIRSy8OVLZMX61s+cGgcX/YldK8GwDkxhxeKC5Tf6G4Opz8C+xiyXLq73Kr8vaz/5PuNAgAAAAAAAAAAAAAWGP/vls/b7j+H9iVrP+H4lq1/r8/v3YAO8/6fygu9/jARqv4rf8HAAAAAAAAAAAAgPzNL169MDU7O3OlIIn6esf7pT0S6yR6I6LdMfVf4Huv6/DHrYqSXAOkL//w3Pm/RQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGv/BQAA//9qrhqf")
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)

4m7.838123013s ago: executing program 3 (id=4426):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0x1c, &(0x7f0000000b80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7d129c75a61f23b02000014"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000000)=0x3500, 0x4)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r0, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0xe, 0x60882)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x34, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x10, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=")
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket(0x10, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000540)=0x3)
ioctl$USBDEVFS_ALLOC_STREAMS(r1, 0x8008551c, &(0x7f0000000100)={0xc418, 0x1, [{0x1, 0x1}]})

4m7.822129833s ago: executing program 4 (id=4427):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r3}, 0x10)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r4, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000400000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x2, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0xa3}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = syz_open_dev$mouse(&(0x7f00000001c0), 0x2, 0x20000)
syz_open_pts(r5, 0x1)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r9, @ANYBLOB="08000100", @ANYRES16=r9], 0x90}}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000880)=@bpf_ext={0x1c, 0xe, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xff}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @map_fd={0x18, 0x5}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x8}, @alu={0x7, 0x1, 0x3, 0x2, 0x5, 0x2, 0x12}, @exit, @call={0x85, 0x0, 0x0, 0x65}], &(0x7f0000000580)='GPL\x00', 0xda, 0x9b, &(0x7f00000006c0)=""/155, 0x40f00, 0x11, '\x00', r9, 0x0, r5, 0x8, &(0x7f00000005c0)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x12923, r3, 0x8, &(0x7f0000000780)=[0xffffffffffffffff, r1, r1, r5, r1], &(0x7f0000000800)=[{0x4, 0x1, 0x2, 0x7}, {0x2, 0x5, 0x10, 0xa}, {0x0, 0x1, 0x1, 0xb}, {0x2, 0x4, 0xb, 0x6}, {0x1, 0x3, 0xa, 0x7}, {0x0, 0x3, 0x2, 0x8}, {0x1, 0x4, 0x9, 0x4}, {0x0, 0x1, 0x10, 0x8}], 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000002c0)="010001000000000200001000015b", 0xe, 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
sendmmsg$inet(r0, &(0x7f0000006040)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000001a40)='!', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000ec0)=[{&(0x7f00000007c0)="c1", 0x1}], 0x1}}], 0x2, 0x0)
close(r0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0x4b0}, 0x1, 0x0, 0x0, 0x44}, 0x0)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90124fc600c05000f90c60100053582c137153e370a48018004f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x5}, 0x0)

4m7.636088105s ago: executing program 33 (id=4428):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x7, &(0x7f0000001140)=ANY=[@ANYBLOB="8510000005000000001000185800000c00000000852000000300000018550000050000000000003c0500"/56], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f00000000c0)='./file1\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0xa37, 0x3a1042)
ioctl$USBDEVFS_RELEASEINTERFACE(r2, 0xc00c5512, &(0x7f0000000040))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001000)=ANY=[@ANYRES16=r1, @ANYRES32=0x0, @ANYBLOB="000000000000002200aa54640b150f2406000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000017a8b7b6"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffffb5)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8808d2, &(0x7f0000000300), 0x3, 0x4de, &(0x7f0000000c40)="$eJzs3E1oXNUeAPD/nUma9Ot1Xl9f32utmlrFYDFp02q7EKSi4EJBrKAuQ5KW2rSRJgVbqkxB6lIK7sWlWxdu1U0RV4LbuhSkUKSbtoI4cmfunZlMZ5ImmWSM+f1gMufcr3POPffcOfeczASwYQ2lf5Ja+GZE7IiIQusGQ7W3e3euTNy/c2UiypXKyd+S6m5303gmO0xszSLDhYjCx0ljRZPZS5fPjk9PT13I4qNz594fnb10+dkzg9mS48ePHjl87Pmx55ZeqDbppeW6u/ejmX17Xn33+usTffnyPLXmcnTLUAy1y0rVU91OrMe2N4WTvh5mhCVJr/+0uvqr7X9HFGOhyiuvYc6A1VapVCoDnVeXK62uPrAEWLeS6HUOgN7IP+jT59/81a4jsGl1uh89d/tE7QEoLfe97BXxeHVhPg7S3/J8201DEfFO+ffP01es0jgEAECzb0/kPcGW/l+pNjPyx8UbL6bv/8rmUEoR8e+I2BkR/4mIXRHx34jYHRH/i4j/txy/GBGVBdIfaonX069PQhVudamobaX9vxeyua1G/29eBkrFLLY9Iu8wTx3Kzslw9A+cOjM9dXiBNL57+adPO61r7v+lrzT9vC+Y5eNWX8sA3eT43PiyC9zi9tWIvX2t5U/6IpL6TEASEXsiYu8SjltqCp955st99Uj//O0WL39Vpe08WhfmmSpfRDxdq/9yzKv/RorJvPnJc+Onp05PnR+rz0+ODsb01KHR9Co41DaNH3689kan9Bct/9e/tO7yyrFvTmYta+XS+t/SdP1HPn/bKH8piUjq87WzS0/j2s+fdHymWe71vyl5qxrOn0s/GJ+bu3A4YlPy2oPLxxr75vH0Pcq18g8faN/+d2b7pGfikYhIL+JHI+KxqD0hpnnfHxFPRMSBBcr//UtPvrf88q+utPyTLfe/Ws3Pq//GfH2nQJLNDbZZVTy7/+b9DjePh6v/o9XQcLak/f0vmXeL6JTT/NMuXfLnis8eAAAArA+FiNjWNJa0LQqFkZHaGNCu2FKYnpmdO3hq5uL5yXRdRCn6C/lIV208uD/Jxz9LTfGxlviRbNz4s+LmanxkYmZ6sqclB7ZW23xSGIl4u9jU/lO/dmeIGfg7830t2LgWav9pJ3739TXMDLCmHv7z/8aHq5oRYM01tf9O3/AvL+P/voB1wPM/0LD4D/24Z8D6V9GWYUNbUvs/6EcA4Z+kL96shws9zQmw1vT/YUNa9Hv9KwpUBtqvGowHN47BhQ9YjOVlY3ObtHoSSHtWPUl983L2yn9NoeM2UVjaAQeiO3V6aoVno3xh9vTurl/8lex/5btdg1+tSTttF+jJ7QgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDr/goAAP//aUHglQ==")
r4 = inotify_init()
inotify_add_watch(r4, &(0x7f0000000000)='.\x00', 0x400017e)
chdir(&(0x7f0000000240)='./file0\x00')
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f0000000480)=ANY=[@ANYRESHEX, @ANYRESHEX, @ANYRESOCT, @ANYRES32, @ANYRES64, @ANYRES8, @ANYRESDEC, @ANYRESOCT=r4], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r5, 0x0, 0x0)
socket$inet(0x2, 0x6, 0xffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000f4ff", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYRES16=r3, @ANYRESHEX=r2], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f000001a280), 0x4)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext2\x00', &(0x7f0000000240)='./file1\x00', 0x2000480, &(0x7f0000000c00)={[], [{@fscontext={'fscontext', 0x3d, 'user_u'}}]}, 0x1, 0x787, &(0x7f000001a9c0)="$eJzs3ctrXNUfAPDvnSTNo/39EkHQugoIGiidmBpbBRcVFyJYKOjadphMQ80kUzKT0oSALSK4EVRcCLrp2kfdufWx1f/ChbRUTYsVFxK582inyUw6SZtMYD4fuMk59zHnfOc+zpk5l7kB9Kzx9E8m4nBEfJREjNbnJxExUE31R5ysrXdnbTWfTkmsr7/5R1Jd5/baaj6atkkdrGeejIgf3484ktlcbnl5ZS5XLBYW6/nJyvyFyfLyytHz87nZwmxh4fjU9PSxEy+cOP7oYv3rl5VDNz5+7dlvTv7z3hPXPvwpiZNxqL6sEceh1puuv7uD8sZjvP6eDKRv4X1e3cHr7WdJtyvAjqSnZl/tLI/DMRp91VQbw3tZMwBgt6T92nUAoMck2n8A6DGN7wFur63mG1N3v5HYWzdfiYihWvyN8c3akv76mN1QdRx05HZy38hIEhFjj6D88Yj44ru3v0qn2DCeWtVi7BTgUbh8JSLOjo1vvv4nm+5ZaBjq8LWf62Cd8Q35Xmt/oJu+T/s/L7bq/2Xu9n+iRf9nsMW5uxMPPv8z1zdv1ekV6MHS/t/LTfe23WmKv26sr577X7XPN5CcO18spNe2/0fERAwMpvmpLcqYuPXvrXbLmvt/f37yzpdp+en/e2tkrvcP3r/NTK6Se5iYm928EvFUf6v4k7v7P2nT/z3dYRmvv/TB5+2WpfGn8TamzfHvrvWrEc+03P/37mhLtrw/cbJ6OEw2DooWvv31s5F25Tfv/3RKy298FtgL6f4f2Tr+saT5fs3y9sv4+eroD+2WPTj+1sf/geStavpAfd6lXKWyOBVxIHlj8/xj97Zt5Bvrp/FPPN36/N/q+E8/E55tE9Pshvr23/j9653Hv7vS+Ge2tf+3n7h2Z66vXfmd7f/pamqiPqeT61+nFXyY9w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWpPvM6yWTvpjOZbLb2DO/HYyRTLJUrR86VlhZmas/GHouBTOOnLkebfg91qv57+I38sQ355yPisYj4dHC4ms/mS8WZbgcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHUH2zz/P/XbYLdrBwDsmqFuVwAA2HPafwDoPdtr/4d3rR4AwN7x+R8Aeo/2HwB6j/YfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXXb61Kl0Wv97bTWf5mcuLi/NlS4enSmU57LzS/lsvrR4ITtbKs0WC9l8ab7tC12u/SuWShemY2Hp0mSlUK5MlpdXzsyXlhYqZ87P52YLZwoDexYZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHSuvLwylysWC4sSEr2YGIiIfVCN/ZdovkoMd+8CBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/RcAAP//tncrOw==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001180)={0x0, r5, 0x0, 0x7}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@abort}, {@nombcache}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
mknodat(0xffffffffffffff9c, &(0x7f0000000400)='./file7\x00', 0x21c0, 0x103)
unshare(0x2c060000)
r6 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r6, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

4m7.621700274s ago: executing program 4 (id=4430):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x24, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r2, &(0x7f00000002c0), 0x20000000}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff02000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
shutdown(r1, 0x0)
r5 = syz_genetlink_get_family_id$smc(&(0x7f0000000400), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x44, r5, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_team\x00'}]}, 0x44}}, 0x0)
sendmsg$SMC_PNETID_DEL(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r5, 0xc27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000, 0x0, 0x200400c1}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r8, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000800)='kfree_skb\x00', r9}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00'}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0))

4m7.604277915s ago: executing program 34 (id=4430):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x24, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r2, &(0x7f00000002c0), 0x20000000}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff02000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
shutdown(r1, 0x0)
r5 = syz_genetlink_get_family_id$smc(&(0x7f0000000400), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x44, r5, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_team\x00'}]}, 0x44}}, 0x0)
sendmsg$SMC_PNETID_DEL(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r5, 0xc27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000, 0x0, 0x200400c1}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r8, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000800)='kfree_skb\x00', r9}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00'}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0))

4m7.592038645s ago: executing program 3 (id=4432):
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), r2)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000740)={0x34, r3, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffd}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x841}, 0x400c050)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)

4m7.580176355s ago: executing program 35 (id=4432):
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000480), r2)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000740)={0x34, r3, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffd}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x841}, 0x400c050)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)

1m19.051558828s ago: executing program 5 (id=7222):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0x1c, &(0x7f0000000b80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7d129c75a61f23b02000014"], 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r0, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0xe, 0x60882)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x34, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x10, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=")
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket(0x10, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000540)=0x3)
ioctl$USBDEVFS_ALLOC_STREAMS(r1, 0x8008551c, 0x0)

1m18.101367913s ago: executing program 5 (id=7240):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x1000407, &(0x7f0000000040)={[{@abort}, {@norecovery}, {@orlov}, {@nomblk_io_submit}]}, 0x4, 0x5cd, &(0x7f0000001400)="$eJzs3c9PHFUcAPDvDAsUUMHGROvBEI22iRYKbU39cWjvTVN/3LyIhTa1tCUFo1QTaVI9mBgvHpp48mD9L7TRqycTDx68eDJNqjG9aIxZM/sDlmUXFsoylfl8kum+N2/gvSl8mTdv3tsNoLBGs3/SiH0RMZdEDDeUlaJWOFo97u6fH5zJtiTK5df+SOKZ2r768Untdaj2xf8OR/z4XRJ7e9bWO7949cLU7OzMlVp+fOHi3Pj84tWD5y9OnZs5N3Np8vnJY0ePHD02ceiezi9tSJ+8/va7w5+ceuOrL/5JJr7+5VQSx+P3s9WyxvPYLqMxGn+Vyx8278/+X49td2U56Vn+PVmRNO/g/pVUY6Q3Ih6N4ehp+GkOx0ev5No2oKvKSUQZKKhE/ENB1fsB9Xv7zu6D0y73SoCdcOdEVO7+18Z/qTo2GCOVsYHBu8mqcZ4WQ3pbktXxw/enrmdbdGkcDmht6Vp/LdUc/0klNkdiTyU3eDddFf9ZD+B07TXb/+oW6x9tyot/2DlL1yLisVb9/43j/82G+H9ri/WLfwAAAAAAANg+t05ExHOtnv+ltWdze+LJxvk/P62sEDy+DfVv/Pwvvb0N1QAt3DkR8fLq+b9J0yEjPbXn/A9WZwMmZ8/PzhyKiIci4kD09mf5iXXqOPjp3hvtyhrn/2Vb1ob6XMCq9Hapf/XXTE8tTG31fIEVd65FPF5qP/8n5kqVdf3N83+zvwdzHdax9+mbp9uVbRz/QLeUv4zY33L9z0o3IFn//TnGK/2B8XqvYK0n3v/sm3b1i3/IT3b9H1w//keSxvfrmd/c9++LiMOLpXK78rbxv9zZaN3/70te76l//8x7UwsLVyYi+pKTa/dPbq7NsFvV46EeL1n8H3hq/fG/5f5/QxwORMRSh3UOxNCv7cpc/yE/WfxPb+r6v/nE5M2Rb9vV39n435HKNf1AbY/xP1hfpwGadzsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P8ojYgHIknHltNpOjYWMRQRj8RgOnt5fuHZs5ffuTSdlVU+/z+tf9LvcDWf1D//f6QhP9mUPxwRD0fE5z0DlfzYmcuz03mfPAAAAAAAAAAAAAAAAAAAANwnhtqs/8/81pN364CuK9VexTsUTynvBgC5Ef9QXOIfikv8Q3GJfyiuLca/xwWwC7j+Q1H1dnbYnm63A8hDp9f/gS63AwAAAAAA2Ba3XnrhRhIRSy8OVLZMX61s+cGgcX/YldK8GwDkxhxeKC5Tf6G4Opz8C+xiyXLq73Kr8vaz/5PuNAgAAAAAAAAAAAAAWGP/vls/b7j+H9iVrP+H4lq1/r8/v3YAO8/6fygu9/jARqv4rf8HAAAAAAAAAAAAgPzNL169MDU7O3OlIIn6esf7pT0S6yR6I6LdMfVf4Huv6/DHrYqSXAOkL//w3Pm/RQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGv/BQAA//9qrhqf")

1m17.755141595s ago: executing program 5 (id=7245):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f0000000040)=0x2, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "fb0800", 0x14, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x40}}}}}}}, 0x0) (fail_nth: 1)

1m17.634727726s ago: executing program 5 (id=7249):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x11a2, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r3, &(0x7f0000000000)={0x1f, @none}, 0x8)
listen(r3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rvdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',\x00'])
ioctl$sock_TIOCOUTQ(r2, 0x5411, &(0x7f0000000380))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000600)='kmem_cache_free\x00', r6}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000480)='./file0/../file0\x00', 0x0, 0x21adc51, 0x0)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x1000, 0x0)
umount2(&(0x7f00000004c0)='./file0/../file0\x00', 0x0)
r7 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r7, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x29}}, './file0\x00'})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x101, 0x0)

1m17.539628106s ago: executing program 5 (id=7251):
syz_io_uring_setup(0x34b3, &(0x7f0000000180)={0x0, 0x0, 0x30c0, 0x1}, &(0x7f0000000100), &(0x7f0000000140))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[], &(0x7f0000000ec0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r3}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000580)=ANY=[@ANYBLOB="aaaaaaaaaaaa00c60000000008004500001c000000000033907800000000090000000000000000089078d67a7d9558fdcc11706b466c7611091702909a55b27807f126d35da3460039e8c080e3ddaa955d397c4478d43111a2a7e26f2291e16789d0b13b70fc67dc8e95722bbfd9a4ce07002b078743abc49a0f86fa9d96586da8f68f65d38779981bf81e9e9a1501ae52d52aaa81c7c51f71f4acaae856550cd34fabb7c6d43c22e5af181173ed512116afb18db099f664d0b8687e0e5bb6971fbe363608c80ec6b8b32ea8401a1eab5e365b625b6912f99416f20b0f840ff3af0809afe91e8042d1502aee9d025160d001dcbb149eef5afbb37537cc2bba291b9d5e67d69e338f85d3ba077facd43c9152550ddfb113e3bcb0001125a8cdc521a25f9678268196df"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4, 0x0, 0x8000000000000000}, 0x18)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
splice(r7, 0x0, r9, 0x0, 0xf3a, 0x6)
tee(r8, r5, 0x8, 0x2)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r10}, 0x10)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000003c0), 0x0)
r11 = syz_open_procfs(0x0, &(0x7f0000000280)='ns\x00')
readlinkat(r11, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000002780)=""/4112, 0x1010)
r12 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r12, &(0x7f0000000180)=@name={0x1e, 0x2, 0x1, {{0x42, 0x2}, 0x4}}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000e684b3f448aba06d00"/28], 0x48)
socket$inet_udp(0x2, 0x2, 0x0)

1m17.295651188s ago: executing program 5 (id=7254):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0xe6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)

1m17.278799898s ago: executing program 36 (id=7254):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0xe6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)

1m6.19096154s ago: executing program 1 (id=7389):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b705000008"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r2}, 0x18)
r4 = syz_io_uring_setup(0x110, 0x0, 0x0, 0x0)
eventfd(0x6)
io_uring_register$IORING_REGISTER_EVENTFD(r4, 0x21, 0x0, 0x1)
openat$tun(0xffffffffffffff9c, 0x0, 0x882, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0x10, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
getsockopt$inet_mreqn(r5, 0x0, 0x20, &(0x7f00000006c0)={@local, @local}, &(0x7f0000000700)=0xc)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_RATE={0x6}]}, 0x38}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000740)={'batadv_slave_0\x00'})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000840)={'ip6gre0\x00', &(0x7f0000000780)={'syztnl0\x00', 0x0, 0x2f, 0x4, 0x5, 0x0, 0x16, @remote, @rand_addr=' \x01\x00', 0x6f9b10cff0384462, 0x700, 0xff, 0x6}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000880)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000008c0)=0x14)
writev(r0, &(0x7f0000000440)=[{&(0x7f0000000140)="13146000000370", 0x7}], 0x1)

1m6.19046022s ago: executing program 1 (id=7390):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000005c0)='kfree\x00', r2, 0x0, 0x2}, 0x18)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="200000001000010700000000e9ffffff0a0000000c0002006e6c3830323131"], 0x20}}, 0x0)

1m6.17495644s ago: executing program 1 (id=7391):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000fd0f000003"], 0x48)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b80)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000f000000240007800c000400000000000000000008000200010100000c000200"], 0x38}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x1}, 0x18)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)
syz_emit_ethernet(0x52, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd601927f2001c2c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000e0000000080000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000e865ec612f3797f3ca637d748007b4ec6f7feb579bd9b84f0589b9cf2154efc1fea19e51bf5b0401f7f8b11c1aee886c35e8358e21af4ecf8efaa06001a7d550ea2f29d946be4469f9335a061d13a21e12fcbc67f0abd5f3723dd0d05fda6bbf8b239b67d22f4a30e3f4cff26c7732437b1e545e0e097318421d676a87d5508ecfbe07247985bf"], 0x0)
sendmsg$inet6(r0, &(0x7f0000000400)={&(0x7f0000000540)={0xa, 0x4e23, 0x1000000080000, @remote, 0x3}, 0x1c, 0x0}, 0x0)

