last executing test programs:

4m14.876699906s ago: executing program 2 (id=326):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x200000000004}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

4m14.810260061s ago: executing program 2 (id=327):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000240)="390000001300034700ab65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000ea", 0x3a}], 0x1)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000080)="200000001300034700bb65e1c3e4ffff01000000010000005600000025000000", 0x20}], 0x1)
setsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r4}, 0x18)
quotactl_fd$Q_GETFMT(0xffffffffffffffff, 0xffffffff80000401, 0x0, 0x0)

4m14.672465113s ago: executing program 2 (id=329):
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000b40)={@cgroup, 0xffffffffffffffff, 0x19, 0x2011}, 0x20)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0xfffffffffffff001}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="5953fdfffffffddbdf256b"], 0x38}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
request_key(0x0, 0x0, 0x0, 0x0)
mq_open(&(0x7f0000000a00)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xeeux\x00\xbf@\xf4\x1c\xbce\xca\x97\xd5pkv\x88L\xe8$\xef\xfeI\xdaW1\xfcg\xa1\xdb$,0y$\xcd{zl.\xae\x805\xa8\xd6\x85\x15\xd2\x0e~\xcc\x90\x97\xe8h\v\x1a9X\a\xca{\x11#\x95m{U\xe5-\xabRw\xcafy\xe6\aNhX4Ll[\x14\x15<z\xb2\x03d\xad\x925\xbfP\x1b\xea\vt\xe9C\xe9\xb4R\x85*\xdc\xc4@\xee\xd2\xae\x06\x1a\xe1\xd2s\x01\xb8\xf3\xf2\rr\x01mq\xd2\xaf\xe2{\xe4\x1a\xd3Z\x01C\xfbW', 0x6e93ebbbcc0884f2, 0x1c4, &(0x7f0000000040)={0x0, 0x1, 0x4, 0x3})
r6 = socket(0x10, 0x3, 0x0)
connect$netlink(r6, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f0000002140)=@newtaction={0x18, 0x32, 0x829, 0x70bd2c, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0)

4m14.637049035s ago: executing program 2 (id=334):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
socket$packet(0x11, 0x2, 0x300)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x18, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r0], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0xf, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r4 = io_uring_setup(0xcaf, &(0x7f0000000400)={0x0, 0xf63e, 0x2, 0x3, 0x163})
io_uring_register$IORING_REGISTER_BUFFERS2(r4, 0xf, &(0x7f0000000280)={0x2, 0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)=""/58, 0x3a}, {&(0x7f00000004c0)=""/87, 0x57}], &(0x7f00000007c0)=[0x8b, 0x6, 0x1, 0x2f, 0x40, 0x7, 0x5, 0x40, 0x1]}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x1f)
r5 = open(&(0x7f00000005c0)='./bus\x00', 0x1e18c2, 0x118)
pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r6 = socket$packet(0x11, 0xa, 0x300)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600a00, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
mmap(&(0x7f0000cb8000/0x2000)=nil, 0x2000, 0x2000001, 0x10, 0xffffffffffffffff, 0x4d88d000)
futex(0x0, 0x85, 0x0, 0x0, &(0x7f0000000080)=0x1, 0x1ffffff)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x300}, 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x80044940, &(0x7f0000001fc0)={0x0, ""/256, <r10=>0x0, <r11=>0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r12=>0x0, <r13=>0x0, <r14=>0x0, <r15=>0x0})
syz_mount_image$msdos(&(0x7f00000003c0), &(0x7f0000000340)='.\x00', 0x126a4b5, &(0x7f0000004140)=ANY=[@ANYRES16=r15, @ANYRES64=r13, @ANYRES16=r12, @ANYRES16=r15, @ANYRESDEC=r14, @ANYRES16=r11, @ANYRES16, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRESHEX=0x0, @ANYRES32=r10], 0x5, 0x0, &(0x7f0000000000))
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000c00)={<r16=>0x0, 0xabe7, 0x9})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r6, 0x50009418, &(0x7f0000001600)={{r7}, r15, 0x2, @unused=[0x7, 0xf70, 0x80000000, 0x4e1], @devid=r16})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$BLKTRACESETUP(r9, 0xc0481273, &(0x7f0000000840)={'\x00', 0xf, 0x0, 0x2, 0x7, 0xc, r8})