1m5.888961352s ago: executing program 1 (id=7392):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000000), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl")
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x64)
getdents64(r4, &(0x7f0000000f80)=""/4096, 0x1000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f0000e1ab14140000000000000000000084110400000000000000000000000041554449540000bcb92dfff07fca000000466ef58f5dc8438b000000000000000800"/376]}, 0x1f0)
r7 = perf_event_open$cgroup(&(0x7f0000000280)={0x2, 0x80, 0xd6, 0x44, 0x6, 0x1, 0x0, 0x7, 0x4, 0x4, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x4, 0x4, @perf_config_ext={0x7, 0xffff}, 0x100, 0x3, 0x0, 0x7, 0xc, 0x6e54, 0x4, 0x0, 0x0, 0x0, 0x81}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0x27, 0x5, 0xf6, 0x1, 0x0, 0x5, 0x1c000, 0xb, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0xa7, 0x4, @perf_config_ext={0x9, 0x5}, 0x18c0, 0xa6e, 0x3, 0x7, 0x4, 0x2, 0x3, 0x0, 0x6, 0x0, 0x61}, 0xffffffffffffffff, 0xc, r7, 0x9)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080), 0x3c001, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_TDLS_MGMT(r9, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x50, r0, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_IE={0x15, 0x2a, [@random_vendor={0xdd, 0xf, "64a899caca13cdc6e80170a7efb699"}]}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x17}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x1}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x2a}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000101000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='rss_stat\x00', r11}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="595300000000000000086b00000008000300", @ANYRES32=0x0, @ANYBLOB="080099"], 0x38}}, 0x0)
r12 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r13}, 0x18)
r14 = fcntl$dupfd(r12, 0x0, r12)
write$sndseq(r14, &(0x7f0000000800)=[{0x20, 0x0, 0x0, 0x0, @time={0x10b, 0x3}, {}, {0x0, 0x3}, @connect={{0x0, 0x9}}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time=@time={0x2}}], 0x38)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1m5.632927443s ago: executing program 1 (id=7399):
socket$packet(0x11, 0x3, 0x300)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)

1m5.245432535s ago: executing program 1 (id=7400):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)

1m5.245227645s ago: executing program 37 (id=7400):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)

17.181262784s ago: executing program 7 (id=8628):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b00)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000180)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000001240)=<r4=>0x0, &(0x7f0000001340)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0)

17.132183174s ago: executing program 7 (id=8630):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)={0x2, 0x18, 0x0, 0x0, 0x17, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@loopback, @in=@local}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @broadcast}}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x4e23, @rand_addr=0x64010100}, @in6={0xa, 0x4e22, 0x101, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x8}}]}, 0xb8}}, 0x0)
pipe(&(0x7f00000002c0)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000001c0)=[{&(0x7f00000004c0)="7cd1f233f595b9483683fb7fcac2881731c46bffa49ed496fc644240945fc5df846ba39e38efc8aec53ef3336edc8b34345245ccb129039638ada63a724ef5a39687", 0x42}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYRES16=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
socket$phonet_pipe(0x23, 0x5, 0x2)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x51}, 0x9c)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0xcf88, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000000000)='\t', 0xf4c, 0x0, 0x0, 0x0)

16.19734234s ago: executing program 7 (id=8635):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000005c0)='kfree\x00', r2, 0x0, 0x2}, 0x18)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="200000001000010700000000e9ffffff"], 0x20}}, 0x0)

16.18443683s ago: executing program 7 (id=8639):
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0b00000007000000080000000800000005000000", @ANYRES32, @ANYBLOB="000becac00d46753452178b4da000000000000004bd7c4a29b2ec8a5b294ef3157edca68da3218e3c4eadea4ad08522eff35a1258ce13d5f6ced7431b45d7cddef79599ffe5a2695a015ad924979ed", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='signal_generate\x00', r0}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x55b, &(0x7f0000000940)="$eJzs3U9oHNUfAPDvzGZ//ZefqaCg0kNRoULpJukfrZ7aq1go9CB4qctmG0I22ZDdaBNySO9F7EFUeqk3PXhUPHgQLx69elE8C6JBoelBVvZf2iabuK1JtnY+H5jd9+Zt9vvezH7f7gwzJIDMOtp8SCOejYiLScTIPW1D0Wk82n7d2upy6c7qcimJRuPSb0kkEXF7dbnUfX3SeT4UESsR8UxEfJuPOJ5ujltbXJouVirl+U59tD4zN1pbXDoxNVOcLE+WZ0+98uqZs6fPjJ8c37GxXv/pxnvXv3/91o3PPj+yUvqgmMS5GO603TuOndTeJvk4t2H96d0INkDJoDvAQ8l18jwfEU/HSOQ6WQ88/hr7IhpARiXyHzKq+zugefzbXfby98ev59sHIM24a52l3TLUPjcR+1vHJgf/SO47Mmkebx7ey47yWFq5FhFjQ0ObP/9J5/P38MZ2ooPsqm/Ot3fU5v2frs8/0WP+Ge6eO/2XuvPf2qb572783Bbz38U+Y/z11s8fbxn/WsRzPeMn6/GTHvHTiHi7z/g33/zq7FZtjU8ijkXv+F3J9ueHR69MVcpj7ceeMb4+duS17cZ/cIv47XO2+1tfM722/1yf4//yuy+eX9km/ksvbL//e23/AxHxfp/xn7z96RtbtTXjT2wx/u3iN9fd6jP+y+eO/tjnSwEAAAAAAAAAgAeQtq5lS9LCejlNC4X2PbxPxcG0Uq3Vj1+pLsxOtK95Oxz5tHul1Ui7njTr453rcbv1kxvqp3KdgLkDrXqhVK1MDHjsAAAAAAAAAAAAAAAAAAAA8Kg4tOH+/z9z7fv/gYzwL78hu+Q/ZNf9+Z8MrB/A3vP9D5nVkP+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/AAAAAAAAAAAAAAAAAAAAAAAAAADsiosXLjSXxp3V5VKzPjG0uDBdfefERLk2XZhZKBVK1fm5wmS1OlkpF0rVmX96v0q1OjcWswtXR+vlWn20trh0eaa6MFu/PDVTnCxfLuf3ZFQAAAAAAAAAAAAAAAAAAADw3zLcWpK0EBFpq5ymhULE/yPicOSTK1OV8lhEPBERP+Ty+5r18UF3GgAAAAAAAAAAAAAAAAAAAB4ztcWl6WKlUp5X2FyIiJWdfefmOz7wX+U7++pR2SwKWSgMeGICAAAAAAAAAAAAAAAAAIAMunvT76B7AgAAAAAAAAAAAAAAAAAAAFmW/pJERHM5NvLi8MbW/yVrudZzRLx789KHV4v1+vx4c/3v6+vrH3XWnxxE/4F+dfO0m8cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAXbXFpelipVKe38XCoMcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DD+DgAA//+H69Sv")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000400)={0x0, 0x2, 0x0, 0xfffffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4004, @fd_index=0x5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/224, 0xe0}], 0x1000000000000006})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)

16.010935791s ago: executing program 7 (id=8644):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f00000003c0)='kfree\x00', r1}, 0x18)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r2, &(0x7f0000008c80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000002540)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x14}, @rand_addr=0x64010102}}}, @ip_retopts={{0x10}}], 0x30}}], 0x2, 0x840)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={@local, 0x1a, r4})

15.378331065s ago: executing program 7 (id=8655):
socket$kcm(0x29, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00'}, 0x10)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x2, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0xa3}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$mouse(&(0x7f00000001c0), 0x2, 0x20000)
syz_open_pts(r2, 0x1)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES16=r6], 0x90}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000002c0)="010001000000000200001000015b097ead85847817353d2d09000000", 0x1c, 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)

15.377672584s ago: executing program 38 (id=8655):
socket$kcm(0x29, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00'}, 0x10)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x2, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0xa3}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$mouse(&(0x7f00000001c0), 0x2, 0x20000)
syz_open_pts(r2, 0x1)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES16=r6], 0x90}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000002c0)="010001000000000200001000015b097ead85847817353d2d09000000", 0x1c, 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)

6.327899615s ago: executing program 9 (id=8826):
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
timer_getoverrun(0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r2}, 0x8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0x5, 0xfffffff7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="40000000100039042cbd7000eaffffff001e03e4", @ANYRES32=0x0, @ANYBLOB="03000000cb1507002000128008000100736974001400028008000100", @ANYRES32=0x0, @ANYBLOB="05000a0000000000"], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r5, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000004c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0xfffffff4, '\x00', 0x0, r5, 0x2, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
socket$key(0xf, 0x3, 0x2)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f00000002c0)=""/204, 0xcc)

5.400550991s ago: executing program 9 (id=8853):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
signalfd4(0xffffffffffffffff, &(0x7f0000000300), 0x8, 0x0)

5.39609722s ago: executing program 9 (id=8854):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0x8, 0x4)
linkat(0xffffffffffffffff, &(0x7f0000000340)='./file1\x00', 0xffffffffffffffff, &(0x7f0000001400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x1800)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'ip6tnl0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000180)='7', 0x1, 0x0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @random="bf73a9e561c5"}, 0x14)

5.378738741s ago: executing program 9 (id=8855):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b00)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0x0, 0x10100}, 0x0, &(0x7f0000001340)=<r3=>0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)

5.309208341s ago: executing program 9 (id=8856):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYRES64=r1, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
syz_io_uring_setup(0x55fb, &(0x7f0000000180)={0x0, 0x2fb3, 0xc6, 0x2, 0xe6}, &(0x7f0000000040), &(0x7f0000000100))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sched_getscheduler(0x0)
modify_ldt$read_default(0x2, &(0x7f0000000740)=""/227, 0xe3)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="4c0200001000010000000000fedbdf25e0000002000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000330000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000003500000a00040000000000000000004800010073686132353600"/233], 0x24c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000380)={<r5=>0x0, @in={{0x2, 0x4e22, @rand_addr=0x64010101}}, 0x7bb, 0x4028}, &(0x7f00000004c0)=0x90)
setsockopt$inet_sctp6_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000000700)={r5, 0x8, 0x10, 0x5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000020000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$EXT4_IOC_GETFSUUID(r6, 0x8008662c, &(0x7f0000000000))
tkill(0x0, 0x12)
r7 = syz_open_dev$usbfs(&(0x7f0000000340), 0x800000001fe, 0x802)
r8 = dup(r7)
ioctl$USBDEVFS_CONTROL(r8, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x1c, 0x2, 0x0, 0x0, 0x0})
sched_setscheduler(0x0, 0x6, &(0x7f0000000200)=0x2d1)
syz_emit_ethernet(0x6e, &(0x7f0000000180)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000386dd60f4adf700383a00fe880000000000000000000000000001ff020000000000000000000000000001"], 0x0)

1.98903655s ago: executing program 8 (id=8901):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r3, 0x0, 0x2e, &(0x7f00000006c0)={0x7, {{0x2, 0x0, @multicast2}}, {{0x14, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r6}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
pipe2(0x0, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000008fd1f22b207494333c59e4c129d1938908ab501409626065399ff6735698855de47669474af75fd2d080018b9e07b1d2bb199994fa908bb9afb01bc6c37f3459abac9a5e6f12cbda5335fa1a2c9609256f629d7a15c404b0b1d5475e42085e6f1580ec812267269e819b8b8920f40034585e4dd7fa94acad1595c3232964b45e549fa25778f5548dd1a2564ae7827b29430bf5b252c95729c71118f9c8ce7d5bd6027bdb3b08db9725d10f207a508d82fd87124038bcd3c8a0234409d12f1af867d3f9", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
r9 = socket$inet(0x2, 0xa, 0x6)
ioctl$sock_inet_SIOCSARP(r9, 0x8955, &(0x7f0000000340)={{0x2, 0x4e22, @local}, {0x306, @broadcast}, 0x6, {0x2, 0x4e22, @local}, 'dummy0\x00'})
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_NODELAY(r10, 0x84, 0x3, &(0x7f0000000280), &(0x7f00000003c0)=0x4)
r11 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, r11)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001c40)="d80000001c0081064e81f782db44b9040a1d08041100000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000", 0x2c}], 0x1}, 0x0)

1.95351977s ago: executing program 2 (id=8903):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x15, 0x0, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{0x2, 0x5, 0x82, 0x101}, {0x2, 0x0, 0x0, 0x691ec714}]}, 0x10)
r3 = gettid()
kcmp(r3, r3, 0x6, 0xffffffffffffffff, 0xffffffffffffffff)

1.95164687s ago: executing program 8 (id=8904):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
rmdir(0x0)

1.930287139s ago: executing program 8 (id=8905):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b00)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000001240)=<r3=>0x0, &(0x7f0000001340)=<r4=>0x0)
syz_io_uring_submit(r3, r4, 0x0)
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)

1.92905319s ago: executing program 2 (id=8906):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000600)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@errors_remount}, {@noload}]}, 0x3, 0x44a, &(0x7f0000000bc0)="$eJzs271vG2UYAPDn7CSlXyRU5aMfQKAgylfSpKV0YAGBxFAkJBjKGJK0CnUb1ASJVhEEhMqIKjGxIEYk/gImWBAwIbHCjipVKEsLk9HZd43t2E6dOnGpfz/p3Pe9O/d9nrt77ffujQPoW6PpSxKxKyL+iIjharV+h9HqPzdWlqb/WVmaTqJcfuvvpLLf9ZWl6XzX/H0788pAROGzJA40aXfh4qWzU6XS7IWsPr547v3xhYuXnp87N3Vm9szs+ckTJ44dnXjx+OQLXckzzev6/o/mD+57/Z0rb0yfuvLuL98lef4NeXTJaLuNT5bLXW6ut3bXlJOBHgZCR4rVbhqDlf4/HMVYPXnD8dqnPQ0O2FTlcrn8QOvNy2XgLpZEryMAeiP/ok/vf/Nli4Yed4RrL1dvgNK8b2RLdctAFLJ9Bhvub7tpNCJOLf/7dbrE5jyHAACo80M6/nmu2fivELXPhe7N5lBGIuK+iNgTEccjYm9E3B9R2ffBiHiow/YbJ0nWjn8KV2tr5aTDBtaRjv9eyua26sd/+egvRopZbXcl/8Hk9Fxp9kh2TA7H4La0PtGmjR9f/f2LVttqx3/pkrafjwWzOK4ObKt/z8zU4tTt5Fzr2icR+wca8j8ZlQm8fCYgPeT7ImL/BtuYe+bbg622rZ9/G12YZyp/E/FU9fwvR935X73Qkvbzk+P3RGn2yHh+Vaz162+X32zV/m3l3wXp+d/R9Pq/mf9IUjtfu9DJ//7V0+nr5T8/b3lPs9Hrfyh5u1IeytZ9OLW4eGEiYig5WQ26dv3k6nvzer5/mv/hQ837/55YPRIHIiK9iB+OiEci4tEs9sci4vGIONTmKPz8yhPvbTz/zZXmP9PR+V8tDEXjmuaF4tmfvq9rdKST/NPzf6xSOpytuZXPv1uJq9OrGQAAAP6vChGxK5LC2M1yoTA2Vv0b/r2xo1CaX1h89vT8B+dnqr8RGInBQv6ka7jmeehEdluf1ycb6kez58ZfFrdX6mPT86WZXicPfW5ni/6f+qvY6+iATef3WtC/9H/oX/o/9C/9H/pXk/6/vRdxAFuv2ff/xz2IA9h6Df3ftB/0Eff/0L820v99ZsDdoW1fHtq6OIAttbA91v+RvILCmkIU7ogwFDap0OtPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO74LwAA///lI+j0")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000540000060000000000080300000000000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
recvmmsg(r0, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = socket(0x10, 0x2, 0x0)
socket(0x1, 0x803, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000002400)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x20, 0x5, 0x3, 0x20, @rand_addr=' \x01\x00', @mcast2={0xff, 0x5}, 0x80, 0x8000, 0x2}})
syz_genetlink_get_family_id$ethtool(0x0, r3)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000001000)={0x0, 0x8000, 0x1000, 0x0, 0x4}, 0x20)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r6, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")

1.86518472s ago: executing program 8 (id=8907):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
fsetxattr$security_selinux(r2, &(0x7f0000000000), &(0x7f0000000040)='u:r:untrusted_app:s0:c512,c768\x00', 0x1f, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x39, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r5 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
r7 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
r8 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r9=>0x0})
r10 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
bind$packet(r10, &(0x7f0000000980)={0x11, 0xf8, r9, 0x1, 0x0, 0x6, @remote}, 0x14)
bind$packet(r8, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000200))
sendto$unix(r8, &(0x7f0000000180)="dd5b560485c93e3c99142944b6cc147516b43666633104df04f94277c2e3e4bdca17f5c53cc8a5600aea6f499d605a5020d7d06bbeb5ed77f3ecd0bfb5bfbe37b3ba7d0ca0c9112ea23d0bf8c80e2b898a1af1c2a4afc56030966c52cde22eaab71a5d7cc0effb97dd2031284729c2356eda75e9b18b1fb6dc55717cfb5f", 0x7e, 0x8080, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="020a000002"], 0x10}}, 0x0)

1.061254815s ago: executing program 6 (id=8919):
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x80, 0x90000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x100000001}, 0x8224, 0x0, 0x0, 0x0, 0x2, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = getpid()
r2 = getpid()
kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, 0x0)
r3 = openat$incfs(0xffffffffffffffff, &(0x7f00000007c0)='.pending_reads\x00', 0x404800, 0x26)
ioctl$TUNSETVNETHDRSZ(r3, 0x400454d8, &(0x7f0000000800)=0x8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x4}, 0x18)
r8 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc1}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0x31}, 0x48, 0xffffffffffffffff)
r9 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441700322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6de6269613800"}, 0x48, 0xfffffffffffffffd)
keyctl$KEYCTL_MOVE(0x4, r9, r8, 0x0, 0x0)
r10 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x4, r8, r10, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000540)={@fallback=r11, 0x7, 0x0, 0xffffff81, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r13=>0x0}, 0x40)
r14 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000780)={r12, 0x0, 0x25, 0x0, @void}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000005c0)=ANY=[@ANYRES32=r7, @ANYRES32=r12, @ANYBLOB="2a0000001420000000000000", @ANYRES32=r14, @ANYBLOB="6521f9e2df39909a7d1324ff6855b5f79a7b9ec7cce6c42a85e03bb3ff1f7e89443023c93770cafc6b68858f49bd6c189644c1d63819dd5d1384a6d7a5ac0826eb613858735405ab7ffb82bd3252a5b55c7d68bfc6734f79c613e6af47e551c15e54373fa3b9251a7d573a7168e3b618a5e0a7a1ee1f73cad101b6f81689d4be3dc1276d7ef77d4304e692f8e0f6934c62729c75094092e107000000", @ANYRES64=r13], 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r12}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc6, 0x9}, 0x0, 0xc8, 0x0, 0x0, 0x10000005}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000900)={<r15=>0xffffffffffffffff})
sendmsg$inet(r15, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x10)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200102f00fe80000000000000875a65059ff57b00000000000000000000000000ac1414aa35f022eb"], 0xcfa4)
recvmsg$unix(r15, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=[@rights={{0x14, 0x1, 0x1, [<r16=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0x38}, 0x0)
write$cgroup_subtree(r16, &(0x7f0000000000)=ANY=[], 0xfdef)

970.058075ms ago: executing program 2 (id=8922):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = semget$private(0x0, 0x6, 0x0)
semtimedop(r2, &(0x7f0000000180)=[{0x0, 0xfff}], 0x1, 0x0)
semtimedop(r2, &(0x7f0000000040)=[{}, {}], 0x2, 0x0)
semtimedop(r2, &(0x7f0000000180)=[{0x4, 0x3, 0x800}, {0x2, 0x1, 0x800}, {0x3, 0x2, 0x3000}, {0x0, 0x6, 0x1000}, {0x4, 0x8001, 0x2800}, {0x1, 0x7, 0x1800}], 0x6, &(0x7f00000004c0)={0x0, 0x989680})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r3, &(0x7f0000000900)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8458e6f5f76e0e4e781bfca4c928c956321dd514877569805db6602f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26ce40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8356985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35c498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c1761f1322b03cc9ea586d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f9156e35424", 0x45c)
r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r4, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r5, 0x0, 0x0}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x101080e, &(0x7f00000001c0)=ANY=[@ANYBLOB="756e686964652c68696465006e6f726f636b2c73657373696f6e3d3078303030303030013030303030303030312c686964652c63007b6865636b3d7374726963f4416e6f636fd689c91ceb036442a5e8b65659212a2bbc4e30952aa22edafcc01c50d9545f6d70726573534d6e6f726f636b2c6368657f12106458668eb97fd25f742c696f636861727365743d69736f383835392d31332c63727566742c7065726d6928d7997c17d1c8704a54dc34229c72656374696f2c61756469742c004b32b19ac463afda9675ef356e50e2fb3d253ba1480f27afe645fded942f5957f2992896524e7731fa148037452b21c34c9918911ac37dff04099efbbf3c69c8fb9bdcda4683151bb24329a40b273da9bce1145213686d55a96caab752943c330423edc3876e0b859d57cd6d60dc5220aa1367c24de5e66343c128db17391d25b7aa35001e68df726f9ca1e0bfab6993329f0318602f3c51a28ed0858da3e3c47e95de50cbd34e68dd8517f1b4e1eeab0000000000e7b4ea43ef9e4d817aae8e0d2e71215bc0127620b046361adbde0b60bee63e91aa28d93cd8d79802966dbfacceffe6b1d302c5515d7323f7cca3f665a6964cba6cd16ae40bc68e94ac6b40bf96a55dcefd4024a5d7a848d08bdb5d8bb89b4c1968cf6ae0fd7858fa38b738c1ee6822f2cfdb30c3941199251d603d495ab6ce2ddb8e918e72b9171aaa287f2b19755bdc92109150850d5c14ec2ac32dee0122b28fcb3e88d5096d6352799c5f13f597695adfd21e644379e6a400000000000000000000000000fa41c3f14dca4ef03fed7e6466a4e2d4503979398731ee0fc7487e0b09466d841e2d8e64ed9e0d4333e6a79acee454fdb4fff932f123000000", @ANYRES16, @ANYRESOCT], 0x0, 0x695, &(0x7f0000001bc0)="$eJzs3Vtv2+Ydx/Ef5YNkdwiKbQiCIG2eJBvgYJlCyY0DIwNWjaJsbpIokPJgAwOKrLGLIHK6JRmw+KbwxU5A+wZ214vtYi9iwK73Bna73W1Asd0N2A0HHmRJ1slylKZtvh8jEUX+n+f5k1T0Dy2SEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkOVUbbtkqe41d3bNeE418BsTlqe9LelmOnFz6riSFf9RoaBL6axL3+wtvhj/dV1X0mdXVIgfCjp64+Kb976xmOu2n5DQeWjWDp8+P3p0v9PZf3KG2AXN3P2rpNwZgrbcphf6XqOy5Rov9M3mxoZ9e7sWmppXd8O9sO02jBO4ubYfmDXnpiltbq5/ki/u+TvNrWql7nZn3v1u2bY3zA/z6Y6WVAydba9e95pbSUy8OI65az7+SRrgVhrGHDzs7K9PSzIOKp0lqDwtqGyXy6VSuVzauLN5565tLw7NsGOWfUJDEXN/0eJLZn5v3sALysX1/x+WVFdBTe1oV2bkj6OqAvlqjFme6db/b992J47bX/+7Vf6S9P1s8WUl9f/t9Nnb4+r/mFyMTNJg1BJrzPzZfpayXp7quY70SPfVUUf7ejKHvo3M1Rft4VdzyePvUWJCxJZcNeUplC9PDVWSOSabY7SpDW3I1nvaVk2hjGryVJerUHsK1ZabvKIcBXJVUVu+AhmtydFNGZW0qU2ty8hVUXvytaOmtlRVRf+NouhAD5Ptvj4hR3WDSmMC8v1B5Qk9jav/P/0ofZ1m9d+m/r+u0tdBPnsXmxQDfAFEyfF/YdZmV19ONgAAAAAA4GWwkt++W8ln929JilTz6q79qtMCAAAAAABzZCnK64osJae06S1ZHP8DAAAAAPBVYyXX2FmSVpOT+q3elVBn+SXAwueQIgAAAAAAeEFW99L/KLlpxVVZMx3/AwAAAACAL4Hf9t1jf7F7j92o+7F+Tn9blfLWn/+dV7BkHbd2v2UdVuIllcMsZugMgHbtsnUhu1Fv8rAsKXnmuFesbLTsJphWt9FnB9Pu9W8FpxJYXujvYEwCVjzyxmL2TB/rWtrkWvZrjwdHOSVL0lFWa17dLTp+/V5JlcqFXNvdbf/i8cNfSsHJeh487OwX3/+w8yDJ5TiedXwYd/rRQDq50Rujl8uz5H4LyTUXo9Z4RbXukL9rNlatZFy7u/4Lqhzm+geatAN6Y/5a19N9dn01jV09Ornjfrz+hXj9S8Vklw2sfbBk9bIopWu+3D/o0I4Yk0UhyeJGGnNj7Ub60M0v7idnFb6zIJWLw/tgIIty//afvi2s//RlsSJNySLbFutxFn+JOxqTxfpsWQztEQB4VQ56VSi5iflQ3e2Wh+6b2rnqzvTq/u5gdX/2+yhKGixIi9lnExNHKSiuK2tWUoeWlbyxLl4e8Y5uZ3WloDHv6Pbpuj5DdYvH+lPvO5CytIey+F8URfdKybifnKqqn8YNPj01bu//WGG9vBBvwtvPDn+W3AA/9sH+B/uPy+X1Dfsd275T1lKyGtnDgk5nyjmbAIAzfMfO1AjrHV1LI649+FdatTVQ8b5+ckpBUe/rQ3X0QLe6XyFwdXSvq32nIdxKj1rVd9RqLr55Lz6IOxVb0q2xR3VJLe2LLZ/ELqnbZLBS92LXX/JeAADg83V9Sh0eXf8LA/X/ltbSiLXLI4+7B2v56W8IHhdbmp78u/PeGgAAvB7c4DNrtf0bKwi81nulzc1Spb3tmsB3fmQCr7rlGq/ZdgNnu9Lcck0r8Nu+49dNK1Deq7qhCXdaLT9om5ofmJYfervJN7+b7KvfQ7dRabY9J2zV3UroGsdvtisLMlUvdExr5wd1L9x2g6Rx2HIdr+Y5lbbnN03o7wSOWzQmdN2+QK/qNttezYsnm6YVeI1KsGd+7Nd3Gq6puqETeK22n3aYjOW0jdes+UEj6baoaNT5AgAAvHaePj96dL/T2X8yYeJY02OyieURHfJ5MwAAXzC9cj1Do8JLTAgAAAAAAAAAAAAAAAAAAAAAAAw5y/V/M00sjbpYUDqZ8/MLp1r9QaP6sXS+NFY0j7XIzdqqe0nE0aO/TgheOZnT3fz9McfnSNXSeVbwn1+T3kjmZM0X5/gCyCZWkq0x15fWxInvHaRbdGxMvHDkovzJvlic/z+HeOLxH8csiqIomtw8P7gNlyet4ODEoqQnyy+wCwbeJrhvBvAV9P8AAAD//79OPqQ=")

969.451045ms ago: executing program 8 (id=8923):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = geteuid()
lsetxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000400)=@v3={0x3000000, [{0x8, 0xfff}, {0xffffff01, 0x3}], r2}, 0x18, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x1004404, &(0x7f0000000240)={[{@noinit_itable}, {@dioread_lock}, {@noauto_da_alloc}, {@lazytime}, {@nombcache}, {@max_batch_time={'max_batch_time', 0x3d, 0xa}}]}, 0x23, 0x44d, &(0x7f0000000980)="$eJzs28tvG0UYAPBv7SR9k1CVRx9AoCDKK2nSUnpAQiCQOICEBIdyDElalboNaoJEq4oWhMoRVeLEBXFE4i/gBBcEnJC4wh1VqlAvLZyM1t5NbMd2HnXsUP9+0jozu2PPfN6d9exONoC+NZq+JBE7I+KPiBiuZusLjFb/3L55afqfm5emkyiX3/47qZS7dfPSdF40f9+OPDMQUfgsif1N6p2/cPHMVKk0ez7Ljy+c/WB8/sLF506fnTo1e2r23OTx40ePTLxwbPL5jsSZxnVr38dzB/a+/u61N6dPXHvvl++SPP6GODpktN3GJ8rlDlfXW7tq0slADxvCmhSr3TQGK/1/OIqxtPOG47VPe9o4YEOVy+Xy/a03XykDd7Gkcg4ovxS9bgjQZfkPfXr9my9dGnpsCjderl4ApXHfzpbqloEoZGUGG65vO2k0Ik5c+ffrdImNuQ8BAFDnh3T882yz8V8hau8L3ZPNoYxExL0RsTsijkXEnoi4L6JS9oGIeHCN9TdOkiwf/xSuryuwVUrHfy9mc1v147989BcjxSy3qxL/YHLydGn2cPadHIrBLWl+ok0dP776+xetttWO/9IlrT8fC2btuD6wpf49M1MLU3cSc60bn0TsG2gWf7I4E5BExN6I2LfOOk4//e2BVttWjr+NDswzlb+JeLK6/69EQ/y5pP385PjWKM0eHs+PiuV+/e3qW63qv6P4OyDd/9ubHv+L8Y8ktfO182v59K+eSl+v/vl5y2ua9R7/Q8k7des+mlpYOD8RMZS8UW107frJhnKTS+XT+A8dbN7/d8fSN7E/ItKD+KGIeDgiHsna/mhEPBYRB9t8Cz+/8vj7649/Y6Xxz6xp/y8lhqJxTfNE8cxP39dVOrL04avb/0crqUPZmtWc/1bTrrUezQAAAPB/VYiInZEUxhbThcLYWPV/+PfE9kJpbn7hmZNzH56bqT4jMBKDhfxO13DN/dCJ7J5Lnp9syB/J7ht/WdxWyY9Nz5Vmeh089LkdLfp/6q9ir1sHbDjPa0H/0v+hf+n/0L/0f+hfTfr/tl60A+i+Zr//l1d+29aNaAvQXQ3937Qf9BHX/9C/1tP/nTPg7tC2Lw91rx1AV81vi5UfkpeQWJaIwqZoxiZKXN4czehQotdnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74LwAA//8cB+YG")
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=@bridge_getlink={0x20, 0x12, 0x1}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x40010)
r4 = creat(&(0x7f0000000100)='./bus\x00', 0x100)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fcntl$setstatus(r4, 0x4, 0x6100)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
r8 = inotify_init()
inotify_add_watch(r8, &(0x7f0000000300)='./bus\x00', 0xa2000a9b)
write$binfmt_script(r7, &(0x7f00000000c0), 0xfea7)
copy_file_range(r7, &(0x7f00000001c0), r6, 0x0, 0xfffffff7a003e45c, 0x10000000000000)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r5, 0x40505331, &(0x7f0000000100)={{}, {0xe}, 0x3, 0x4})
write$cgroup_type(r4, &(0x7f0000000200), 0x175d9003)

687.322447ms ago: executing program 9 (id=8924):
r0 = socket(0x1e, 0x80004, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r2, 0x1, 0x20, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f00000002c0)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10)
get_robust_list(0x0, 0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000180), r1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000810"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x2c)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r9, 0xc0c0583b, &(0x7f0000000780)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xb}]})
sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f0000000280)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="00d300000000fedbdf250402000008000400000000000000050006000e0f0000080003009700000032da20c62ab448a02cbc3f88fdd525aaa327ef9742f5fdafa7a6bbe439c33700000000000009a4f330b6af5569b2ddcf9aa2"], 0x34}}, 0x24004804)

638.697577ms ago: executing program 8 (id=8926):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0b00000007000000d3c900000900000001000000", @ANYRES32, @ANYBLOB="0000000000f0ffffff000000000000b5789aea2030725ba534db3ac361f34990c6aa8a3283f2088d65aaab5ba188ca4a72a03cc56ee15a84409e6a398ce15f2e05010664b2abac47d6672d804aae1e362654d9f39e05b86757732a490bf1fff73c48fd4320bd4b358dd93e3e92fb13fa1b24a1a4a552e271463e40eba90780a34765e1bdbc3843a89aec7a01932494e89b5ed2b25b3cd5a748a4b4fc756935fad9b4b893cc80e6135af1c36f2c87182629bd7e6a5d4aa06669411dfb142aeddd01db9f79ea2de73d97ade25adea433cb7866f49c63d62a894bb0a1b0b1bc512e77eaa05ede0e987e951482bdb14516a0e97fb0bcbc50710d5cfdfe116e46f308ad11bdf5094c7cb7dd2cbd6f7f051b928288", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)
socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000400"/25], 0x48)
r4 = socket$kcm(0x2, 0xa, 0x2)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000000)=0xe)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
recvmsg(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/249, 0xf9}], 0x1, 0x0, 0x4d}, 0x0)
close(r9)
sendmsg$tipc(r10, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000004c0)=@o_path={&(0x7f00000003c0)='./file0\x00', 0x0, 0x402c, r3}, 0x18)
r11 = socket$netlink(0x10, 0x3, 0x4)
writev(r11, &(0x7f0000000000)=[{&(0x7f0000000500)="480000001400190d09004beafd0d8c560a84476080ffe00600000000090400000000000000000f7f89001900200000000101ff0000000309ff5bffff009dc7f5ed5e000000000000", 0x48}], 0x1)
ioctl$sock_SIOCETHTOOL(r4, 0x8923, &(0x7f0000000540)={'bond0\x00', &(0x7f0000000040)=@ethtool_sfeatures})

523.436768ms ago: executing program 0 (id=8929):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
futex(&(0x7f000000cffc), 0x1, 0x800000, 0x0, 0x0, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

503.392218ms ago: executing program 0 (id=8930):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = msgget$private(0x0, 0x214)
socket$inet_udplite(0x2, 0x2, 0x88)
msgsnd(r0, &(0x7f0000000980)=ANY=[@ANYBLOB="03"], 0x2000, 0x0)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000000040)={{0x2, 0x0, 0xee00, 0xee01, 0x0, 0x2, 0x2}, 0x0, 0x0, 0x1, 0x5, 0x8, 0x0, 0x8, 0xfffe, 0x1b})
creat(0x0, 0xd931d3864d39dc4a)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0)

391.339588ms ago: executing program 0 (id=8931):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xffd, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xffd, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
unshare(0x20000400)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r3, 0x4b45, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002e80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r7, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000020a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003002aea091428000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x8010)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fcntl$F_SET_FILE_RW_HINT(r6, 0x40e, &(0x7f0000000000))
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r8}, 0x10)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000d80)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r9, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r6)

390.995618ms ago: executing program 0 (id=8932):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
move_pages(0x0, 0xa, &(0x7f0000000040)=[&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000800000/0x800000)=nil, &(0x7f0000df4000/0x4000)=nil, &(0x7f0000ba7000/0x4000)=nil, &(0x7f0000d0c000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil], &(0x7f0000000140)=[0x2, 0xb30, 0x1000], &(0x7f0000000180)=[0x0, 0x0, 0x0], 0x0)

386.611729ms ago: executing program 0 (id=8933):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[], 0x48}}, 0x0)

373.547498ms ago: executing program 0 (id=8934):
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
timer_getoverrun(0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r2}, 0x8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0x5, 0xfffffff7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="40000000100039042cbd7000eaffffff001e03e4", @ANYRES32=0x0, @ANYBLOB="03000000cb1507002000128008000100736974001400028008000100", @ANYRES32=0x0, @ANYBLOB="05000a0000000000"], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4000040)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r5, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000004c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0xfffffff4, '\x00', 0x0, r5, 0x2, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
readlinkat(0xffffffffffffffff, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f00000002c0)=""/204, 0xcc)

135.01449ms ago: executing program 6 (id=8935):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6000, 0x0)

134.25438ms ago: executing program 6 (id=8936):
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d90000000000000000850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d90000000000000000850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0}, @IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x60}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000019070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021740000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000004800038044000080080003400000000238000b80340001800a0001006c696d69740000002400028008000540000000000c00024000000000000000000c0001400000000000000003"], 0xf8}}, 0x0) (async)
sendmsg$NFT_BATCH(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000019070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021740000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000004800038044000080080003400000000238000b80340001800a0001006c696d69740000002400028008000540000000000c00024000000000000000000c0001400000000000000003"], 0xf8}}, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x1, 0x7)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$binfmt_misc(r3, &(0x7f0000000000), 0xfffffecc)
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000e0000007b8a1b0001000000bfa200000000000007020000f8ffffffb70301000d000000b70400000000000085000000820000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000e0000007b8a1b0001000000bfa200000000000007020000f8ffffffb70301000d000000b70400000000000085000000820000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="040000000301000000000000629b827c886eec90a4f04e259e0a77c8b748206406e67b6ec54414ad41ed06904c304426ff0ed555bcee48fd593738000000000000000459db6e89c2a46d040c01608b8e2b043637a6b1440b1af4835b0590182291b5281168914d89e27a957b2500c5f5de69ab584977657c9277e31f6daa6db38c7360751044413495d69c917956e00ab1f9d7ffc8cdd6add4f9318e2578fc93286ea729e88a5a2918bfb14bc8b99e2a9192e8440a99dc7481534d08d45d5d7b12411f11662a9bc23c1c9315e1b645", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x6b, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x6b, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r5}, 0x0, &(0x7f00000002c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
time(0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='rss_stat\x00', r6, 0x0, 0x3}, 0x18)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

59.88977ms ago: executing program 2 (id=8937):
r0 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r0, &(0x7f00000009c0)={&(0x7f0000000240)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x2900, &(0x7f0000000540)=ANY=[@ANYBLOB="3c000000000000000000000007000000441454010000000000000000ac1414bb00000000004414000100000000000000000000000000000000000000000000001c000000000000000000000008000000", @ANYRES8], 0x60}, 0x40c0)

59.21538ms ago: executing program 6 (id=8938):
memfd_secret(0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES32], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r3=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

40.02382ms ago: executing program 6 (id=8939):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r3, 0x0, 0x2e, &(0x7f00000006c0)={0x7, {{0x2, 0x0, @multicast2}}, {{0x14, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r6}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
pipe2(0x0, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000008fd1f22b207494333c59e4c129d1938908ab501409626065399ff6735698855de47669474af75fd2d080018b9e07b1d2bb199994fa908bb9afb01bc6c37f3459abac9a5e6f12cbda5335fa1a2c9609256f629d7a15c404b0b1d5475e42085e6f1580ec812267269e819b8b8920f40034585e4dd7fa94acad1595c3232964b45e549fa25778f5548dd1a2564ae7827b29430bf5b252c95729c71118f9c8ce7d5bd6027bdb3b08db9725d10f207a508d82fd87124038bcd3c8a0234409d12f1af867d3f9", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
r9 = socket$inet(0x2, 0xa, 0x6)
ioctl$sock_inet_SIOCSARP(r9, 0x8955, &(0x7f0000000340)={{0x2, 0x4e22, @local}, {0x306, @broadcast}, 0x6, {0x2, 0x4e22, @local}, 'dummy0\x00'})
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_NODELAY(r10, 0x84, 0x3, &(0x7f0000000280), &(0x7f00000003c0)=0x4)
r11 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, r11)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001c40)="d80000001c0081064e81f782db44b9040a1d08041100000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f0000000280000012", 0x2d}], 0x1}, 0x0)

1.36553ms ago: executing program 2 (id=8940):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
rmdir(0x0)

885.43µs ago: executing program 2 (id=8941):
open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00', r1}, 0x10)
fcntl$setlease(r0, 0x400, 0x300000000000000)