4m14.170812624s ago: executing program 2 (id=345):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x200000000004}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

4m13.148606586s ago: executing program 0 (id=376):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000480), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0702000000000000000001000000040008802c000480050003000100000005000300000000000500030001e97a0d6e00030000000000050003000500000008000100030000000800020001"], 0x54}}, 0x880)
r2 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0)
ioctl$EVIOCGLED(r2, 0x80284504, &(0x7f00000002c0)=""/71)

4m13.147777636s ago: executing program 0 (id=377):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6}]}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540), r3)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01400000000200000000067400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a733000080002000000e6ff07000700263a3a0914000600626f6e643000000000"], 0x78}, 0x1, 0xffffffff00000003}, 0x0)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00'}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r6 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000680), 0x1, 0x0)
write$selinux_validatetrans(r6, &(0x7f0000001cc0)=ANY=[@ANYBLOB='system_u:object_r:semanage_t system_u:object_r:fixed_disk_device_t:s0 00000000000w'], 0x79)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6}]}, 0x10)
recvmmsg(r5, &(0x7f0000001a40)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)=""/65, 0x41}], 0x1}, 0x81}, {{0x0, 0x0, &(0x7f0000001240), 0x0, &(0x7f0000001280)=""/228, 0xe4}, 0x5}, {{&(0x7f0000001380)=@hci, 0x80, &(0x7f0000001580)=[{&(0x7f0000001400)=""/104, 0x68}, {&(0x7f0000001480)=""/244, 0xf4}], 0x2, &(0x7f00000015c0)=""/212, 0xd4}, 0xe2bd}, {{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f00000016c0)=""/1, 0x1}, {&(0x7f0000001700)=""/24, 0x18}, {&(0x7f0000001740)=""/151, 0x97}, {&(0x7f0000001800)=""/205, 0xcd}], 0x4, &(0x7f0000001940)=""/206, 0xce}, 0x1}], 0x4, 0xc0000102, &(0x7f0000001b80)={0x77359400})

4m12.648348007s ago: executing program 0 (id=381):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket(0x2, 0x80805, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@getchain={0x24, 0x66, 0x100, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xd, 0xffff}, {0x2, 0xfff2}, {0x0, 0x8}}}, 0x24}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x7fff, 0x0, {0x0, 0x1}, {0x4a, 0x2}, @period={0x5d, 0xa370, 0x0, 0x7f, 0x81, {0x1, 0x3, 0x4, 0xffff}, 0x0, 0x0}})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYRESDEC, @ANYRES16, @ANYRES64, @ANYRESHEX, @ANYRES64, @ANYRES64], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000f00)=ANY=[@ANYRESOCT, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000090085000000820000009515635444e599f8aeee7456ccb79e1a06b9e8a00219c4bac8583c8081d5e6062c4725b725aa4ab8ae237918924cee76b8fcdb94519da56ad4fd7141b5382cdd854043850ffa1329de7ac6aee7c74da74a2db122d444457cf2d2a5bda974100b8df272dcea19fa9778bf6358f5b1ee8a3f30a232dff123b9592003599bf6faaf34fc30069e45f557cbe642cd07c124c609a92c03e4b69635538782fbeca900edce26bcd76d9c2149abd7def51c71d84572f4bb03fd713dcd7c68bf5307af91b349df32abef72ab1a844d5fff13b0fa7841d4592083d0cdbe84e32bccd5ed29bab00cd069009e7b4297908f24a7c32db55e4c36b7180cf4d8dfcc2e413ecd1d61d61063aaa609cd8fd133a7d366e05e19a83597b3b2fe8f6afc53225c5ef273652c74cfbbef12a7128e32eff6cf1d045bafd632455089d1d3b6433193cb4a058c808ed9c72ba2f97d00c6e04bb8521db832b9b9fa7e0c0dfa7c71955cb43d697177f01c71bc546dc39f932f2a8d03c5822dd85dd53108a1e4a7704043"], &(0x7f0000000200)='GPL\x00', 0x100, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_int(r3, 0x0, 0x7, &(0x7f0000000080)=0xefa, 0x4)
syz_emit_ethernet(0x2a, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004500001c000000000011907800000001d0a26b409f4b070954fc62b8"], 0x0)
setsockopt$inet_int(r3, 0x0, 0x14, &(0x7f00000000c0)=0x800004, 0x4)
recvmmsg(r3, &(0x7f0000008100)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x0)
r4 = socket$rxrpc(0x21, 0x2, 0x2)
connect$rxrpc(r4, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast1}}, 0x24)
sendmsg$inet(r4, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYRESOCT=r2], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r7 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r7, 0x0)
write$selinux_load(r6, &(0x7f0000000000)=ANY=[], 0xffa8)
umount2(&(0x7f0000000580)='./file0\x00', 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)