0s ago: executing program 6 (id=8942):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000050c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de8500000004000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x39, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x202, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r2}, 0x2e) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="050000000000000000000000000019a3224500", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000003000000040000000600"/25], 0x50) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 32)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r3}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) (async, rerun: 64)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2405, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0xd) (async, rerun: 64)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a80100", @ANYRES16=r4, @ANYBLOB="cd3c0000000002000000010000005501010043ecf8a07761ddd8bc73e1b93314cdcbb6e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f3f85b218f5522c28d5d0f0a8ebd267922cd3404908f3be657330adc6bf2f2ab6286f91741293554bf4406edcdc8a3779814659bebb63d2c301a5e2568cb3696d7ed256da47bd6246c86e86ac9cfbdae22622b43a13e9ee6285b4cb17bf6d843600000000436462ad3ba28f73bf36e8e358673326e220d60a9d3d7e3de5dc9007e74d9c3c932faf89062b965d0e46c70299054eb52beeff385e442adbb8d87480d40102ca3052f36937e8ba719043139e15f59f8542012ab341847015e04af689ba8e16cbad0255072954cb5074e2501feeb0daafb36e890c32d59f633986f1169dc40726e946312ce24e5982a84821d1962ddc55827c04c3ba75d6b8841373d1cd967b1de568e00a8f2044b700e0d521be047b0d0f00c8b9b5b57871538712292c00000000000000000000000000080002000500000014000500fc01000000000000000000000000000006000b00280000000800040003e0ffff07000c000000000008000400ffffffff"], 0x1a8}, 0x1, 0x0, 0x0, 0x20084880}, 0x1) (async)
syz_genetlink_get_family_id$netlbl_calipso(0x0, 0xffffffffffffffff) (async)
syz_io_uring_complete(0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (rerun: 32)
r5 = syz_io_uring_setup(0x728e, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
syz_io_uring_submit(r6, r7, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x20, 0x0, r8, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1000000000000000190100001000000010"], 0x20}, 0x0, 0xe3d08660d3cd4684}) (async)
io_uring_enter(r5, 0x92, 0x0, 0x0, 0x0, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r9, 0x10e, 0x8, &(0x7f0000000280)=0xfffffffa, 0x4) (async, rerun: 32)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r9, 0x10e, 0x1, &(0x7f00000002c0)=0x19, 0x4) (async, rerun: 32)
write(r9, &(0x7f0000000340)="918bdf48", 0x4)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000465bf367380058b8f23d000000000042703139a753e386c6da8d942cf775a50e52604eb00dbd29ba", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="180500000000000000e200ca3e0000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0e508000000000000000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702c000080000001823", @ANYRES32=r10, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (rerun: 32)

kernel console output (not intermixed with test programs):