4m11.748755529s ago: executing program 2 (id=393):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x200000000004}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

4m11.748416749s ago: executing program 32 (id=393):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x200000000004}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

4m11.748258449s ago: executing program 0 (id=395):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x200000000004}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

4m11.713744052s ago: executing program 0 (id=397):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000340)='writeback_pages_written\x00', r1, 0x0, 0x3ff}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x180, 0x10000, 0x7, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x20000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={0x0, r4, 0x0, 0xffffffffffffffff}, 0x18)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305839, 0x0)
r5 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x1d, r5, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000000)=@chain)
perf_event_open(&(0x7f0000000180)={0x1, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x6, 0xffffffffffffffff, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
dup(r6)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioperm(0x0, 0x100, 0x7)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x182, 0x0)
close(r7)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r8, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r7, 0x40047451, &(0x7f0000000180))

4m11.580096333s ago: executing program 0 (id=399):
r0 = socket(0x22, 0x2, 0x27)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
open(&(0x7f0000000280)='.\x00', 0x0, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r5=>0x0})
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r6, &(0x7f0000000080)={0x1d, r5}, 0x18)
sendmsg$can_j1939(r6, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, 0x0, 0x0, {0x1, 0xff}}, 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1}, 0x1, 0x0, 0x0, 0x40c1}, 0xee)
setsockopt$SO_J1939_FILTER(r6, 0x6b, 0x1, &(0x7f00000003c0)=[{0x2, 0x2, {0x2, 0xf, 0x6}, {0x1, 0xf0, 0x1}, 0x0, 0xfe}, {0x0, 0x2, {0x0, 0xf0}, {0x0, 0x1, 0x2}, 0x0, 0xfe}], 0x40)
sendmsg$nl_route_sched(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x101, 0x70bd25, 0x100000, {0x0, 0x0, 0x74, r5, {0xa, 0x8}, {0x5, 0xfff3}, {0xfff1, 0x6}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x40}, 0xc4)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r4, 0x8983, 0x0)
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
sendmsg$rds(r7, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000440)="278ff00688ec", &(0x7f00000004c0)="3bdfc1abf7c5b35142ff334d9caa3f5a42fcaf3af0fe2c75958348aa6937584afd1e66f923664e98cfedc5342153822162ca7560deb26ae741e8a09b082ea90691d3e0abcfd534e88a2dfb887b66866709661e6ea782547643159cff3abcf9b6180732dfe838d6e333ee1cfa107e904f2125a5e7ef8112158c545df697dc25df0225238828cb75dc7e8c9df8372f042c421574de8ab8d394e461a7fffecf0334f8cceddee7"}}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{}, {0x77359400}}, 0x0)
timer_create(0x5, &(0x7f0000000280)={0x0, 0x2a, 0x1, @thr={0x0, 0x0}}, 0x0)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000002c0)=""/151, &(0x7f0000000400)=0x97)
timer_gettime(0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x79, 0x0, r3, 0x0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0, 0x81, 0x1080a422012f758f})

3m56.52018196s ago: executing program 33 (id=399):
r0 = socket(0x22, 0x2, 0x27)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
open(&(0x7f0000000280)='.\x00', 0x0, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r5=>0x0})
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r6, &(0x7f0000000080)={0x1d, r5}, 0x18)
sendmsg$can_j1939(r6, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, 0x0, 0x0, {0x1, 0xff}}, 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1}, 0x1, 0x0, 0x0, 0x40c1}, 0xee)
setsockopt$SO_J1939_FILTER(r6, 0x6b, 0x1, &(0x7f00000003c0)=[{0x2, 0x2, {0x2, 0xf, 0x6}, {0x1, 0xf0, 0x1}, 0x0, 0xfe}, {0x0, 0x2, {0x0, 0xf0}, {0x0, 0x1, 0x2}, 0x0, 0xfe}], 0x40)
sendmsg$nl_route_sched(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x101, 0x70bd25, 0x100000, {0x0, 0x0, 0x74, r5, {0xa, 0x8}, {0x5, 0xfff3}, {0xfff1, 0x6}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x40}, 0xc4)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r4, 0x8983, 0x0)
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
sendmsg$rds(r7, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000440)="278ff00688ec", &(0x7f00000004c0)="3bdfc1abf7c5b35142ff334d9caa3f5a42fcaf3af0fe2c75958348aa6937584afd1e66f923664e98cfedc5342153822162ca7560deb26ae741e8a09b082ea90691d3e0abcfd534e88a2dfb887b66866709661e6ea782547643159cff3abcf9b6180732dfe838d6e333ee1cfa107e904f2125a5e7ef8112158c545df697dc25df0225238828cb75dc7e8c9df8372f042c421574de8ab8d394e461a7fffecf0334f8cceddee7"}}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{}, {0x77359400}}, 0x0)
timer_create(0x5, &(0x7f0000000280)={0x0, 0x2a, 0x1, @thr={0x0, 0x0}}, 0x0)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000002c0)=""/151, &(0x7f0000000400)=0x97)
timer_gettime(0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x79, 0x0, r3, 0x0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0, 0x81, 0x1080a422012f758f})

3m34.399121237s ago: executing program 1 (id=1097):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000005c0)={'#! ', '', [], 0xa, "f2949381f99a1e262595f16ae1eb642fc7e17bdfd9e5ef9e8de08665d159e3bb6472eb34e476510157a7f2d98613f3a79c8e0399ab33b6a7030f10b028af44ef340f9a033f07354b02823eec81991908bd1d0b2f1b4e281c97b9d395c4c9b617d47a6254ff53e2178f610471b983b77d922d91dfbbd67019ed33bfd205c2373cf1ffb72cb0a57091c76a51e70b5c25fe"}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70500000800000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000ec0)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7, 0x0, 0x2}, 0x18)
mlockall(0x3)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000100), 0x1, 0x599, &(0x7f0000000540)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x91)
pwrite64(r8, &(0x7f0000000140)='2', 0xfdef, 0xc00)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d80)={r7, 0xe0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000180)=[0x0, 0x0, 0x0], ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x5, 0x6, &(0x7f0000000b00)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000b40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x68, &(0x7f0000000b80)=[{}], 0x8, 0x10, &(0x7f0000000bc0), &(0x7f0000000c00), 0x8, 0x55, 0x8, 0x8, &(0x7f0000000c40)}}, 0x10)
r10 = getuid()
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000dc0)={{{@in6=@private1, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e23, 0x0, 0x4e21, 0xff, 0x2, 0x0, 0xa0, 0x8, r9, r10}, {0x1, 0xfffffffffffffff7, 0x1, 0x71, 0x3, 0x6, 0x7f}, {0x80000001, 0x3, 0x9, 0x9}, 0x6, 0x6e6bb3, 0x0, 0x1, 0x3}, {{@in=@local, 0x4d5, 0x33}, 0x2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x2, 0x1, 0x5, 0x5, 0xfff, 0x1}}, 0xe8)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f00)=ANY=[@ANYBLOB="2c0000000408fc000000000000000000050000020900010073797a30000000000900010073797a3100000000"], 0x2c}}, 0x8000050)