y log groups per flexible block group
[  466.814254][T26887] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  466.822878][T26887] EXT4-fs (loop6): mount failed
[  466.981017][T26918] __nla_validate_parse: 19 callbacks suppressed
[  466.981032][T26918] netlink: 276 bytes leftover after parsing attributes in process `syz.0.7995'.
[  467.009111][T26919] FAULT_INJECTION: forcing a failure.
[  467.009111][T26919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  467.022309][T26919] CPU: 0 UID: 0 PID: 26919 Comm: syz.6.7994 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  467.034244][T26919] Tainted: [W]=WARN
[  467.038059][T26919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  467.048125][T26919] Call Trace:
[  467.051552][T26919]  <TASK>
[  467.054502][T26919]  dump_stack_lvl+0xf2/0x150
[  467.059255][T26919]  dump_stack+0x15/0x20
[  467.063469][T26919]  should_fail_ex+0x223/0x230
[  467.068185][T26919]  should_fail+0xb/0x10
[  467.072473][T26919]  should_fail_usercopy+0x1a/0x20
[  467.077703][T26919]  _copy_from_user+0x1e/0xb0
[  467.082395][T26919]  copy_bpf_fprog_from_user+0xda/0x240
[  467.087897][T26919]  sk_setsockopt+0xea8/0x1f80
[  467.092608][T26919]  sock_setsockopt+0x3c/0x50
[  467.097256][T26919]  __sys_setsockopt+0x13d/0x200
[  467.102137][T26919]  __x64_sys_setsockopt+0x66/0x80
[  467.107241][T26919]  x64_sys_call+0x282e/0x2dc0
[  467.111936][T26919]  do_syscall_64+0xc9/0x1c0
[  467.116457][T26919]  ? clear_bhb_loop+0x55/0xb0
[  467.121229][T26919]  ? clear_bhb_loop+0x55/0xb0
[  467.125936][T26919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  467.131863][T26919] RIP: 0033:0x7fd3e4300809
[  467.136366][T26919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  467.156016][T26919] RSP: 002b:00007fd3e2956058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  467.164456][T26919] RAX: ffffffffffffffda RBX: 00007fd3e44c6080 RCX: 00007fd3e4300809
[  467.172437][T26919] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000009
[  467.180441][T26919] RBP: 00007fd3e29560a0 R08: 0000000000000010 R09: 0000000000000000
[  467.188434][T26919] R10: 000000002002eff0 R11: 0000000000000246 R12: 0000000000000001
[  467.196453][T26919] R13: 0000000000000000 R14: 00007fd3e44c6080 R15: 00007ffe2a9a1a28
[  467.204456][T26919]  </TASK>
[  467.536492][T26926] loop7: detected capacity change from 0 to 512
[  467.549854][T26926] EXT4-fs (loop7): too many log groups per flexible block group
[  467.557663][T26926] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  467.565165][T26926] EXT4-fs (loop7): mount failed
[  467.752766][T26951] loop6: detected capacity change from 0 to 512
[  467.771736][T26955] loop7: detected capacity change from 0 to 512
[  467.778264][T26951] EXT4-fs (loop6): too many log groups per flexible block group
[  467.786065][T26951] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  467.792931][T26951] EXT4-fs (loop6): mount failed
[  467.806153][T26955] EXT4-fs error (device loop7): ext4_orphan_get:1389: inode #15: comm syz.7.8010: casefold flag without casefold feature
[  467.821383][T26955] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.8010: couldn't read orphan inode 15 (err -117)
[  467.834976][T26955] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  467.882641][T25756] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.368954][T27018] loop7: detected capacity change from 0 to 128
[  468.383377][T27016] loop9: detected capacity change from 0 to 512
[  468.393779][T27016] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  468.409661][T27018] loop7: detected capacity change from 0 to 1024
[  468.422353][T27016] EXT4-fs (loop9): 1 truncate cleaned up
[  468.428544][T27016] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  468.446398][T27018] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  468.481186][T27018] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  468.497227][T27018] EXT4-fs (loop7): orphan cleanup on readonly fs
[  468.504992][T27018] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  468.527268][T27018] EXT4-fs (loop7): Remounting filesystem read-only
[  468.529880][T24308] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.540634][T27018] EXT4-fs (loop7): 1 orphan inode deleted
[  468.551505][T27018] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  468.563500][T27018] SELinux: (dev loop7, type ext4) getxattr errno 5
[  468.570466][T27018] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.694664][T27036] loop8: detected capacity change from 0 to 512
[  468.727117][T27036] EXT4-fs (loop8): too many log groups per flexible block group
[  468.734952][T27036] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  468.763521][T27036] EXT4-fs (loop8): mount failed
[  468.779430][T27049] loop9: detected capacity change from 0 to 512
[  468.805432][T27049] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  468.819118][T27049] EXT4-fs (loop9): 1 truncate cleaned up
[  468.825249][T27049] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  468.836386][T27057] loop7: detected capacity change from 0 to 128
[  468.866707][T24308] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.902243][T27057] loop7: detected capacity change from 0 to 1024
[  468.915442][T27057] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  468.930682][T27057] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  468.939502][T27057] EXT4-fs (loop7): orphan cleanup on readonly fs
[  468.944753][T27061] netlink: 132 bytes leftover after parsing attributes in process `syz.8.8055'.
[  468.951062][T27057] EXT4-fs error (device loop7) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  468.965151][T27057] EXT4-fs (loop7): Remounting filesystem read-only
[  468.973008][T27057] EXT4-fs (loop7): 1 orphan inode deleted
[  468.977185][T27061] netlink: 'syz.8.8055': attribute type 10 has an invalid length.
[  468.988175][T27057] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  469.018945][T27057] SELinux: (dev loop7, type ext4) getxattr errno 5
[  469.032698][T27057] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.181080][T27080] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8061'.
[  469.190138][T27080] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8061'.
[  469.206960][T27079] loop8: detected capacity change from 0 to 512
[  469.218613][T27079] EXT4-fs (loop8): too many log groups per flexible block group
[  469.227032][T27079] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  469.244993][T27079] EXT4-fs (loop8): mount failed
[  469.358410][T27100] loop8: detected capacity change from 0 to 128
[  469.377103][T27100] loop8: detected capacity change from 0 to 1024
[  469.384204][T27100] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  469.400593][T27100] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  469.409137][T27100] EXT4-fs (loop8): orphan cleanup on readonly fs
[  469.416035][T27100] EXT4-fs error (device loop8) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  469.425788][T27100] EXT4-fs (loop8): Remounting filesystem read-only
[  469.432503][T27100] EXT4-fs (loop8): 1 orphan inode deleted
[  469.439249][T27100] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  469.452322][ T3397] usb usb8-port2: attempt power cycle
[  469.458006][T27100] SELinux: (dev loop8, type ext4) getxattr errno 5
[  469.465060][T27100] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.530958][T27109] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8075'.
[  469.540058][T27109] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8075'.
[  469.668624][T27126] netlink: 132 bytes leftover after parsing attributes in process `syz.6.8082'.
[  469.686095][T27126] netlink: 'syz.6.8082': attribute type 10 has an invalid length.
[  469.751268][T27134] loop6: detected capacity change from 0 to 512
[  469.774426][T27136] loop9: detected capacity change from 0 to 128
[  469.785779][T27134] EXT4-fs (loop6): too many log groups per flexible block group
[  469.793591][T27134] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  469.806362][T27136] loop9: detected capacity change from 0 to 1024
[  469.813141][T27134] EXT4-fs (loop6): mount failed
[  469.820478][T27136] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  469.833588][T27136] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  469.861676][T27136] EXT4-fs (loop9): orphan cleanup on readonly fs
[  469.871299][T27136] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  469.893712][T27136] EXT4-fs (loop9): Remounting filesystem read-only
[  469.900921][T27136] EXT4-fs (loop9): 1 orphan inode deleted
[  469.907385][T27136] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  469.919887][T27136] SELinux: (dev loop9, type ext4) getxattr errno 5
[  469.927026][T27136] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  470.072694][T27158] loop9: detected capacity change from 0 to 2048
[  470.080813][T27161] loop8: detected capacity change from 0 to 128
[  470.109617][T27158] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  470.127836][T27167] loop7: detected capacity change from 0 to 512
[  470.148424][T27158] lo speed is unknown, defaulting to 1000
[  470.164296][T27167] EXT4-fs error (device loop7): ext4_orphan_get:1389: inode #15: comm syz.7.8099: casefold flag without casefold feature
[  470.194744][T27167] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.8099: couldn't read orphan inode 15 (err -117)
[  470.223907][T27167] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  470.335564][T27177] loop7: detected capacity change from 0 to 512
[  470.343860][T27177] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  470.366142][T27177] EXT4-fs (loop7): 1 truncate cleaned up
[  470.592705][T27186] loop7: detected capacity change from 0 to 256
[  470.599963][T27186] vfat: Unknown parameter 'keyring'
[  470.963961][T27196] loop8: detected capacity change from 0 to 512
[  470.977795][T27193] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8108'.
[  470.982411][T27196] EXT4-fs (loop8): too many log groups per flexible block group
[  470.986838][T27193] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8108'.
[  471.004409][T27196] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  471.011236][T27196] EXT4-fs (loop8): mount failed
[  471.074802][T27207] loop8: detected capacity change from 0 to 512
[  471.082887][T27207] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  471.118022][T27207] EXT4-fs (loop8): 1 truncate cleaned up
[  471.296490][T27226] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8121'.
[  471.335313][T27231] loop9: detected capacity change from 0 to 2048
[  471.376104][T27231] lo speed is unknown, defaulting to 1000
[  471.417997][ T3397] usb usb8-port2: unable to enumerate USB device
[  471.493850][   T29] kauditd_printk_skb: 1146 callbacks suppressed
[  471.493868][   T29] audit: type=1326 audit(1732706780.393:94990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27241 comm="syz.0.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  471.525942][   T29] audit: type=1326 audit(1732706780.412:94991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27241 comm="syz.0.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  471.549580][   T29] audit: type=1326 audit(1732706780.412:94992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27241 comm="syz.0.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  471.573220][   T29] audit: type=1326 audit(1732706780.412:94993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27241 comm="syz.0.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  471.596905][   T29] audit: type=1326 audit(1732706780.412:94994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27241 comm="syz.0.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  471.620520][   T29] audit: type=1326 audit(1732706780.412:94995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27241 comm="syz.0.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  471.644032][   T29] audit: type=1326 audit(1732706780.421:94996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27241 comm="syz.0.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  471.667729][   T29] audit: type=1326 audit(1732706780.421:94997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27241 comm="syz.0.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  471.691372][   T29] audit: type=1326 audit(1732706780.421:94998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27241 comm="syz.0.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  471.714984][   T29] audit: type=1326 audit(1732706780.421:94999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27241 comm="syz.0.8127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  471.872945][T27267] loop9: detected capacity change from 0 to 512
[  471.904109][T27267] EXT4-fs (loop9): too many log groups per flexible block group
[  471.911863][T27267] EXT4-fs (loop9): failed to initialize mballoc (-12)
[  471.922574][T27267] EXT4-fs (loop9): mount failed
[  471.991866][T27283] loop6: detected capacity change from 0 to 2048
[  472.044971][T27283] lo speed is unknown, defaulting to 1000
[  472.143700][T27294] loop9: detected capacity change from 0 to 256
[  472.336072][T27302] loop7: detected capacity change from 0 to 512
[  472.345156][T27302] EXT4-fs error (device loop7): ext4_orphan_get:1389: inode #15: comm syz.7.8150: casefold flag without casefold feature
[  472.358120][T27302] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.8150: couldn't read orphan inode 15 (err -117)
[  472.525448][T27325] loop0: detected capacity change from 0 to 128
[  472.540067][T27325] loop0: detected capacity change from 0 to 1024
[  472.547258][T27325] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  472.558477][T27325] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  472.567152][T27325] EXT4-fs (loop0): orphan cleanup on readonly fs
[  472.574239][T27325] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  472.584267][T27325] EXT4-fs (loop0): Remounting filesystem read-only
[  472.591048][T27325] EXT4-fs (loop0): 1 orphan inode deleted
[  472.598693][T27325] SELinux: (dev loop0, type ext4) getxattr errno 5
[  472.720856][T27336] loop0: detected capacity change from 0 to 128
[  472.741146][T27336] loop0: detected capacity change from 0 to 1024
[  472.748269][T27336] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  472.762375][T27336] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  472.770869][T27336] EXT4-fs (loop0): orphan cleanup on readonly fs
[  472.778246][T27336] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  472.788927][T27336] EXT4-fs (loop0): Remounting filesystem read-only
[  472.795914][T27336] EXT4-fs (loop0): 1 orphan inode deleted
[  472.809868][T27336] SELinux: (dev loop0, type ext4) getxattr errno 5
[  472.929210][T27358] __nla_validate_parse: 3 callbacks suppressed
[  472.929240][T27358] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8176'.
[  472.972359][T27368] loop6: detected capacity change from 0 to 512
[  472.992352][T27368] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #15: comm syz.6.8180: casefold flag without casefold feature
[  473.006573][T27368] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.8180: couldn't read orphan inode 15 (err -117)
[  473.169473][T27385] loop0: detected capacity change from 0 to 512
[  473.182840][T27385] EXT4-fs (loop0): too many log groups per flexible block group
[  473.190549][T27385] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  473.197922][T27385] EXT4-fs (loop0): mount failed
[  473.359711][T27403] netlink: 'syz.0.8196': attribute type 10 has an invalid length.
[  473.534746][T27423] netlink: 'syz.9.8206': attribute type 10 has an invalid length.
[  473.572159][T27429] loop0: detected capacity change from 0 to 512
[  473.579436][T27429] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  473.591221][T27431] loop9: detected capacity change from 0 to 128
[  473.604440][T27431] loop9: detected capacity change from 0 to 1024
[  473.611736][T27431] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  473.624192][T27431] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  473.625213][T27429] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  473.632550][T27431] EXT4-fs (loop9): orphan cleanup on readonly fs
[  473.643614][T27429] FAULT_INJECTION: forcing a failure.
[  473.643614][T27429] name failslab, interval 1, probability 0, space 0, times 0
[  473.649585][T27431] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  473.661726][T27429] CPU: 1 UID: 0 PID: 27429 Comm: syz.0.8208 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  473.661767][T27429] Tainted: [W]=WARN
[  473.661775][T27429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  473.661789][T27429] Call Trace:
[  473.661797][T27429]  <TASK>
[  473.661806][T27429]  dump_stack_lvl+0xf2/0x150
[  473.661855][T27429]  dump_stack+0x15/0x20
[  473.661877][T27429]  should_fail_ex+0x223/0x230
[  473.661917][T27429]  should_failslab+0x8f/0xb0
[  473.661944][T27429]  __kmalloc_noprof+0xab/0x3f0
[  473.661977][T27429]  ? ext4_find_extent+0x172/0x7c0
[  473.662089][T27429]  ext4_find_extent+0x172/0x7c0
[  473.662126][T27429]  ? xa_load+0xb9/0xe0
[  473.662152][T27429]  ext4_ext_map_blocks+0x11f/0x35c0
[  473.662185][T27429]  ? memcg_list_lru_alloc+0xce/0x4e0
[  473.662239][T27429]  ? xas_load+0x3ae/0x3d0
[  473.662264][T27429]  ? xas_load+0x3ae/0x3d0
[  473.662289][T27429]  ? down_read+0x171/0x4b0
[  473.662324][T27429]  ext4_map_query_blocks+0x71/0x180
[  473.674864][T27431] EXT4-fs (loop9): Remounting filesystem read-only
[  473.683569][T27429]  ext4_map_blocks+0x23c/0xd20
[  473.690014][T27431] EXT4-fs (loop9): 1 orphan inode deleted
[  473.698161][T27429]  ? __rcu_read_unlock+0x4e/0x70
[  473.698193][T27429]  ? avc_has_perm_noaudit+0x1cc/0x210
[  473.703563][T27431] SELinux: (dev loop9, type ext4) getxattr errno 5
[  473.704433][T27429]  ? avc_has_perm_noaudit+0x1cc/0x210
[  473.809135][T27429]  ext4_getblk+0x11f/0x530
[  473.813694][T27429]  ext4_bread_batch+0x5b/0x360
[  473.818484][T27429]  __ext4_find_entry+0xa1d/0x1090
[  473.823527][T27429]  ? mod_objcg_state+0x2ea/0x4f0
[  473.828566][T27429]  ? kmem_cache_alloc_lru_noprof+0x230/0x320
[  473.834565][T27429]  ? __d_alloc+0x3d/0x340
[  473.839057][T27429]  ? d_set_d_op+0xa0/0x1f0
[  473.843564][T27429]  ext4_lookup+0xba/0x390
[  473.847917][T27429]  lookup_one_qstr_excl+0xc7/0x1a0
[  473.853099][T27429]  do_renameat2+0x432/0xa70
[  473.857676][T27429]  __x64_sys_rename+0x58/0x70
[  473.862367][T27429]  x64_sys_call+0x2b1c/0x2dc0
[  473.867061][T27429]  do_syscall_64+0xc9/0x1c0
[  473.871682][T27429]  ? clear_bhb_loop+0x55/0xb0
[  473.876471][T27429]  ? clear_bhb_loop+0x55/0xb0
[  473.881245][T27429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.887175][T27429] RIP: 0033:0x7f942f850809
[  473.891666][T27429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.911288][T27429] RSP: 002b:00007f942dec7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  473.919750][T27429] RAX: ffffffffffffffda RBX: 00007f942fa15fa0 RCX: 00007f942f850809
[  473.927819][T27429] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000020000000
[  473.935804][T27429] RBP: 00007f942dec70a0 R08: 0000000000000000 R09: 0000000000000000
[  473.943884][T27429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.951998][T27429] R13: 0000000000000000 R14: 00007f942fa15fa0 R15: 00007ffc15c0b5d8
[  473.960024][T27429]  </TASK>
[  474.164393][T27466] loop6: detected capacity change from 0 to 128
[  474.179525][T27466] loop6: detected capacity change from 0 to 1024
[  474.186676][T27466] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  474.210066][T27466] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  474.218458][T27466] EXT4-fs (loop6): orphan cleanup on readonly fs
[  474.225373][T27466] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  474.235240][T27466] EXT4-fs (loop6): Remounting filesystem read-only
[  474.245803][T27466] EXT4-fs (loop6): 1 orphan inode deleted
[  474.254519][T27466] SELinux: (dev loop6, type ext4) getxattr errno 5
[  474.256204][T27472] loop0: detected capacity change from 0 to 256
[  474.267614][T27472] vfat: Unknown parameter 'keyring'
[  474.307724][T27476] loop8: detected capacity change from 0 to 512
[  474.327605][T27476] EXT4-fs (loop8): too many log groups per flexible block group
[  474.335318][T27476] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  474.355352][T27476] EXT4-fs (loop8): mount failed
[  474.398090][T27488] loop6: detected capacity change from 0 to 512
[  474.439399][T27488] EXT4-fs (loop6): too many log groups per flexible block group
[  474.447170][T27488] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  474.471913][T27488] EXT4-fs (loop6): mount failed
[  474.503375][T27507] netlink: 'syz.7.8243': attribute type 10 has an invalid length.
[  474.569984][T27520] loop8: detected capacity change from 0 to 512
[  474.578841][T27520] EXT4-fs error (device loop8): ext4_orphan_get:1389: inode #15: comm syz.8.8249: casefold flag without casefold feature
[  474.595146][T27520] EXT4-fs error (device loop8): ext4_orphan_get:1394: comm syz.8.8249: couldn't read orphan inode 15 (err -117)
[  474.646585][T27518] usb usb4: usbfs: process 27518 (syz.7.8248) did not claim interface 0 before use
[  474.681527][T27536] loop7: detected capacity change from 0 to 512
[  474.701126][T27541] loop8: detected capacity change from 0 to 128
[  474.711877][T27536] EXT4-fs (loop7): too many log groups per flexible block group
[  474.719585][T27536] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  474.726784][T27536] EXT4-fs (loop7): mount failed
[  474.753491][T27549] FAULT_INJECTION: forcing a failure.
[  474.753491][T27549] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  474.766647][T27549] CPU: 1 UID: 0 PID: 27549 Comm: syz.7.8261 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  474.778582][T27549] Tainted: [W]=WARN
[  474.782481][T27549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  474.792615][T27549] Call Trace:
[  474.795946][T27549]  <TASK>
[  474.798991][T27549]  dump_stack_lvl+0xf2/0x150
[  474.803681][T27549]  dump_stack+0x15/0x20
[  474.807847][T27549]  should_fail_ex+0x223/0x230
[  474.812820][T27549]  should_fail+0xb/0x10
[  474.816994][T27549]  should_fail_usercopy+0x1a/0x20
[  474.822101][T27549]  _copy_from_user+0x1e/0xb0
[  474.826717][T27549]  sctp_setsockopt+0xbe/0xea0
[  474.831423][T27549]  sock_common_setsockopt+0x64/0x80
[  474.836645][T27549]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  474.842558][T27549]  __sys_setsockopt+0x187/0x200
[  474.847463][T27549]  __x64_sys_setsockopt+0x66/0x80
[  474.852559][T27549]  x64_sys_call+0x282e/0x2dc0
[  474.857254][T27549]  do_syscall_64+0xc9/0x1c0
[  474.861789][T27549]  ? clear_bhb_loop+0x55/0xb0
[  474.866535][T27549]  ? clear_bhb_loop+0x55/0xb0
[  474.871232][T27549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.877155][T27549] RIP: 0033:0x7fe438050809
[  474.881641][T27549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  474.901261][T27549] RSP: 002b:00007fe4366c7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  474.909711][T27549] RAX: ffffffffffffffda RBX: 00007fe438215fa0 RCX: 00007fe438050809
[  474.917691][T27549] RDX: 0000000000000072 RSI: 0000000000000084 RDI: 0000000000000003
[  474.925672][T27549] RBP: 00007fe4366c70a0 R08: 000000000000000c R09: 0000000000000000
[  474.933686][T27549] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  474.941720][T27549] R13: 0000000000000000 R14: 00007fe438215fa0 R15: 00007ffddd2649d8
[  474.949714][T27549]  </TASK>
[  475.036465][T27559] loop6: detected capacity change from 0 to 2048
[  475.099943][T27559] lo speed is unknown, defaulting to 1000
[  475.255271][T27590] loop9: detected capacity change from 0 to 512
[  475.278010][T27590] EXT4-fs (loop9): too many log groups per flexible block group
[  475.285715][T27590] EXT4-fs (loop9): failed to initialize mballoc (-12)
[  475.292726][T27590] EXT4-fs (loop9): mount failed
[  475.402738][T27601] loop9: detected capacity change from 0 to 512
[  475.410649][T27601] EXT4-fs error (device loop9): ext4_orphan_get:1389: inode #15: comm syz.9.8282: casefold flag without casefold feature
[  475.425099][T27601] EXT4-fs error (device loop9): ext4_orphan_get:1394: comm syz.9.8282: couldn't read orphan inode 15 (err -117)
[  475.627897][T27626] loop8: detected capacity change from 0 to 512
[  475.636847][T27626] EXT4-fs error (device loop8): ext4_orphan_get:1389: inode #15: comm syz.8.8294: casefold flag without casefold feature
[  475.655454][T27626] EXT4-fs error (device loop8): ext4_orphan_get:1394: comm syz.8.8294: couldn't read orphan inode 15 (err -117)
[  475.781587][T27644] loop8: detected capacity change from 0 to 128
[  475.820781][T27652] loop6: detected capacity change from 0 to 128
[  475.833137][T27652] loop6: detected capacity change from 0 to 1024
[  475.840175][T27652] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  475.851222][T27652] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  475.859319][T27652] EXT4-fs (loop6): orphan cleanup on readonly fs
[  475.866644][T27652] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5837: Corrupt filesystem
[  475.878219][T27652] EXT4-fs (loop6): Remounting filesystem read-only
[  475.885056][T27652] EXT4-fs (loop6): 1 orphan inode deleted
[  475.894760][T27652] SELinux: (dev loop6, type ext4) getxattr errno 5
[  475.973960][T27666] loop7: detected capacity change from 0 to 512
[  475.985139][T27666] EXT4-fs (loop7): too many log groups per flexible block group
[  475.992865][T27666] EXT4-fs (loop7): failed to initialize mballoc (-12)
[  476.000608][T27666] EXT4-fs (loop7): mount failed
[  476.105844][T27680] loop6: detected capacity change from 0 to 512
[  476.112899][T27680] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  476.146278][T27680] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  476.159487][T27680] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  476.174969][T27684] FAULT_INJECTION: forcing a failure.
[  476.174969][T27684] name failslab, interval 1, probability 0, space 0, times 0
[  476.187656][T27684] CPU: 1 UID: 0 PID: 27684 Comm: syz.0.8318 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  476.199591][T27684] Tainted: [W]=WARN
[  476.203397][T27684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  476.213462][T27684] Call Trace:
[  476.216747][T27684]  <TASK>
[  476.219713][T27684]  dump_stack_lvl+0xf2/0x150
[  476.224320][T27684]  dump_stack+0x15/0x20
[  476.228503][T27684]  should_fail_ex+0x223/0x230
[  476.233379][T27684]  should_failslab+0x8f/0xb0
[  476.238056][T27684]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  476.244427][T27684]  ? sidtab_sid2str_get+0xb8/0x140
[  476.249636][T27684]  kmemdup_noprof+0x2a/0x60
[  476.254217][T27684]  sidtab_sid2str_get+0xb8/0x140
[  476.259228][T27684]  security_sid_to_context_core+0x1eb/0x2f0
[  476.265163][T27684]  security_sid_to_context+0x27/0x30
[  476.270490][T27684]  selinux_lsmprop_to_secctx+0x2c/0x40
[  476.276178][T27684]  security_lsmprop_to_secctx+0x4a/0x90
[  476.281824][T27684]  audit_log_task_context+0x93/0x1c0
[  476.287215][T27684]  audit_log_task+0xf9/0x1c0
[  476.291873][T27684]  audit_seccomp+0x68/0x130
[  476.296396][T27684]  __seccomp_filter+0x6fa/0x1180
[  476.301405][T27684]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  476.307168][T27684]  ? vfs_write+0x596/0x920
[  476.311606][T27684]  ? putname+0xcf/0xf0
[  476.315749][T27684]  __secure_computing+0x9f/0x1c0
[  476.320717][T27684]  syscall_trace_enter+0xd1/0x1f0
[  476.325778][T27684]  ? fpregs_assert_state_consistent+0x83/0xa0
[  476.332036][T27684]  do_syscall_64+0xaa/0x1c0
[  476.336548][T27684]  ? clear_bhb_loop+0x55/0xb0
[  476.341277][T27684]  ? clear_bhb_loop+0x55/0xb0
[  476.346041][T27684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.352083][T27684] RIP: 0033:0x7f942f850809
[  476.356563][T27684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  476.376201][T27684] RSP: 002b:00007f942dec7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  476.384661][T27684] RAX: ffffffffffffffda RBX: 00007f942fa15fa0 RCX: 00007f942f850809
[  476.392689][T27684] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 00000000200000c0
[  476.400670][T27684] RBP: 00007f942dec70a0 R08: 0000000000000000 R09: 0000000000000000
[  476.408648][T27684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  476.416691][T27684] R13: 0000000000000000 R14: 00007f942fa15fa0 R15: 00007ffc15c0b5d8
[  476.424722][T27684]  </TASK>