3m32.338655173s ago: executing program 1 (id=1119):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_ALLOC_STREAMS(r2, 0x8008551c, &(0x7f0000000580)=ANY=[@ANYBLOB="06e0000001"])
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)

3m32.26370301s ago: executing program 1 (id=1121):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000003, 0x810, r0, 0x180000000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")

3m32.033627138s ago: executing program 1 (id=1130):
r0 = geteuid()
setreuid(r0, r0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000c40)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@dioread_lock}, {@data_err_ignore}, {@discard}, {@data_err_ignore}, {@grpquota}, {@nombcache}, {@user_xattr}, {@mb_optimize_scan}, {@errors_remount}], [{@hash}, {@euid_eq={'euid', 0x3d, r0}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'grpquota'}}, {@dont_hash}, {@smackfsroot={'smackfsroot', 0x3d, '\''}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x143142, 0x40)
syz_mount_image$ext4(&(0x7f0000002180)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x1008802, &(0x7f0000000180)={[{@resgid={'resgid', 0x3d, 0xee01}}, {@abort}, {@discard}, {@max_batch_time={'max_batch_time', 0x3d, 0xac9}}, {@data_ordered}, {@mblk_io_submit}, {@usrquota}, {@init_itable}, {@errors_remount}, {}, {@auto_da_alloc}]}, 0x9, 0x606, &(0x7f0000000600)="$eJzs3c1vVFUbAPDnTD9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFoIUaGiNFk0oCW5MjBtjTFy5EP8LJbJlpW5cuHFlSIgaliaOudM7pdPeaenH9Fbm90uGnnvu3J5zpzxzzj1zzp0A2tZg9k8lYn9ETKeI/jS/uK8z8p2DC8978OeHZ7NHimr1td9TpDyv/vyU/+zLD+6JiB++T7GvY2W5M3PXLo5PTU1ezbeHZy9ND8/MXTt84dL4+cnzk5dHXxg9cfzY8RMjRzZ0XtcL8k7ffOe9/o/H3vz6y7/SyDe/jKU4GS/nT1x6HltlMAZrr0lauavvxFYXVqLOZdtpeQY7Vkf+9+uKiCeiPzqW/DX746NXSq0c0FLVFFEF2lRaR/xnvYVW1gXYTvV+QP3afvl1cKWUXgmwHe6fWhgAWBn/nQtjg9FTGxvY/SA1jPOkiNjYyFyjPRFx987YzXN3xm5Gi8bhgGLzNyLiyaL4T7X4H4ieGKjFf6Uh/rN+wZn8Z5b/6gZ7CsuHisU/bJ+F+O9ZNf6jSfy/tST+395EHfJLkeu9DfHf6+oDAAAAAAAA1un2qYh4vujz/8ri/J8omP/TFxEnt6D8wWXbKz//r9zbgmKAAvdPRbxUOP+3Uv/8faAjT/2nNh+gK527MDV5JCL+GxGHomtXtj2yShmHP9n3RbN9g/n8v/ojK/9uPhcwr8e9zl2Nx0yMD45v9ryBiPs3Ip4qnP+bFtv/VND+Z+8H049Yxr5nb51ptm/t+AdapfpVxMHC9v/hXSvS6vfnGK71B4brvYKVnv7g02+blb/R+HeLCdi8rP3fvXr8D6Sl9+uZWfXXzRdlHp3rrDY7YGP9/9nx7vR67a5C3Xne++Ozs1dHIrrT6Y4styF/dK1XAR4zPxVn1+OhHi9Z/B96ZvXxv6L+f29BsKc/GtcU1/3/775fm1VT/x/Kk8X/xLra//UnRm8NfNes/Edr/4/V2vpDeU7W/rfuFYF/j8/rYdrdmF8Qjp1Fu7a7vgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOKhExJ5IlaHFdKUyNBTRFxH/i92VqSszs8+du/Lu5YlsX+37/yv1b/rtX9hOte//r2Tph9uj0bh9NCL2RsRnHb217aGzV6Ymyj55AAAAAAAAAAAAAAAAAAAA2CH6mqz/z/zWUXbtgJbrLLsCQGkK4v/HMuoBbD/tP7SvDcV/mt/6igDbTvsP7Uv8Q/sS/9C+xD+0L/EP7WrZOH4qqx4AAAAAAMAW2Xvg9s8pIuZf7K09Mt35vq5Sawa0WqXsCgClcYsfaF+m/kH7co0PrDXrt6fpQZuZLzx9dhMHAwAAAAAAAAAAAEDbObjf+n9oV9b/Q/uy/h/aV339/4GS6wFsP9f4QKyxkr9w/f+aRwEAAAAAAAAAAAAAW2mmuitiamry6szctYvjLUt0R0SLi9h04o2dUY2iRG+LfnO1Wr2e/S8o/QQfj0R9KvxOqc+yRH2t36MdVd57EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OifAAAA//8sxicA")
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x87)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)

3m31.804398877s ago: executing program 1 (id=1138):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES32=r0], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f0000002140)=@newtaction={0x18, 0x32, 0x829, 0x70bd2c, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0)

3m27.942027909s ago: executing program 1 (id=1145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x200000000004}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

3m27.93039422s ago: executing program 34 (id=1145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x200000000004}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='cpu<=0||!')

1m53.523850898s ago: executing program 4 (id=2968):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010020bd7000fbdbdf2526000000180001801400"], 0x2c}}, 0x20000000)

1m53.450805284s ago: executing program 4 (id=2972):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000010080)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x82, &(0x7f0000000c00)=ANY=[@ANYBLOB="0180c2000000ffffffffffff0011dce69e74f47b3cf350d25daa1e1d3f900f02d94dd06563eff795e937723c26c035a3b2d5e0b92f022a266a590fa1781ae52a080edd8b8d2caac0b141b6ab9723093b963b288b5ad7571e752f30e280ad2987a835c69a49125b56f72497e9ce50b926c0d5f6cf2e44c25b426347de6c8d4dd689791fbd97b9c89a4f94ba31736a0b4c9708bee002f81815b3fe19cae706f6965960cd"], &(0x7f0000000180)={0x0, 0x4, [0xad1, 0x220, 0x48c, 0x4d4]})
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000600)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000700)='module_request\x00'}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="30000000034605"], 0x30}, 0x1, 0x0, 0x0, 0x2000c800}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x18)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

1m53.356228971s ago: executing program 4 (id=2975):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x1ff, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0xa)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

1m53.298840826s ago: executing program 4 (id=2978):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000b40)=@newqdisc={0x58, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x20}}, @TCA_RATE={0x6, 0x5, {0x7, 0x9}}]}, 0xfcf1}}, 0xc014) (fail_nth: 7)

1m53.013458809s ago: executing program 4 (id=2982):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
write$binfmt_format(r0, &(0x7f0000000100)='0\x00', 0x2)
write$qrtrtun(r0, &(0x7f0000000180)="04546d752e3e", 0x6)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

1m52.918285966s ago: executing program 4 (id=2991):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x1ff, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0xa)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000300)=ANY=[], 0x15)
r6 = dup(r5)
write$P9_RLERRORu(r6, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])