[  476.546323][T27698] loop6: detected capacity change from 0 to 512
[  476.560735][T27698] EXT4-fs (loop6): too many log groups per flexible block group
[  476.568523][T27698] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  476.575429][T27698] EXT4-fs (loop6): mount failed
[  476.780878][T27719] netlink: 'syz.8.8334': attribute type 10 has an invalid length.
[  476.844742][T27727] loop6: detected capacity change from 0 to 128
[  476.856106][   T29] kauditd_printk_skb: 1589 callbacks suppressed
[  476.856120][   T29] audit: type=1326 audit(1732706785.407:96568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27724 comm="syz.8.8337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe8cf4777a7 code=0x7ffc0000
[  476.886692][   T29] audit: type=1326 audit(1732706785.435:96569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27724 comm="syz.8.8337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe8cf41c149 code=0x7ffc0000
[  476.910352][   T29] audit: type=1326 audit(1732706785.435:96570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27724 comm="syz.8.8337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe8cf4777a7 code=0x7ffc0000
[  476.933999][   T29] audit: type=1326 audit(1732706785.435:96571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27724 comm="syz.8.8337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe8cf41c149 code=0x7ffc0000
[  476.957597][   T29] audit: type=1326 audit(1732706785.435:96572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27724 comm="syz.8.8337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fe8cf480809 code=0x7ffc0000
[  476.981342][   T29] audit: type=1326 audit(1732706785.519:96573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27724 comm="syz.8.8337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe8cf4777a7 code=0x7ffc0000
[  477.004927][   T29] audit: type=1326 audit(1732706785.519:96574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27724 comm="syz.8.8337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe8cf41c149 code=0x7ffc0000
[  477.028589][   T29] audit: type=1326 audit(1732706785.519:96575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27724 comm="syz.8.8337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fe8cf480809 code=0x7ffc0000
[  477.052405][   T29] audit: type=1326 audit(1732706785.519:96576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27724 comm="syz.8.8337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe8cf4777a7 code=0x7ffc0000
[  477.076089][   T29] audit: type=1326 audit(1732706785.519:96577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27724 comm="syz.8.8337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe8cf41c149 code=0x7ffc0000
[  477.146603][T27734] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8341'.
[  477.156370][T27734] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8341'.
[  477.210778][T27746] loop9: detected capacity change from 0 to 512
[  477.221095][T27750] netlink: 'syz.6.8346': attribute type 10 has an invalid length.
[  477.237130][T27746] EXT4-fs (loop9): too many log groups per flexible block group
[  477.244928][T27746] EXT4-fs (loop9): failed to initialize mballoc (-12)
[  477.251846][T27746] EXT4-fs (loop9): mount failed
[  477.369074][T27766] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8355'.
[  477.378122][T27766] netlink: 28 bytes leftover after parsing attributes in process `syz.7.8355'.
[  477.460403][T27780] netlink: 'syz.7.8360': attribute type 10 has an invalid length.
[  477.697312][T27816] netlink: 'syz.9.8379': attribute type 10 has an invalid length.
[  477.988078][T27855] FAULT_INJECTION: forcing a failure.
[  477.988078][T27855] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  478.001282][T27855] CPU: 1 UID: 0 PID: 27855 Comm: syz.9.8398 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  478.013346][T27855] Tainted: [W]=WARN
[  478.017153][T27855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  478.027357][T27855] Call Trace:
[  478.030639][T27855]  <TASK>
[  478.033614][T27855]  dump_stack_lvl+0xf2/0x150
[  478.038223][T27855]  dump_stack+0x15/0x20
[  478.042464][T27855]  should_fail_ex+0x223/0x230
[  478.047165][T27855]  should_fail+0xb/0x10
[  478.051338][T27855]  should_fail_usercopy+0x1a/0x20
[  478.056387][T27855]  _copy_from_user+0x1e/0xb0
[  478.061002][T27855]  memdup_user+0x64/0xc0
[  478.065307][T27855]  strndup_user+0x68/0xa0
[  478.069835][T27855]  __se_sys_mount+0x4e/0x2d0
[  478.074450][T27855]  ? fput+0x1c4/0x200
[  478.078496][T27855]  ? ksys_write+0x176/0x1b0
[  478.083089][T27855]  __x64_sys_mount+0x67/0x80
[  478.087907][T27855]  x64_sys_call+0x2c84/0x2dc0
[  478.092676][T27855]  do_syscall_64+0xc9/0x1c0
[  478.097482][T27855]  ? clear_bhb_loop+0x55/0xb0
[  478.102247][T27855]  ? clear_bhb_loop+0x55/0xb0
[  478.106938][T27855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  478.112923][T27855] RIP: 0033:0x7f1c17010809
[  478.117417][T27855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  478.137064][T27855] RSP: 002b:00007f1c15687058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  478.145536][T27855] RAX: ffffffffffffffda RBX: 00007f1c171d5fa0 RCX: 00007f1c17010809
[  478.153522][T27855] RDX: 0000000020000100 RSI: 0000000020000500 RDI: 0000000000000000
[  478.161502][T27855] RBP: 00007f1c156870a0 R08: 0000000020000540 R09: 0000000000000000
[  478.169487][T27855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  478.177469][T27855] R13: 0000000000000000 R14: 00007f1c171d5fa0 R15: 00007ffe9c0e7d68
[  478.185454][T27855]  </TASK>
[  478.268092][T27875] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8406'.
[  478.281817][T27871] 9pnet_fd: Insufficient options for proto=fd
[  478.289647][T27875] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  478.297574][T27875] batman_adv: batadv0: Removing interface: batadv_slave_0
[  478.310018][T27877] loop0: detected capacity change from 0 to 512
[  478.329788][T27875] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  478.335442][T27877] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.8408: casefold flag without casefold feature
[  478.338303][T27875] batman_adv: batadv0: Removing interface: batadv_slave_1
[  478.352100][T27877] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.8408: couldn't read orphan inode 15 (err -117)
[  478.360465][T27881] loop8: detected capacity change from 0 to 512
[  478.382884][T27881] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  478.392056][T27881] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  478.405126][T27881] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  478.413624][T27881] System zones: 0-2, 18-18, 34-34
[  478.418898][T27881] EXT4-fs (loop8): orphan cleanup on readonly fs
[  478.440114][T27881] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  478.456290][T27881] EXT4-fs (loop8): 1 truncate cleaned up
[  478.472701][T27888] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8411'.
[  478.481806][T27888] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8411'.
[  478.502363][T27881] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  478.589707][T27906] loop9: detected capacity change from 0 to 512
[  478.618810][T27906] EXT4-fs (loop9): too many log groups per flexible block group
[  478.626590][T27906] EXT4-fs (loop9): failed to initialize mballoc (-12)
[  478.670123][T27906] EXT4-fs (loop9): mount failed
[  478.673112][T27916] loop0: detected capacity change from 0 to 512
[  478.685041][T27916] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  478.718010][T27916] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  478.735445][T27916] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  478.736731][T27921] netlink: 28 bytes leftover after parsing attributes in process `syz.8.8425'.
[  478.758977][T27921] netlink: 28 bytes leftover after parsing attributes in process `syz.8.8425'.
[  478.844272][T27936] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8430'.
[  478.959726][T27955] loop7: detected capacity change from 0 to 512
[  478.969333][T27955] EXT4-fs error (device loop7): ext4_orphan_get:1389: inode #15: comm syz.7.8438: casefold flag without casefold feature
[  478.988729][T27955] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.8438: couldn't read orphan inode 15 (err -117)
[  479.047849][T27969] FAULT_INJECTION: forcing a failure.
[  479.047849][T27969] name failslab, interval 1, probability 0, space 0, times 0
[  479.060569][T27969] CPU: 0 UID: 0 PID: 27969 Comm: syz.7.8441 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  479.072609][T27969] Tainted: [W]=WARN
[  479.076432][T27969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  479.086534][T27969] Call Trace:
[  479.089851][T27969]  <TASK>
[  479.092792][T27969]  dump_stack_lvl+0xf2/0x150
[  479.097453][T27969]  dump_stack+0x15/0x20
[  479.101681][T27969]  should_fail_ex+0x223/0x230
[  479.106457][T27969]  should_failslab+0x8f/0xb0
[  479.111061][T27969]  kmem_cache_alloc_node_noprof+0x59/0x320
[  479.116887][T27969]  ? __alloc_skb+0x10b/0x310
[  479.121501][T27969]  __alloc_skb+0x10b/0x310
[  479.126018][T27969]  ? audit_log_start+0x34c/0x6b0
[  479.131193][T27969]  audit_log_start+0x368/0x6b0
[  479.136070][T27969]  audit_seccomp+0x4b/0x130
[  479.140592][T27969]  __seccomp_filter+0x6fa/0x1180
[  479.145588][T27969]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  479.151321][T27969]  ? vfs_write+0x596/0x920
[  479.155760][T27969]  ? __schedule+0x6fa/0x930
[  479.160508][T27969]  __secure_computing+0x9f/0x1c0
[  479.165477][T27969]  syscall_trace_enter+0xd1/0x1f0
[  479.170531][T27969]  do_syscall_64+0xaa/0x1c0
[  479.175053][T27969]  ? clear_bhb_loop+0x55/0xb0
[  479.179749][T27969]  ? clear_bhb_loop+0x55/0xb0
[  479.184456][T27969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.190454][T27969] RIP: 0033:0x7fe438050809
[  479.194938][T27969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.214745][T27969] RSP: 002b:00007fe4366c7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000066
[  479.223175][T27969] RAX: ffffffffffffffda RBX: 00007fe438215fa0 RCX: 00007fe438050809
[  479.231153][T27969] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  479.239131][T27969] RBP: 00007fe4366c70a0 R08: 0000000000000000 R09: 0000000000000000
[  479.247119][T27969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  479.255095][T27969] R13: 0000000000000000 R14: 00007fe438215fa0 R15: 00007ffddd2649d8
[  479.263082][T27969]  </TASK>
[  479.432651][T27988] loop8: detected capacity change from 0 to 512
[  479.448223][T27988] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  479.461911][ T3397] kernel write not supported for file /snd/seq (pid: 3397 comm: kworker/0:4)
[  479.504760][T27998] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8453'.
[  479.513930][T27998] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8453'.
[  479.524194][T28007] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8454'.
[  479.676852][T28029] loop7: detected capacity change from 0 to 128
[  479.688923][T28029] EXT4-fs: Ignoring removed nobh option
[  479.740070][T28029] ext4 filesystem being mounted at /142/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  479.761646][T28029] FAULT_INJECTION: forcing a failure.
[  479.761646][T28029] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  479.774806][T28029] CPU: 0 UID: 0 PID: 28029 Comm: syz.7.8465 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  479.786736][T28029] Tainted: [W]=WARN
[  479.790549][T28029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  479.800629][T28029] Call Trace:
[  479.803993][T28029]  <TASK>
[  479.807000][T28029]  dump_stack_lvl+0xf2/0x150
[  479.811620][T28029]  dump_stack+0x15/0x20
[  479.815858][T28029]  should_fail_ex+0x223/0x230
[  479.820560][T28029]  should_fail+0xb/0x10
[  479.824827][T28029]  should_fail_usercopy+0x1a/0x20
[  479.829879][T28029]  _copy_from_user+0x1e/0xb0
[  479.834600][T28029]  copy_msghdr_from_user+0x54/0x2a0
[  479.839944][T28029]  ? __fget_files+0x17c/0x1c0
[  479.844646][T28029]  __sys_sendmmsg+0x1e8/0x4b0
[  479.849358][T28029]  __x64_sys_sendmmsg+0x57/0x70
[  479.854233][T28029]  x64_sys_call+0x29aa/0x2dc0
[  479.858931][T28029]  do_syscall_64+0xc9/0x1c0
[  479.863448][T28029]  ? clear_bhb_loop+0x55/0xb0
[  479.868147][T28029]  ? clear_bhb_loop+0x55/0xb0
[  479.873002][T28029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.878919][T28029] RIP: 0033:0x7fe438050809
[  479.883362][T28029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  479.903503][T28029] RSP: 002b:00007fe4366c7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  479.911980][T28029] RAX: ffffffffffffffda RBX: 00007fe438215fa0 RCX: 00007fe438050809
[  479.919967][T28029] RDX: 0400000000000181 RSI: 00000000200030c0 RDI: 0000000000000007
[  479.928017][T28029] RBP: 00007fe4366c70a0 R08: 0000000000000000 R09: 0000000000000000
[  479.935991][T28029] R10: 9200000000000000 R11: 0000000000000246 R12: 0000000000000001
[  479.944059][T28029] R13: 0000000000000000 R14: 00007fe438215fa0 R15: 00007ffddd2649d8
[  479.952219][T28029]  </TASK>
[  479.967849][T28042] loop8: detected capacity change from 0 to 128
[  479.977960][T28042] EXT4-fs: Ignoring removed nobh option
[  479.985896][T28044] loop0: detected capacity change from 0 to 128
[  479.992758][T28044] EXT4-fs: Ignoring removed nobh option
[  480.003258][T28040] loop6: detected capacity change from 0 to 512
[  480.015193][T28044] ext4 filesystem being mounted at /218/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  480.019772][T28042] ext4 filesystem being mounted at /224/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  480.037020][T28040] EXT4-fs (loop6): too many log groups per flexible block group
[  480.044748][T28040] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  480.052498][T28040] EXT4-fs (loop6): mount failed
[  480.295052][T28064] tmpfs: Bad value for 'mpol'
[  480.327013][T28064] lo speed is unknown, defaulting to 1000
[  480.892506][T28080] netlink: 'syz.8.8484': attribute type 10 has an invalid length.
[  480.935543][T28084] loop0: detected capacity change from 0 to 512
[  480.965271][T28084] EXT4-fs (loop0): too many log groups per flexible block group
[  480.972980][T28084] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  480.980555][T28084] EXT4-fs (loop0): mount failed
[  481.184399][T28106] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8495'.
[  481.193463][T28106] netlink: 28 bytes leftover after parsing attributes in process `syz.9.8495'.
[  481.241555][T28113] netlink: 'syz.8.8498': attribute type 10 has an invalid length.
[  481.346064][T28127] loop8: detected capacity change from 0 to 512
[  481.365066][T28127] EXT4-fs error (device loop8): ext4_orphan_get:1389: inode #15: comm syz.8.8505: casefold flag without casefold feature
[  481.379884][T28127] EXT4-fs error (device loop8): ext4_orphan_get:1394: comm syz.8.8505: couldn't read orphan inode 15 (err -117)
[  481.443913][T28142] loop6: detected capacity change from 0 to 512
[  481.453858][T28142] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #15: comm syz.6.8510: casefold flag without casefold feature
[  481.459092][T28144] netlink: 'syz.8.8511': attribute type 10 has an invalid length.
[  481.476869][T28142] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.8510: couldn't read orphan inode 15 (err -117)
[  481.724325][T28168] loop8: detected capacity change from 0 to 2048
[  481.739471][T28172] loop6: detected capacity change from 0 to 512
[  481.750027][T28172] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #15: comm syz.6.8521: casefold flag without casefold feature
[  481.752726][T28168] lo speed is unknown, defaulting to 1000
[  481.764286][T28172] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.8521: couldn't read orphan inode 15 (err -117)
[  481.851824][T28176] netlink: 'syz.6.8522': attribute type 10 has an invalid length.
[  481.934617][T28185] loop7: detected capacity change from 0 to 512
[  481.973598][T28185] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  481.982985][T28185] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  481.998211][T28185] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  482.047225][T28185] System zones: 0-2, 18-18, 34-34
[  482.052967][T28185] EXT4-fs (loop7): orphan cleanup on readonly fs
[  482.061151][T28198] loop0: detected capacity change from 0 to 512
[  482.067464][T28185] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  482.084379][T28185] EXT4-fs (loop7): 1 truncate cleaned up
[  482.107107][T28198] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.8532: casefold flag without casefold feature
[  482.143400][T28198] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.8532: couldn't read orphan inode 15 (err -117)
[  482.160808][T28185] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  482.179210][T28204] FAULT_INJECTION: forcing a failure.
[  482.179210][T28204] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  482.192440][T28204] CPU: 0 UID: 0 PID: 28204 Comm: syz.8.8534 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  482.204412][T28204] Tainted: [W]=WARN
[  482.208290][T28204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  482.218370][T28204] Call Trace:
[  482.221662][T28204]  <TASK>
[  482.224689][T28204]  dump_stack_lvl+0xf2/0x150
[  482.229350][T28204]  dump_stack+0x15/0x20
[  482.233531][T28204]  should_fail_ex+0x223/0x230
[  482.238227][T28204]  should_fail+0xb/0x10
[  482.242397][T28204]  should_fail_usercopy+0x1a/0x20
[  482.247446][T28204]  _copy_from_user+0x1e/0xb0
[  482.252341][T28204]  memdup_user+0x64/0xc0
[  482.256664][T28204]  strndup_user+0x68/0xa0
[  482.261079][T28204]  __se_sys_mount+0x4e/0x2d0
[  482.265695][T28204]  ? __bpf_trace_sys_enter+0x10/0x30
[  482.270999][T28204]  ? trace_sys_enter+0xe0/0x120
[  482.275941][T28204]  __x64_sys_mount+0x67/0x80
[  482.280543][T28204]  x64_sys_call+0x2c84/0x2dc0
[  482.285235][T28204]  do_syscall_64+0xc9/0x1c0
[  482.289782][T28204]  ? clear_bhb_loop+0x55/0xb0
[  482.294585][T28204]  ? clear_bhb_loop+0x55/0xb0
[  482.299347][T28204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.305262][T28204] RIP: 0033:0x7fe8cf480809
[  482.309683][T28204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  482.329389][T28204] RSP: 002b:00007fe8cdaf7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  482.337891][T28204] RAX: ffffffffffffffda RBX: 00007fe8cf645fa0 RCX: 00007fe8cf480809
[  482.345915][T28204] RDX: 0000000020000100 RSI: 0000000020000500 RDI: 0000000000000000
[  482.353894][T28204] RBP: 00007fe8cdaf70a0 R08: 0000000020000540 R09: 0000000000000000
[  482.361968][T28204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  482.369962][T28204] R13: 0000000000000000 R14: 00007fe8cf645fa0 R15: 00007ffcd022f9d8
[  482.377951][T28204]  </TASK>
[  482.412133][   T29] kauditd_printk_skb: 1543 callbacks suppressed
[  482.412150][   T29] audit: type=1326 audit(1732706790.608:98119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28205 comm="syz.9.8535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  482.454091][T28206] netlink: 'syz.9.8535': attribute type 10 has an invalid length.
[  482.463889][   T29] audit: type=1326 audit(1732706790.636:98120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28205 comm="syz.9.8535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  482.488278][   T29] audit: type=1326 audit(1732706790.636:98121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28205 comm="syz.9.8535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  482.512104][   T29] audit: type=1326 audit(1732706790.636:98122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28205 comm="syz.9.8535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  482.536950][   T29] audit: type=1326 audit(1732706790.636:98123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28205 comm="syz.9.8535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  482.560588][   T29] audit: type=1326 audit(1732706790.636:98124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28205 comm="syz.9.8535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  482.585079][   T29] audit: type=1326 audit(1732706790.636:98125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28205 comm="syz.9.8535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  482.609129][   T29] audit: type=1326 audit(1732706790.636:98126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28205 comm="syz.9.8535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  482.633577][   T29] audit: type=1326 audit(1732706790.645:98127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28205 comm="syz.9.8535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  482.657479][   T29] audit: type=1326 audit(1732706790.645:98128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28205 comm="syz.9.8535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  482.675145][T28215] loop0: detected capacity change from 0 to 2048
[  482.746146][T28215] lo speed is unknown, defaulting to 1000
[  482.808550][T28236] loop6: detected capacity change from 0 to 512
[  482.819787][T28236] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #15: comm syz.6.8547: casefold flag without casefold feature
[  482.860031][T28236] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.8547: couldn't read orphan inode 15 (err -117)
[  483.152709][T28274] loop8: detected capacity change from 0 to 512
[  483.179926][T28274] EXT4-fs (loop8): too many log groups per flexible block group
[  483.187676][T28274] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  483.194540][T28274] EXT4-fs (loop8): mount failed
[  483.502849][T28304] loop8: detected capacity change from 0 to 512
[  483.510271][T28304] ext4: Invalid gid '0x00000000ffffffff'
[  483.554895][T28305] FAULT_INJECTION: forcing a failure.
[  483.554895][T28305] name failslab, interval 1, probability 0, space 0, times 0
[  483.567678][T28305] CPU: 0 UID: 0 PID: 28305 Comm: syz.0.8573 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  483.579595][T28305] Tainted: [W]=WARN
[  483.583412][T28305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  483.593502][T28305] Call Trace:
[  483.596797][T28305]  <TASK>
[  483.599768][T28305]  dump_stack_lvl+0xf2/0x150
[  483.604385][T28305]  dump_stack+0x15/0x20
[  483.608598][T28305]  should_fail_ex+0x223/0x230
[  483.613299][T28305]  should_failslab+0x8f/0xb0
[  483.617941][T28305]  __kmalloc_node_noprof+0xad/0x410
[  483.623232][T28305]  ? qdisc_alloc+0x65/0x450
[  483.627848][T28305]  qdisc_alloc+0x65/0x450
[  483.632198][T28305]  qdisc_create+0xe5/0xae0
[  483.636708][T28305]  ? __nla_parse+0x40/0x60
[  483.641156][T28305]  tc_modify_qdisc+0x65f/0x1050
[  483.646088][T28305]  ? ns_capable+0x7d/0xb0
[  483.650455][T28305]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  483.655770][T28305]  rtnetlink_rcv_msg+0x6aa/0x710
[  483.660753][T28305]  ? ref_tracker_free+0x3a5/0x410
[  483.665836][T28305]  ? __dev_queue_xmit+0x186/0x2090
[  483.670972][T28305]  netlink_rcv_skb+0x12c/0x230
[  483.675936][T28305]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  483.681494][T28305]  rtnetlink_rcv+0x1c/0x30
[  483.685979][T28305]  netlink_unicast+0x599/0x670
[  483.690766][T28305]  netlink_sendmsg+0x5cc/0x6e0
[  483.695573][T28305]  ? __pfx_netlink_sendmsg+0x10/0x10
[  483.700882][T28305]  __sock_sendmsg+0x140/0x180
[  483.705600][T28305]  ____sys_sendmsg+0x312/0x410
[  483.710529][T28305]  __sys_sendmsg+0x19d/0x230
[  483.715166][T28305]  __x64_sys_sendmsg+0x46/0x50
[  483.719948][T28305]  x64_sys_call+0x2734/0x2dc0
[  483.724720][T28305]  do_syscall_64+0xc9/0x1c0
[  483.729392][T28305]  ? clear_bhb_loop+0x55/0xb0
[  483.734088][T28305]  ? clear_bhb_loop+0x55/0xb0
[  483.738824][T28305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.744774][T28305] RIP: 0033:0x7f942f850809
[  483.749208][T28305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  483.769008][T28305] RSP: 002b:00007f942dec7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  483.777482][T28305] RAX: ffffffffffffffda RBX: 00007f942fa15fa0 RCX: 00007f942f850809
[  483.785465][T28305] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000006
[  483.793457][T28305] RBP: 00007f942dec70a0 R08: 0000000000000000 R09: 0000000000000000
[  483.801455][T28305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  483.809432][T28305] R13: 0000000000000000 R14: 00007f942fa15fa0 R15: 00007ffc15c0b5d8
[  483.817469][T28305]  </TASK>
[  483.873108][T28308] loop7: detected capacity change from 0 to 1024
[  483.933046][T28308] hsr_slave_0 (unregistering): left promiscuous mode
[  483.954853][T28317] loop0: detected capacity change from 0 to 512
[  483.969286][T28317] EXT4-fs (loop0): too many log groups per flexible block group
[  483.977113][T28317] EXT4-fs (loop0): failed to initialize mballoc (-12)
[  483.984148][T28317] EXT4-fs (loop0): mount failed
[  484.111125][T28334] netlink: 'syz.7.8584': attribute type 10 has an invalid length.
[  484.151284][T28338] __nla_validate_parse: 10 callbacks suppressed
[  484.151305][T28338] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8582'.
[  484.280840][T28339] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8586'.
[  484.289962][T28339] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8586'.
[  484.521726][T28373] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8601'.
[  484.579191][T28381] loop9: detected capacity change from 0 to 512
[  484.591179][T28381] EXT4-fs (loop9): too many log groups per flexible block group
[  484.598882][T28381] EXT4-fs (loop9): failed to initialize mballoc (-12)
[  484.607265][T28381] EXT4-fs (loop9): mount failed
[  484.644276][T28386] loop0: detected capacity change from 0 to 128
[  485.036644][T28397] netlink: 132 bytes leftover after parsing attributes in process `syz.6.8610'.
[  485.155224][T28408] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8614'.
[  485.244858][T28422] loop8: detected capacity change from 0 to 512
[  485.252562][T28422] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  485.274171][T28422] EXT4-fs (loop8): 1 truncate cleaned up
[  485.280301][T28422] EXT4-fs mount: 70 callbacks suppressed
[  485.280320][T28422] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  485.335969][T28427] loop6: detected capacity change from 0 to 2048
[  485.348812][T28427] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  485.377536][T28427] lo speed is unknown, defaulting to 1000
[  485.388714][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.171001][T24414] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.259590][T28460] loop6: detected capacity change from 0 to 2048
[  486.290383][T28460] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  486.388553][T25061] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  486.403538][T25061] EXT4-fs (loop6): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 5 with error 28
[  486.403970][    T8] usb usb8-port2: attempt power cycle
[  486.415858][T25061] EXT4-fs (loop6): This should not happen!! Data will be lost
[  486.415858][T25061] 
[  486.431191][T25061] EXT4-fs (loop6): Total free blocks count 0
[  486.437404][T25061] EXT4-fs (loop6): Free/Dirty block details
[  486.443415][T25061] EXT4-fs (loop6): free_blocks=2415919104
[  486.449304][T25061] EXT4-fs (loop6): dirty_blocks=16
[  486.454458][T25061] EXT4-fs (loop6): Block reservation details
[  486.460474][T25061] EXT4-fs (loop6): i_reserved_data_blocks=1
[  486.469506][T24414] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.539293][T28472] loop7: detected capacity change from 0 to 1024
[  486.555265][T28475] loop0: detected capacity change from 0 to 512
[  486.571101][T28472] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  486.587649][T28472] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  486.601541][T28475] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  486.611333][T28475] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  486.637261][T25756] EXT4-fs error (device loop7): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /171/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[  486.639630][T28478] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8640'.
[  486.660705][T28475] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  486.667143][T28478] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8640'.
[  486.675337][T28475] System zones: 0-2, 18-18, 34-34
[  486.690250][T28475] EXT4-fs (loop0): orphan cleanup on readonly fs
[  486.701490][T28489] loop8: detected capacity change from 0 to 2048
[  486.708002][T28475] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  486.709563][T25756] EXT4-fs error (device loop7): ext4_readdir:261: inode #11: block 37: comm syz-executor: path /171/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  486.743561][T28475] EXT4-fs (loop0): 1 truncate cleaned up
[  486.750310][T28475] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  486.759032][T25756] EXT4-fs error (device loop7): ext4_empty_dir:3135: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  486.798081][T25756] EXT4-fs error (device loop7): ext4_readdir:261: inode #11: block 37: comm syz-executor: path /171/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  486.805292][T28489] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  486.819747][T28475] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  486.853805][T28489] lo speed is unknown, defaulting to 1000
[  486.855297][T25756] EXT4-fs error (device loop7): ext4_empty_dir:3135: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  486.896773][T24804] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.910344][T25756] EXT4-fs error (device loop7): ext4_readdir:261: inode #11: block 37: comm syz-executor: path /171/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  486.933379][T25756] EXT4-fs error (device loop7): ext4_empty_dir:3135: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  486.965780][T25756] EXT4-fs error (device loop7): ext4_readdir:261: inode #11: block 37: comm syz-executor: path /171/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  486.988116][T25756] EXT4-fs error (device loop7): ext4_empty_dir:3135: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  487.007261][T25756] EXT4-fs error (device loop7): ext4_readdir:261: inode #11: block 37: comm syz-executor: path /171/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  487.041482][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  487.208849][T28515] loop8: detected capacity change from 0 to 512
[  487.215772][T28515] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  487.241859][T28515] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  487.256892][T28515] EXT4-fs error (device loop8): ext4_do_update_inode:5153: inode #2: comm syz.8.8654: corrupted inode contents
[  487.268935][T28515] EXT4-fs error (device loop8): ext4_dirty_inode:6041: inode #2: comm syz.8.8654: mark_inode_dirty error
[  487.281198][T28515] EXT4-fs error (device loop8): ext4_do_update_inode:5153: inode #2: comm syz.8.8654: corrupted inode contents
[  487.284816][T25756] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  487.331180][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  487.409563][T28531] loop8: detected capacity change from 0 to 128
[  487.440529][T28525] lo speed is unknown, defaulting to 1000
[  487.546639][T28525] chnl_net:caif_netlink_parms(): no params data found
[  487.582670][T28525] bridge0: port 1(bridge_slave_0) entered blocking state
[  487.589828][T28525] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.597807][T28525] bridge_slave_0: entered allmulticast mode
[  487.604564][T28525] bridge_slave_0: entered promiscuous mode
[  487.611525][T28525] bridge0: port 2(bridge_slave_1) entered blocking state
[  487.618762][T28525] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.626851][T28525] bridge_slave_1: entered allmulticast mode
[  487.633397][T28525] bridge_slave_1: entered promiscuous mode
[  487.651806][T28525] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  487.663153][T28525] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  487.683739][T28525] team0: Port device team_slave_0 added
[  487.691201][T28525] team0: Port device team_slave_1 added
[  487.708017][T28525] batman_adv: batadv0: Adding interface: batadv_slave_0
[  487.715080][T28525] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  487.741648][T28525] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  487.753359][T28525] batman_adv: batadv0: Adding interface: batadv_slave_1
[  487.760315][T28525] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  487.786950][T28525] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  487.815335][T28525] hsr_slave_0: entered promiscuous mode
[  487.822450][T28525] hsr_slave_1: entered promiscuous mode
[  487.828483][T28525] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  487.836081][T28525] Cannot create hsr debugfs directory
[  487.860975][T28543] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8659'.
[  487.916741][T28525] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.981733][T28525] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.998137][T28558] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8665'.
[  488.041465][   T29] kauditd_printk_skb: 319 callbacks suppressed
[  488.041483][   T29] audit: type=1326 audit(1732706795.865:98448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28563 comm="syz.0.8667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  488.071299][   T29] audit: type=1326 audit(1732706795.865:98449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28563 comm="syz.0.8667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  488.095030][   T29] audit: type=1326 audit(1732706795.865:98450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28563 comm="syz.0.8667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  488.118755][   T29] audit: type=1326 audit(1732706795.865:98451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28563 comm="syz.0.8667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  488.142377][   T29] audit: type=1326 audit(1732706795.865:98452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28563 comm="syz.0.8667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  488.166081][   T29] audit: type=1326 audit(1732706795.874:98453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28563 comm="syz.0.8667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  488.189692][   T29] audit: type=1326 audit(1732706795.874:98454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28563 comm="syz.0.8667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  488.213410][   T29] audit: type=1326 audit(1732706795.874:98455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28563 comm="syz.0.8667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  488.237104][   T29] audit: type=1326 audit(1732706795.874:98456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28563 comm="syz.0.8667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  488.260598][   T29] audit: type=1326 audit(1732706795.874:98457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28563 comm="syz.0.8667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f942f850809 code=0x7ffc0000
[  488.301682][T28525] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.336440][T28574] loop8: detected capacity change from 0 to 512
[  488.343570][T28574] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  488.352726][T28574] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  488.364790][T28525] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.385673][T28574] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  488.393924][T28574] System zones: 0-2, 18-18, 34-34
[  488.399366][T28574] EXT4-fs (loop8): orphan cleanup on readonly fs
[  488.406976][T28574] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  488.434269][T28582] loop6: detected capacity change from 0 to 512
[  488.436529][T28574] EXT4-fs (loop8): 1 truncate cleaned up
[  488.447052][T28574] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  488.453860][T28525] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  488.466852][T28582] EXT4-fs (loop6): too many log groups per flexible block group
[  488.468891][T28525] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  488.474573][T28582] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  488.480222][T28582] EXT4-fs (loop6): mount failed
[  488.481964][    T8] usb usb8-port2: unable to enumerate USB device
[  488.503655][T28525] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  488.514718][T28525] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  488.532967][T28525] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.540135][T28525] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.547493][T28525] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.554593][T28525] bridge0: port 1(bridge_slave_0) entered forwarding state
[  488.575148][T28574] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  488.600065][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.606410][T28525] 8021q: adding VLAN 0 to HW filter on device bond0
[  488.622993][T25054] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.633009][T25054] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.674525][T28525] 8021q: adding VLAN 0 to HW filter on device team0
[  488.686629][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.693745][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  488.703243][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.710394][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.739519][T28598] loop6: detected capacity change from 0 to 512
[  488.740099][T28525] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  488.756373][T28525] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  488.771591][T28598] EXT4-fs (loop6): too many log groups per flexible block group
[  488.779987][T28598] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  488.780744][T28599] loop8: detected capacity change from 0 to 128
[  488.787003][T28598] EXT4-fs (loop6): mount failed
[  488.841110][T28525] 8021q: adding VLAN 0 to HW filter on device batadv0
[  488.937159][T28621] loop6: detected capacity change from 0 to 512
[  488.940508][T28525] veth0_vlan: entered promiscuous mode
[  488.950975][T28621] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  488.954287][T28525] veth1_vlan: entered promiscuous mode
[  488.960074][T28621] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  488.980508][T28525] veth0_macvtap: entered promiscuous mode
[  488.989003][T28525] veth1_macvtap: entered promiscuous mode
[  488.995918][T28621] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  489.008009][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.012235][T28621] System zones: 
[  489.018499][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.018515][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.018535][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.018551][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.018566][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.018585][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.018602][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.018618][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.022192][T28621] 0-2
[  489.031978][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.032025][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.032043][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.043210][T28621] , 18-18
[  489.052472][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.062959][T28621] , 34-34
[  489.072708][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.073777][T28525] batman_adv: batadv0: Interface activated: batadv_slave_0
[  489.083907][T28621] 
[  489.092430][T28621] EXT4-fs (loop6): orphan cleanup on readonly fs
[  489.095361][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.137097][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.137113][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.137132][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.137152][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.137165][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.137185][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.137247][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.137264][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.137282][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.137324][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.137339][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.137367][T28525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.137383][T28525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.140254][T28525] batman_adv: batadv0: Interface activated: batadv_slave_1
[  489.173328][T28621] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  489.180103][T28525] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  489.192263][T28621] EXT4-fs (loop6): 1 truncate cleaned up
[  489.200334][T28525] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  489.200446][T28525] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  489.200482][T28525] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  489.390219][T28621] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  489.420439][T28621] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  489.446321][T24414] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.547364][T28637] lo speed is unknown, defaulting to 1000
[  489.561409][T28639] loop6: detected capacity change from 0 to 512
[  489.568456][T28639] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  489.577588][T28639] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  489.596237][T28639] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  489.606130][T28639] System zones: 0-2, 18-18, 34-34
[  489.611447][T28639] EXT4-fs (loop6): orphan cleanup on readonly fs
[  489.619445][T28639] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  489.638637][T28639] EXT4-fs (loop6): 1 truncate cleaned up
[  489.653647][T28639] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  489.686150][T28639] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  489.692419][T28646] __nla_validate_parse: 2 callbacks suppressed
[  489.692438][T28646] netlink: 132 bytes leftover after parsing attributes in process `syz.8.8694'.
[  489.739706][T24414] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.760820][T28648] loop8: detected capacity change from 0 to 512
[  489.782232][T28648] EXT4-fs error (device loop8): ext4_orphan_get:1389: inode #15: comm syz.8.8696: casefold flag without casefold feature
[  489.795530][T28648] EXT4-fs error (device loop8): ext4_orphan_get:1394: comm syz.8.8696: couldn't read orphan inode 15 (err -117)
[  489.811011][T28648] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  489.841473][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.875831][T28659] SELinux: syz.8.8700 (28659) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  489.889771][T28659] FAULT_INJECTION: forcing a failure.
[  489.889771][T28659] name failslab, interval 1, probability 0, space 0, times 0
[  489.903154][T28659] CPU: 0 UID: 0 PID: 28659 Comm: syz.8.8700 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  489.915187][T28659] Tainted: [W]=WARN
[  489.919123][T28659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  489.929190][T28659] Call Trace:
[  489.932485][T28659]  <TASK>
[  489.935438][T28659]  dump_stack_lvl+0xf2/0x150
[  489.940174][T28659]  dump_stack+0x15/0x20
[  489.944360][T28659]  should_fail_ex+0x223/0x230
[  489.949088][T28659]  should_failslab+0x8f/0xb0
[  489.953708][T28659]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[  489.960102][T28659]  ? security_context_to_sid_core+0x66/0x3b0
[  489.966137][T28659]  kmemdup_nul+0x30/0x80
[  489.970400][T28659]  security_context_to_sid_core+0x66/0x3b0
[  489.976245][T28659]  security_context_str_to_sid+0x33/0x40
[  489.981923][T28659]  sel_write_user+0x1ed/0x430
[  489.986641][T28659]  selinux_transaction_write+0xba/0x100
[  489.992307][T28659]  ? __pfx_selinux_transaction_write+0x10/0x10
[  489.998540][T28659]  vfs_write+0x281/0x920
[  490.002666][T28660] lo speed is unknown, defaulting to 1000
[  490.002895][T28659]  ? __fget_files+0x17c/0x1c0
[  490.013313][T28659]  ksys_write+0xe8/0x1b0
[  490.017668][T28659]  __x64_sys_write+0x42/0x50
[  490.022372][T28659]  x64_sys_call+0x287e/0x2dc0
[  490.027133][T28659]  do_syscall_64+0xc9/0x1c0
[  490.031686][T28659]  ? clear_bhb_loop+0x55/0xb0
[  490.036384][T28659]  ? clear_bhb_loop+0x55/0xb0
[  490.041127][T28659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.047119][T28659] RIP: 0033:0x7fe8cf480809
[  490.051551][T28659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.071193][T28659] RSP: 002b:00007fe8cdaf7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  490.079673][T28659] RAX: ffffffffffffffda RBX: 00007fe8cf645fa0 RCX: 00007fe8cf480809
[  490.087686][T28659] RDX: 000000000000000b RSI: 0000000020000880 RDI: 0000000000000006
[  490.095850][T28659] RBP: 00007fe8cdaf70a0 R08: 0000000000000000 R09: 0000000000000000
[  490.103854][T28659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  490.111865][T28659] R13: 0000000000000000 R14: 00007fe8cf645fa0 R15: 00007ffcd022f9d8
[  490.119877][T28659]  </TASK>
[  490.317931][T28665] smc: net device bond0 applied user defined pnetid SYZ0
[  490.325056][T28665] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0
[  490.358768][T28670] loop8: detected capacity change from 0 to 512
[  490.365815][T28670] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  490.384796][T28670] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  490.402047][T28670] EXT4-fs error (device loop8): ext4_do_update_inode:5153: inode #2: comm syz.8.8703: corrupted inode contents
[  490.416665][T28670] EXT4-fs error (device loop8): ext4_dirty_inode:6041: inode #2: comm syz.8.8703: mark_inode_dirty error
[  490.428405][T28670] EXT4-fs error (device loop8): ext4_do_update_inode:5153: inode #2: comm syz.8.8703: corrupted inode contents
[  490.465645][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  490.470917][T28686] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8708'.
[  490.484176][T28686] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  490.491751][T28686] batman_adv: batadv0: Removing interface: batadv_slave_0
[  490.499899][T28686] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  490.507409][T28686] batman_adv: batadv0: Removing interface: batadv_slave_1
[  490.567481][T28695] loop8: detected capacity change from 0 to 256
[  490.581544][T28695] FAT-fs (loop8): Directory bread(block 64) failed
[  490.588385][T28695] FAT-fs (loop8): Directory bread(block 65) failed
[  490.594979][T28695] FAT-fs (loop8): Directory bread(block 66) failed
[  490.602404][T28695] FAT-fs (loop8): Directory bread(block 67) failed
[  490.609488][T28695] FAT-fs (loop8): Directory bread(block 68) failed
[  490.616055][T28695] FAT-fs (loop8): Directory bread(block 69) failed
[  490.622710][T28695] FAT-fs (loop8): Directory bread(block 70) failed
[  490.630015][T28695] FAT-fs (loop8): Directory bread(block 71) failed
[  490.636543][T28695] FAT-fs (loop8): Directory bread(block 72) failed
[  490.643111][T28695] FAT-fs (loop8): Directory bread(block 73) failed
[  490.662299][T28695] syz.8.8711: attempt to access beyond end of device
[  490.662299][T28695] loop8: rw=0, sector=1816, nr_sectors = 4 limit=256
[  490.675804][T28695] FAT-fs (loop8): error, fat_free: invalid cluster chain (i_pos 326)
[  490.683921][T28695] FAT-fs (loop8): Filesystem has been set read-only
[  490.690585][T28695] FAT-fs (loop8): error, fat_free: invalid cluster chain (i_pos 326)
[  490.784047][T28707] loop6: detected capacity change from 0 to 512
[  490.790012][    T8] usb usb8-port2: attempt power cycle
[  490.806587][T28712] loop8: detected capacity change from 0 to 512
[  490.807603][T28707] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #15: comm syz.6.8717: casefold flag without casefold feature
[  490.825884][T28712] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  490.827992][T28707] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.8717: couldn't read orphan inode 15 (err -117)
[  490.834988][T28712] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  490.846393][T28712] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  490.849187][T28707] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  490.856123][T28712] System zones: 0-2, 18-18, 34-34
[  490.881305][T28712] EXT4-fs (loop8): orphan cleanup on readonly fs
[  490.889664][T28712] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  490.916631][T24414] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  490.926324][T28712] EXT4-fs (loop8): 1 truncate cleaned up
[  490.934070][T28712] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  490.968782][T28712] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  490.990703][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  491.169789][T28734] loop8: detected capacity change from 0 to 128
[  491.180680][T28736] loop6: detected capacity change from 0 to 1024
[  491.199054][T28736] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  491.214950][T28736] EXT4-fs error (device loop6): ext4_expand_extra_isize_ea:2793: inode #15: comm syz.6.8730: corrupted in-inode xattr: bad magic number in in-inode xattr
[  491.243138][T24414] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  491.299373][T28745] loop6: detected capacity change from 0 to 512
[  491.306416][T28745] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  491.315562][T28745] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  491.324520][T28745] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  491.332821][T28745] System zones: 0-2, 18-18, 34-34
[  491.338177][T28745] EXT4-fs (loop6): orphan cleanup on readonly fs
[  491.344845][T28745] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  491.359884][T28745] EXT4-fs (loop6): 1 truncate cleaned up
[  491.366051][T28745] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  491.384101][T28745] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  491.404107][T24414] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  491.514282][T28748] FAULT_INJECTION: forcing a failure.
[  491.514282][T28748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  491.527966][T28748] CPU: 0 UID: 0 PID: 28748 Comm: syz.6.8734 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  491.539933][T28748] Tainted: [W]=WARN
[  491.543792][T28748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  491.553939][T28748] Call Trace:
[  491.557233][T28748]  <TASK>
[  491.560166][T28748]  dump_stack_lvl+0xf2/0x150
[  491.564760][T28748]  dump_stack+0x15/0x20
[  491.568950][T28748]  should_fail_ex+0x223/0x230
[  491.573687][T28748]  should_fail+0xb/0x10
[  491.577866][T28748]  should_fail_usercopy+0x1a/0x20
[  491.582929][T28748]  _copy_from_iter+0xd5/0xd00
[  491.587680][T28748]  ? kmalloc_reserve+0x16e/0x190
[  491.592716][T28748]  ? __build_skb_around+0x196/0x1f0
[  491.598029][T28748]  ? __alloc_skb+0x21f/0x310
[  491.602644][T28748]  ? __virt_addr_valid+0x1ed/0x250
[  491.607778][T28748]  ? __check_object_size+0x364/0x520
[  491.613167][T28748]  netlink_sendmsg+0x460/0x6e0
[  491.618093][T28748]  ? __pfx_netlink_sendmsg+0x10/0x10
[  491.623423][T28748]  __sock_sendmsg+0x140/0x180
[  491.628200][T28748]  ____sys_sendmsg+0x312/0x410
[  491.632988][T28748]  __sys_sendmsg+0x19d/0x230
[  491.637670][T28748]  __x64_sys_sendmsg+0x46/0x50
[  491.642442][T28748]  x64_sys_call+0x2734/0x2dc0
[  491.647137][T28748]  do_syscall_64+0xc9/0x1c0
[  491.651671][T28748]  ? clear_bhb_loop+0x55/0xb0
[  491.656372][T28748]  ? clear_bhb_loop+0x55/0xb0
[  491.661053][T28748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.667029][T28748] RIP: 0033:0x7fd3e4300809
[  491.671466][T28748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.691076][T28748] RSP: 002b:00007fd3e2977058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  491.699501][T28748] RAX: ffffffffffffffda RBX: 00007fd3e44c5fa0 RCX: 00007fd3e4300809
[  491.707502][T28748] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  491.715486][T28748] RBP: 00007fd3e29770a0 R08: 0000000000000000 R09: 0000000000000000
[  491.723538][T28748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  491.731575][T28748] R13: 0000000000000000 R14: 00007fd3e44c5fa0 R15: 00007ffe2a9a1a28
[  491.739597][T28748]  </TASK>
[  492.096635][T28763] loop8: detected capacity change from 0 to 2048
[  492.129383][T28763] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  492.156052][T28763] lo speed is unknown, defaulting to 1000
[  492.230823][T28780] netlink: 132 bytes leftover after parsing attributes in process `syz.2.8748'.
[  492.276623][T28783] loop6: detected capacity change from 0 to 128
[  492.294604][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.938074][    T8] usb usb8-port2: unable to enumerate USB device
[  493.194980][T28810] loop6: detected capacity change from 0 to 512
[  493.202010][T28810] EXT4-fs: Ignoring removed oldalloc option
[  493.209104][T28810] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  493.221155][T28810] EXT4-fs (loop6): 1 truncate cleaned up
[  493.227399][T28810] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  493.253556][T24414] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.323116][T28819] netlink: 132 bytes leftover after parsing attributes in process `syz.6.8765'.
[  493.485322][   T29] kauditd_printk_skb: 818 callbacks suppressed
[  493.485343][   T29] audit: type=1326 audit(1732706800.944:99276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28805 comm="syz.9.8759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1c170077a7 code=0x7ffc0000
[  493.515313][   T29] audit: type=1326 audit(1732706800.944:99277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28805 comm="syz.9.8759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1c16fac149 code=0x7ffc0000
[  493.538888][   T29] audit: type=1326 audit(1732706800.944:99278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28805 comm="syz.9.8759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  493.562408][   T29] audit: type=1326 audit(1732706800.944:99279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28805 comm="syz.9.8759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1c170077a7 code=0x7ffc0000
[  493.585990][   T29] audit: type=1326 audit(1732706800.944:99280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28805 comm="syz.9.8759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1c16fac149 code=0x7ffc0000
[  493.609562][   T29] audit: type=1326 audit(1732706800.944:99281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28805 comm="syz.9.8759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  493.633119][   T29] audit: type=1326 audit(1732706800.953:99282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28805 comm="syz.9.8759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1c170077a7 code=0x7ffc0000
[  493.656720][   T29] audit: type=1326 audit(1732706800.953:99283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28805 comm="syz.9.8759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1c16fac149 code=0x7ffc0000
[  493.680213][   T29] audit: type=1326 audit(1732706800.953:99284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28805 comm="syz.9.8759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f1c17010809 code=0x7ffc0000
[  493.759430][   T29] audit: type=1326 audit(1732706801.168:99285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28805 comm="syz.9.8759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1c170077a7 code=0x7ffc0000
[  493.791657][T28828] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8768'.
[  493.997562][T28837] loop9: detected capacity change from 0 to 512
[  494.004706][T28837] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  494.013970][T28837] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  494.022844][T28837] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  494.030985][T28837] System zones: 0-2, 18-18, 34-34
[  494.036498][T28837] EXT4-fs (loop9): orphan cleanup on readonly fs
[  494.043154][T28837] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  494.059729][T28837] EXT4-fs (loop9): 1 truncate cleaned up
[  494.065830][T28837] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  494.090653][T28837] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  494.126676][T24308] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  494.163468][T28850] loop9: detected capacity change from 0 to 256
[  494.177500][T28850] FAT-fs (loop9): Directory bread(block 64) failed
[  494.184619][T28850] FAT-fs (loop9): Directory bread(block 65) failed
[  494.192567][T28850] FAT-fs (loop9): Directory bread(block 66) failed
[  494.201553][T28852] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8779'.
[  494.205371][T28850] FAT-fs (loop9): Directory bread(block 67) failed
[  494.217764][T28850] FAT-fs (loop9): Directory bread(block 68) failed
[  494.225439][T28850] FAT-fs (loop9): Directory bread(block 69) failed
[  494.232881][T28850] FAT-fs (loop9): Directory bread(block 70) failed
[  494.239425][T28850] FAT-fs (loop9): Directory bread(block 71) failed
[  494.246217][T28850] FAT-fs (loop9): Directory bread(block 72) failed
[  494.252879][T28850] FAT-fs (loop9): Directory bread(block 73) failed
[  494.444445][T28869] geneve2: entered promiscuous mode
[  494.449838][T28869] geneve2: entered allmulticast mode
[  494.623123][T28875] lo speed is unknown, defaulting to 1000
[  494.822119][T28879] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8790'.
[  495.070060][T28886] loop6: detected capacity change from 0 to 256
[  495.083678][T28886] FAT-fs (loop6): Directory bread(block 64) failed
[  495.090801][T28886] FAT-fs (loop6): Directory bread(block 65) failed
[  495.099860][T28886] FAT-fs (loop6): Directory bread(block 66) failed
[  495.106562][T28886] FAT-fs (loop6): Directory bread(block 67) failed
[  495.113186][T28886] FAT-fs (loop6): Directory bread(block 68) failed
[  495.121392][T28886] FAT-fs (loop6): Directory bread(block 69) failed
[  495.128061][T28886] FAT-fs (loop6): Directory bread(block 70) failed
[  495.136138][T28886] FAT-fs (loop6): Directory bread(block 71) failed
[  495.145122][T28886] FAT-fs (loop6): Directory bread(block 72) failed
[  495.152113][   T24] usb usb8-port2: attempt power cycle
[  495.152412][T28886] FAT-fs (loop6): Directory bread(block 73) failed
[  495.215424][T28888] loop6: detected capacity change from 0 to 164
[  495.257050][T28895] netlink: 4 bytes leftover after parsing attributes in process `syz.8.8797'.
[  495.267236][T28895] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  495.274828][T28895] batman_adv: batadv0: Removing interface: batadv_slave_0
[  495.288965][T28895] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  495.297174][T28895] batman_adv: batadv0: Removing interface: batadv_slave_1
[  495.329584][T28897] loop6: detected capacity change from 0 to 512
[  495.356583][T28897] EXT4-fs (loop6): too many log groups per flexible block group
[  495.364581][T28897] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  495.371660][T28897] EXT4-fs (loop6): mount failed
[  495.728073][T28932] loop8: detected capacity change from 0 to 512
[  495.735080][T28932] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  495.744352][T28932] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  495.754230][T28932] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  495.762282][T28932] System zones: 0-2, 18-18, 34-34
[  495.767519][T28932] EXT4-fs (loop8): orphan cleanup on readonly fs
[  495.774707][T28932] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  495.789526][T28932] EXT4-fs (loop8): 1 truncate cleaned up
[  495.795653][T28932] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  495.821949][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.847847][T28935] loop8: detected capacity change from 0 to 512
[  495.857261][T28935] EXT4-fs (loop8): too many log groups per flexible block group
[  495.865265][T28935] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  495.872194][T28935] EXT4-fs (loop8): mount failed
[  495.986529][T28947] loop8: detected capacity change from 0 to 2048
[  495.997458][T28947] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  496.023936][T28947] lo speed is unknown, defaulting to 1000
[  496.127251][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.217363][T28958] loop8: detected capacity change from 0 to 512
[  496.242424][T28958] EXT4-fs (loop8): too many log groups per flexible block group
[  496.250244][T28958] EXT4-fs (loop8): failed to initialize mballoc (-12)
[  496.257765][T28958] EXT4-fs (loop8): mount failed
[  496.316350][T28966] loop8: detected capacity change from 0 to 512
[  496.324416][T28966] EXT4-fs error (device loop8): ext4_orphan_get:1389: inode #15: comm syz.8.8825: casefold flag without casefold feature
[  496.338761][T28966] EXT4-fs error (device loop8): ext4_orphan_get:1394: comm syz.8.8825: couldn't read orphan inode 15 (err -117)
[  496.351390][T28966] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  496.390164][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.452679][T28975] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8829'.
[  497.160838][   T24] usb usb8-port2: unable to enumerate USB device
[  497.344152][T29034] loop0: detected capacity change from 0 to 164
[  497.352109][T29034] Unable to read rock-ridge attributes
[  497.358264][T29034] Unable to read rock-ridge attributes
[  497.367208][T29038] netlink: 276 bytes leftover after parsing attributes in process `syz.9.8856'.
[  497.419778][T29040] loop6: detected capacity change from 0 to 512
[  497.427668][T29040] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  497.436880][T29040] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  497.451657][T29040] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  497.459895][T29021] geneve0: entered allmulticast mode
[  497.461535][T29040] System zones: 0-2, 18-18, 34-34
[  497.470720][T29040] EXT4-fs (loop6): orphan cleanup on readonly fs
[  497.477609][T29040] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  497.493428][T29040] EXT4-fs (loop6): 1 truncate cleaned up
[  497.499913][T29040] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  497.506605][T29045] loop0: detected capacity change from 0 to 512
[  497.519459][T29045] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[  497.530134][T29045] EXT4-fs (loop0): Errors on filesystem, clearing orphan list.
[  497.538389][T29045] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  497.551028][T29040] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none.
[  497.554221][T29045] EXT4-fs error (device loop0): ext4_add_entry:2444: inode #2: comm syz.0.8858: Directory hole found for htree leaf block 0
[  497.608993][T29045] bond0: (slave dummy0): Releasing backup interface
[  497.609276][T24414] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.634071][T29045] bridge_slave_0: left allmulticast mode
[  497.639796][T29045] bridge_slave_0: left promiscuous mode
[  497.645677][T29045] bridge0: port 1(bridge_slave_0) entered disabled state
[  497.655884][T29045] bridge_slave_1: left allmulticast mode
[  497.661576][T29045] bridge_slave_1: left promiscuous mode
[  497.667292][T29045] bridge0: port 2(bridge_slave_1) entered disabled state
[  497.679192][T29052] EXT4-fs error (device loop0): ext4_add_entry:2444: inode #2: comm syz.0.8858: Directory hole found for htree leaf block 0
[  497.696747][T29045] bond0: (slave bond_slave_0): Releasing backup interface
[  497.706728][T29045] bond0: (slave bond_slave_1): Releasing backup interface
[  497.719697][T29045] team0: Port device team_slave_0 removed
[  497.729707][T29045] team0: Port device team_slave_1 removed
[  497.800350][T24804] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  498.840430][   T29] kauditd_printk_skb: 2454 callbacks suppressed
[  498.840473][   T29] audit: type=1326 audit(1732706805.976:101740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29076 comm="syz.8.8870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe8cf4777a7 code=0x7ffc0000
[  498.892660][   T29] audit: type=1326 audit(1732706805.995:101741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29076 comm="syz.8.8870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe8cf41c149 code=0x7ffc0000
[  498.905313][T29100] FAULT_INJECTION: forcing a failure.
[  498.905313][T29100] name failslab, interval 1, probability 0, space 0, times 0
[  498.916274][   T29] audit: type=1326 audit(1732706805.995:101742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29076 comm="syz.8.8870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fe8cf480809 code=0x7ffc0000
[  498.916311][   T29] audit: type=1326 audit(1732706805.995:101743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29076 comm="syz.8.8870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe8cf4777a7 code=0x7ffc0000
[  498.916420][   T29] audit: type=1326 audit(1732706805.995:101744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29076 comm="syz.8.8870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe8cf41c149 code=0x7ffc0000
[  498.916453][   T29] audit: type=1326 audit(1732706805.995:101745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29076 comm="syz.8.8870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fe8cf480809 code=0x7ffc0000
[  498.916485][   T29] audit: type=1326 audit(1732706806.004:101746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29076 comm="syz.8.8870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe8cf4777a7 code=0x7ffc0000
[  498.916513][   T29] audit: type=1326 audit(1732706806.004:101747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29076 comm="syz.8.8870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe8cf41c149 code=0x7ffc0000
[  498.916598][   T29] audit: type=1326 audit(1732706806.004:101748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29076 comm="syz.8.8870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fe8cf480809 code=0x7ffc0000
[  498.916626][   T29] audit: type=1326 audit(1732706806.014:101749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29076 comm="syz.8.8870" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe8cf4777a7 code=0x7ffc0000
[  499.121727][T29100] CPU: 0 UID: 0 PID: 29100 Comm: syz.0.8879 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  499.133657][T29100] Tainted: [W]=WARN
[  499.137478][T29100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  499.147571][T29100] Call Trace:
[  499.150871][T29100]  <TASK>
[  499.153831][T29100]  dump_stack_lvl+0xf2/0x150
[  499.158441][T29100]  dump_stack+0x15/0x20
[  499.162707][T29100]  should_fail_ex+0x223/0x230
[  499.167507][T29100]  should_failslab+0x8f/0xb0
[  499.172161][T29100]  kmem_cache_alloc_noprof+0x52/0x320
[  499.177602][T29100]  ? getname_flags+0x81/0x3b0
[  499.182313][T29100]  getname_flags+0x81/0x3b0
[  499.186913][T29100]  getname+0x17/0x20
[  499.190835][T29100]  path_setxattrat+0x23a/0x310
[  499.195679][T29100]  __x64_sys_lsetxattr+0x71/0x90
[  499.200674][T29100]  x64_sys_call+0x29c8/0x2dc0
[  499.205480][T29100]  do_syscall_64+0xc9/0x1c0
[  499.210000][T29100]  ? clear_bhb_loop+0x55/0xb0
[  499.214689][T29100]  ? clear_bhb_loop+0x55/0xb0
[  499.219387][T29100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.225342][T29100] RIP: 0033:0x7f942f850809
[  499.229772][T29100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.249394][T29100] RSP: 002b:00007f942dec7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  499.257816][T29100] RAX: ffffffffffffffda RBX: 00007f942fa15fa0 RCX: 00007f942f850809
[  499.265912][T29100] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020000080
[  499.273889][T29100] RBP: 00007f942dec70a0 R08: 0000000000000000 R09: 0000000000000000
[  499.281872][T29100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.289857][T29100] R13: 0000000000000000 R14: 00007f942fa15fa0 R15: 00007ffc15c0b5d8
[  499.297846][T29100]  </TASK>
[  499.379918][T29107] netlink: 132 bytes leftover after parsing attributes in process `syz.8.8881'.
[  499.409301][T29116] FAULT_INJECTION: forcing a failure.
[  499.409301][T29116] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  499.422686][T29116] CPU: 1 UID: 0 PID: 29116 Comm: syz.8.8885 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  499.434663][T29116] Tainted: [W]=WARN
[  499.438462][T29116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  499.448546][T29116] Call Trace:
[  499.451823][T29116]  <TASK>
[  499.454807][T29116]  dump_stack_lvl+0xf2/0x150
[  499.459413][T29116]  dump_stack+0x15/0x20
[  499.463607][T29116]  should_fail_ex+0x223/0x230
[  499.468327][T29116]  should_fail+0xb/0x10
[  499.472640][T29116]  should_fail_usercopy+0x1a/0x20
[  499.477698][T29116]  _copy_from_user+0x1e/0xb0
[  499.482373][T29116]  memdup_user+0x64/0xc0
[  499.486644][T29116]  strndup_user+0x68/0xa0
[  499.491098][T29116]  __se_sys_mount+0x4e/0x2d0
[  499.495711][T29116]  ? fput+0x1c4/0x200
[  499.500021][T29116]  ? ksys_write+0x176/0x1b0
[  499.504559][T29116]  __x64_sys_mount+0x67/0x80
[  499.509210][T29116]  x64_sys_call+0x2c84/0x2dc0
[  499.513959][T29116]  do_syscall_64+0xc9/0x1c0
[  499.518468][T29116]  ? clear_bhb_loop+0x55/0xb0
[  499.523217][T29116]  ? clear_bhb_loop+0x55/0xb0
[  499.527910][T29116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.533829][T29116] RIP: 0033:0x7fe8cf480809
[  499.538280][T29116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.557893][T29116] RSP: 002b:00007fe8cdaf7058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  499.566309][T29116] RAX: ffffffffffffffda RBX: 00007fe8cf645fa0 RCX: 00007fe8cf480809
[  499.574342][T29116] RDX: 0000000020000280 RSI: 00000000200002c0 RDI: 0000000000000000
[  499.582317][T29116] RBP: 00007fe8cdaf70a0 R08: 0000000020000300 R09: 0000000000000000
[  499.590306][T29116] R10: 0000000001000000 R11: 0000000000000246 R12: 0000000000000001
[  499.598279][T29116] R13: 0000000000000000 R14: 00007fe8cf645fa0 R15: 00007ffcd022f9d8
[  499.606279][T29116]  </TASK>
[  499.700948][T29121] FAULT_INJECTION: forcing a failure.
[  499.700948][T29121] name failslab, interval 1, probability 0, space 0, times 0
[  499.713660][T29121] CPU: 1 UID: 0 PID: 29121 Comm: syz.0.8886 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  499.725687][T29121] Tainted: [W]=WARN
[  499.729500][T29121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  499.739716][T29121] Call Trace:
[  499.743016][T29121]  <TASK>
[  499.745954][T29121]  dump_stack_lvl+0xf2/0x150
[  499.750674][T29121]  dump_stack+0x15/0x20
[  499.754847][T29121]  should_fail_ex+0x223/0x230
[  499.759557][T29121]  should_failslab+0x8f/0xb0
[  499.764221][T29121]  kmem_cache_alloc_noprof+0x52/0x320
[  499.769679][T29121]  ? dst_alloc+0xc0/0x100
[  499.774042][T29121]  dst_alloc+0xc0/0x100
[  499.778229][T29121]  ? ip_vs_mh_schedule+0x1d2/0x6f0
[  499.783349][T29121]  ip_route_output_key_hash_rcu+0xb90/0x12d0
[  499.789382][T29121]  ip_route_output_key_hash+0x7b/0xb0
[  499.794782][T29121]  tcp_v4_connect+0x3c4/0xad0
[  499.799634][T29121]  __inet_stream_connect+0x162/0x790
[  499.805015][T29121]  ? tcp_sendmsg_fastopen+0x163/0x4f0
[  499.810444][T29121]  ? should_failslab+0x8f/0xb0
[  499.815224][T29121]  ? __kmalloc_cache_noprof+0x186/0x320
[  499.820857][T29121]  tcp_sendmsg_fastopen+0x40e/0x4f0
[  499.826192][T29121]  tcp_sendmsg_locked+0x2513/0x2710
[  499.831429][T29121]  ? mod_objcg_state+0x3a7/0x4f0
[  499.836530][T29121]  ? mod_objcg_state+0x3b1/0x4f0
[  499.841512][T29121]  ? should_fail_ex+0x31/0x230
[  499.846381][T29121]  ? __rcu_read_unlock+0x4e/0x70
[  499.851376][T29121]  ? avc_has_perm_noaudit+0x1cc/0x210
[  499.856779][T29121]  ? avc_has_perm+0xd4/0x160
[  499.861429][T29121]  ? _raw_spin_unlock_bh+0x36/0x40
[  499.866638][T29121]  ? __pfx_tcp_sendmsg+0x10/0x10
[  499.871601][T29121]  tcp_sendmsg+0x30/0x50
[  499.875861][T29121]  inet_sendmsg+0x77/0xd0
[  499.880223][T29121]  __sock_sendmsg+0x102/0x180
[  499.884974][T29121]  ____sys_sendmsg+0x312/0x410
[  499.889786][T29121]  __sys_sendmmsg+0x227/0x4b0
[  499.894587][T29121]  __x64_sys_sendmmsg+0x57/0x70
[  499.899524][T29121]  x64_sys_call+0x29aa/0x2dc0
[  499.904218][T29121]  do_syscall_64+0xc9/0x1c0
[  499.908771][T29121]  ? clear_bhb_loop+0x55/0xb0
[  499.913498][T29121]  ? clear_bhb_loop+0x55/0xb0
[  499.918228][T29121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.924149][T29121] RIP: 0033:0x7f942f850809
[  499.928750][T29121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.948459][T29121] RSP: 002b:00007f942dec7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  499.956935][T29121] RAX: ffffffffffffffda RBX: 00007f942fa15fa0 RCX: 00007f942f850809
[  499.964925][T29121] RDX: 0000000000000002 RSI: 0000000020001c80 RDI: 0000000000000003
[  499.972939][T29121] RBP: 00007f942dec70a0 R08: 0000000000000000 R09: 0000000000000000
[  499.975963][ T3399] usb usb8-port2: attempt power cycle
[  499.980909][T29121] R10: 00000000240080c4 R11: 0000000000000246 R12: 0000000000000001
[  499.994281][T29121] R13: 0000000000000000 R14: 00007f942fa15fa0 R15: 00007ffc15c0b5d8
[  500.002280][T29121]  </TASK>
[  500.014653][T29123] lo: entered allmulticast mode
[  500.026580][T29123] tunl0: entered allmulticast mode
[  500.033655][T29123] gre0: entered allmulticast mode
[  500.044084][T29123] gretap0: entered allmulticast mode
[  500.051362][T29123] erspan0: entered allmulticast mode
[  500.059067][T29123] ip_vti0: entered allmulticast mode
[  500.065919][T29123] ip6_vti0: entered allmulticast mode
[  500.075216][T29123] sit0: entered allmulticast mode
[  500.083592][T29123] ip6tnl0: entered allmulticast mode
[  500.091722][T29123] ip6gre0: entered allmulticast mode
[  500.105630][T29123] syz_tun: entered allmulticast mode
[  500.112889][T29123] ip6gretap0: entered allmulticast mode
[  500.120465][T29123] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.127674][T29123] bridge0: port 1(bridge_slave_0) entered disabled state
[  500.135273][T29123] bridge0: entered allmulticast mode
[  500.142094][T29123] vcan0: entered allmulticast mode
[  500.148205][T29123] bond0: entered allmulticast mode
[  500.153354][T29123] bond_slave_0: entered allmulticast mode
[  500.159181][T29123] bond_slave_1: entered allmulticast mode
[  500.165077][T29123] dummy0: entered allmulticast mode
[  500.172046][T29123] team0: entered allmulticast mode
[  500.177211][T29123] team_slave_0: entered allmulticast mode
[  500.182984][T29123] team_slave_1: entered allmulticast mode
[  500.190594][T29123] nlmon0: entered allmulticast mode
[  500.197472][T29123] caif0: entered allmulticast mode
[  500.202898][T29123] vxcan0: entered allmulticast mode
[  500.209230][T29123] vxcan1: entered allmulticast mode
[  500.215643][T29123] veth0: entered allmulticast mode
[  500.223049][T29123] veth1: entered allmulticast mode
[  500.230871][T29123] wg0: entered allmulticast mode
[  500.237658][T29123] wg1: entered allmulticast mode
[  500.245041][T29123] wg2: entered allmulticast mode
[  500.253455][T29123] veth0_to_bridge: entered allmulticast mode
[  500.263176][T29123] veth1_to_bridge: entered allmulticast mode
[  500.272421][T29123] veth0_to_bond: entered allmulticast mode
[  500.280290][T29123] veth1_to_bond: entered allmulticast mode
[  500.288735][T29123] veth0_to_team: entered allmulticast mode
[  500.297415][T29123] veth1_to_team: entered allmulticast mode
[  500.305772][T29123] veth0_to_batadv: entered allmulticast mode
[  500.313191][T29123] batadv_slave_0: entered allmulticast mode
[  500.320664][T29123] veth1_to_batadv: entered allmulticast mode
[  500.328476][T29123] batadv_slave_1: entered allmulticast mode
[  500.335638][T29123] xfrm0: entered allmulticast mode
[  500.341873][T29123] veth0_to_hsr: entered allmulticast mode
[  500.348866][T29123] hsr_slave_0: entered allmulticast mode
[  500.355514][T29123] veth1_to_hsr: entered allmulticast mode
[  500.364741][T29123] hsr_slave_1: entered allmulticast mode
[  500.371674][T29123] hsr0: entered allmulticast mode
[  500.377667][T29123] veth1_virt_wifi: entered allmulticast mode
[  500.384929][T29123] veth0_virt_wifi: entered allmulticast mode
[  500.392561][T29123] veth1_vlan: entered allmulticast mode
[  500.399452][T29123] veth0_vlan: entered allmulticast mode
[  500.408484][T29123] vlan0: entered allmulticast mode
[  500.413814][T29123] vlan1: entered allmulticast mode
[  500.419620][T29123] macvlan0: entered allmulticast mode
[  500.426974][T29123] macvlan1: entered allmulticast mode
[  500.433476][T29123] ipvlan0: entered allmulticast mode
[  500.438884][T29123] ipvlan1: entered allmulticast mode
[  500.444957][T29123] veth1_macvtap: entered allmulticast mode
[  500.451736][T29123] veth0_macvtap: entered allmulticast mode
[  500.459104][T29123] macvtap0: entered allmulticast mode
[  500.465836][T29123] macsec0: entered allmulticast mode
[  500.472160][T29123] geneve0: entered allmulticast mode
[  500.480153][T29123] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  500.489787][T29123] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  500.498849][T29123] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  500.507837][T29123] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  500.516920][T29123] geneve1: entered allmulticast mode
[  500.523949][T29123] netdevsim netdevsim8 netdevsim0: entered allmulticast mode
[  500.534039][T29123] netdevsim netdevsim8 netdevsim1: entered allmulticast mode
[  500.544961][T29123] netdevsim netdevsim8 netdevsim2: entered allmulticast mode
[  500.553985][T29123] netdevsim netdevsim8 netdevsim3: entered allmulticast mode
[  500.600880][T29141] loop8: detected capacity change from 0 to 128
[  500.666941][T29152] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  500.675285][T29152] SELinux: failed to load policy
[  500.679245][T29154] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[  500.694805][T29152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  500.703714][T29152] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  500.731776][T29158] netlink: 132 bytes leftover after parsing attributes in process `syz.8.8901'.
[  501.197978][T29178] FAULT_INJECTION: forcing a failure.
[  501.197978][T29178] name failslab, interval 1, probability 0, space 0, times 0
[  501.210798][T29178] CPU: 1 UID: 0 PID: 29178 Comm: syz.0.8910 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  501.222803][T29178] Tainted: [W]=WARN
[  501.226636][T29178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  501.236869][T29178] Call Trace:
[  501.240146][T29178]  <TASK>
[  501.243090][T29178]  dump_stack_lvl+0xf2/0x150
[  501.247721][T29178]  dump_stack+0x15/0x20
[  501.251974][T29178]  should_fail_ex+0x223/0x230
[  501.256704][T29178]  should_failslab+0x8f/0xb0
[  501.261369][T29178]  kmem_cache_alloc_node_noprof+0x59/0x320
[  501.267320][T29178]  ? __alloc_skb+0x10b/0x310
[  501.271962][T29178]  __alloc_skb+0x10b/0x310
[  501.276429][T29178]  ? audit_log_start+0x34c/0x6b0
[  501.281555][T29178]  audit_log_start+0x368/0x6b0
[  501.286355][T29178]  audit_seccomp+0x4b/0x130
[  501.290913][T29178]  __seccomp_filter+0x6fa/0x1180
[  501.295964][T29178]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  501.301716][T29178]  ? vfs_write+0x596/0x920
[  501.306215][T29178]  __secure_computing+0x9f/0x1c0
[  501.311327][T29178]  syscall_trace_enter+0xd1/0x1f0
[  501.316418][T29178]  ? fpregs_assert_state_consistent+0x83/0xa0
[  501.322517][T29178]  do_syscall_64+0xaa/0x1c0
[  501.327156][T29178]  ? clear_bhb_loop+0x55/0xb0
[  501.331839][T29178]  ? clear_bhb_loop+0x55/0xb0
[  501.336524][T29178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.342522][T29178] RIP: 0033:0x7f942f850809
[  501.346961][T29178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.366584][T29178] RSP: 002b:00007f942dec7058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  501.375075][T29178] RAX: ffffffffffffffda RBX: 00007f942fa15fa0 RCX: 00007f942f850809
[  501.383051][T29178] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000009
[  501.391030][T29178] RBP: 00007f942dec70a0 R08: 0000000000000010 R09: 0000000000000000
[  501.399009][T29178] R10: 000000002002eff0 R11: 0000000000000246 R12: 0000000000000001
[  501.407087][T29178] R13: 0000000000000000 R14: 00007f942fa15fa0 R15: 00007ffc15c0b5d8
[  501.415147][T29178]  </TASK>
[  501.525099][T29188] netlink: 132 bytes leftover after parsing attributes in process `syz.6.8915'.
[  501.738653][T29207] FAULT_INJECTION: forcing a failure.
[  501.738653][T29207] name failslab, interval 1, probability 0, space 0, times 0
[  501.751630][T29207] CPU: 1 UID: 0 PID: 29207 Comm: syz.0.8921 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  501.755399][T29209] loop8: detected capacity change from 0 to 512
[  501.763580][T29207] Tainted: [W]=WARN
[  501.763593][T29207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  501.763610][T29207] Call Trace:
[  501.763618][T29207]  <TASK>
[  501.763684][T29207]  dump_stack_lvl+0xf2/0x150
[  501.772912][T29209] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  501.773777][T29207]  dump_stack+0x15/0x20
[  501.798108][T29209] EXT4-fs (loop8): 1 truncate cleaned up
[  501.804432][T29207]  should_fail_ex+0x223/0x230
[  501.804479][T29207]  should_failslab+0x8f/0xb0
[  501.804525][T29207]  __kmalloc_noprof+0xab/0x3f0
[  501.804562][T29207]  ? security_prepare_creds+0x53/0x120
[  501.804673][T29207]  security_prepare_creds+0x53/0x120
[  501.804711][T29207]  prepare_creds+0x346/0x480
[  501.804749][T29207]  join_session_keyring+0x19/0x2a0
[  501.804781][T29207]  lookup_user_key+0x3ef/0xdf0
[  501.804852][T29207]  ? should_fail_ex+0xd7/0x230
[  501.804883][T29207]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  501.804922][T29207]  __se_sys_add_key+0x24b/0x320
[  501.805004][T29207]  ? fput+0x1c4/0x200
[  501.805038][T29207]  __x64_sys_add_key+0x67/0x80
[  501.805145][T29207]  x64_sys_call+0x2964/0x2dc0
[  501.805178][T29207]  do_syscall_64+0xc9/0x1c0
[  501.810033][T29209] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  501.814964][T29207]  ? clear_bhb_loop+0x55/0xb0
[  501.814993][T29207]  ? clear_bhb_loop+0x55/0xb0
[  501.815049][T29207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.815092][T29207] RIP: 0033:0x7f942f850809
[  501.815112][T29207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.939519][T29207] RSP: 002b:00007f942dea6058 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  501.948169][T29207] RAX: ffffffffffffffda RBX: 00007f942fa16080 RCX: 00007f942f850809
[  501.956186][T29207] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000020000040
[  501.964260][T29207] RBP: 00007f942dea60a0 R08: fffffffffffffffd R09: 0000000000000000
[  501.972399][T29207] R10: 000000000000001c R11: 0000000000000246 R12: 0000000000000001
[  501.980380][T29207] R13: 0000000000000000 R14: 00007f942fa16080 R15: 00007ffc15c0b5d8
[  501.988368][T29207]  </TASK>
[  501.996426][ T3399] usb usb8-port2: unable to enumerate USB device
[  502.042257][T24567] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  502.102708][T29222] syzkaller0: entered allmulticast mode
[  502.116660][T29223] loop9: detected capacity change from 0 to 512
[  502.123627][T29223] EXT4-fs: Ignoring removed oldalloc option
[  502.130089][T29223] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  502.141577][T29223] EXT4-fs (loop9): 1 truncate cleaned up
[  502.147883][T29223] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  502.188540][T29224] @: renamed from bond0
[  502.681907][T29254] netlink: 132 bytes leftover after parsing attributes in process `syz.6.8939'.
[  502.712784][T29259] ==================================================================
[  502.721000][T29259] BUG: KCSAN: data-race in mas_replace_node / mtree_range_walk
[  502.728568][T29259] 
[  502.731070][T29259] write to 0xffff888103441d00 of 8 bytes by task 29258 on cpu 0:
[  502.738796][T29259]  mas_replace_node+0x1b8/0x430
[  502.743666][T29259]  mas_wr_store_entry+0x1fbf/0x2d10
[  502.748875][T29259]  mas_store_prealloc+0x6bf/0x960
[  502.753931][T29259]  vma_complete+0x3a7/0x760
[  502.758447][T29259]  __split_vma+0x5d6/0x6a0
[  502.762882][T29259]  vma_modify+0xd3/0x1e0
[  502.767155][T29259]  vma_modify_flags+0xf1/0x120
[  502.771952][T29259]  mprotect_fixup+0x31a/0x5e0
[  502.776656][T29259]  do_mprotect_pkey+0x653/0x960
[  502.781529][T29259]  __x64_sys_mprotect+0x48/0x60
[  502.786399][T29259]  x64_sys_call+0x2770/0x2dc0
[  502.791098][T29259]  do_syscall_64+0xc9/0x1c0
[  502.795619][T29259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.801532][T29259] 
[  502.803860][T29259] read to 0xffff888103441d00 of 8 bytes by task 29259 on cpu 1:
[  502.811495][T29259]  mtree_range_walk+0x33d/0x460
[  502.816359][T29259]  mas_walk+0x16e/0x320
[  502.820628][T29259]  lock_vma_under_rcu+0x95/0x260
[  502.825579][T29259]  exc_page_fault+0x150/0x650
[  502.830279][T29259]  asm_exc_page_fault+0x26/0x30
[  502.835149][T29259] 
[  502.837474][T29259] value changed: 0xffff88810418170e -> 0xffff888103441d00
[  502.844582][T29259] 
[  502.846909][T29259] Reported by Kernel Concurrency Sanitizer on:
[  502.853061][T29259] CPU: 1 UID: 0 PID: 29259 Comm: syz.6.8942 Tainted: G        W          6.12.0-syzkaller-10296-gaaf20f870da0 #0
[  502.864971][T29259] Tainted: [W]=WARN
[  502.869043][T29259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  502.879114][T29259] ==================================================================
[  503.081241][T24308] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.