1m37.65613525s ago: executing program 35 (id=2991):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x1ff, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0xa)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000300)=ANY=[], 0x15)
r6 = dup(r5)
write$P9_RLERRORu(r6, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])

3.157449805s ago: executing program 5 (id=5282):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x41, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

2.390393177s ago: executing program 7 (id=5290):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000040)={[{@noquota}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x800, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c460d04000c028000000000000003003e00ecffffff940200000000002172b4ce359280e2004d02000000000000000000000000380001"], 0x78)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000240)='timer_start\x00', r6}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
write(r3, &(0x7f0000000280)="741426fb561c962f13ca75fc25faa74564933c794802e202f522e3f30181e7f33ce22db4998ca770e25c24bcac23e769d2dff34ee33183b39178daceb8aaa3573f584e10f611df9ebded66fbbb88df4eaca1fbdfa58870c44ac9a4909c86a3385947401c97bad65c7230bb50a731e79215710283f7f89045602f44f2ed83eab63319688bb06e5c8d5472501234cbb8b58e633ac44562456ae742f9f4bc775e110bf67f6d12d3873b19f434ae5e447e4a149d63aae7a348abdd63a134", 0xbc)
sendfile(r3, r2, 0x0, 0x7ffff000)
fallocate(r0, 0x0, 0x0, 0x1001f4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sync()

2.305974404s ago: executing program 5 (id=5291):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00000000002f9078ac1e0001e0000001000086dd00189078140000000000dfff85ddffff00000000d6dfbc68d98f4bfced4945af434aace10e275e8c02"], 0xfdef)

2.205986962s ago: executing program 5 (id=5293):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d214"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x8040)

2.167125575s ago: executing program 5 (id=5295):
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd'])

2.088214512s ago: executing program 5 (id=5298):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x1ff, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0xa)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

2.054420854s ago: executing program 5 (id=5300):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
listen(r1, 0x8)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x80, &(0x7f0000001500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$char_usb(r0, &(0x7f0000000000)="f640ed5ff5bed9a7e05f596e771e1c22944b9a48a076ce3da9f0c15f9e84a35e21f8456e64a5355f8be8d2a259eac3a61fc6ca3f109e7a", 0x37)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x6}, 0x18)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r3)
syz_usb_connect(0x4, 0x24, &(0x7f0000000100)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r3, 0xc0085504, &(0x7f0000000100)=0x2000000d)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000008c0)=ANY=[@ANYBLOB="84010000210001000000000000000000fc020000000000000000000000000000fe80000000000000000000000000003500000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000034011100"], 0x184}}, 0x0)
r5 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r5, &(0x7f00000001c0)={0xa, 0x4e03, 0x86, @mcast1, 0x9}, 0x1c)
write$binfmt_aout(r5, &(0x7f0000000280)=ANY=[], 0x28)

1.935689454s ago: executing program 7 (id=5302):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e85000000070000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ipvlan1\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, 0x0)

1.111113201s ago: executing program 3 (id=5309):
r0 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f42607", 0x29}], 0x1)
read(r0, &(0x7f00000034c0)=""/4074, 0xfea)

1.109580481s ago: executing program 6 (id=5310):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}, 0x1, 0x0, 0x1c010000}, 0x0)

1.052522025s ago: executing program 3 (id=5311):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00000000002f9078ac1e0001e0000001000086dd00189078140000000000dfff85ddffff00000000d6dfbc68d98f4bfced4945af434aace1"], 0xfdef)

1.052291405s ago: executing program 6 (id=5312):
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000cc0))
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
r0 = inotify_init()
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000480)='./file0\x00', 0x103680, 0x20)
r1 = open$dir(&(0x7f0000000140)='./file0\x00', 0x8d66add331ae8978, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
close(0x3)
ftruncate(r2, 0x2000009)
getpeername(0xffffffffffffffff, &(0x7f0000000500)=@pppol2tpv3in6, &(0x7f0000000000)=0x80)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
sendfile(r1, r3, 0x0, 0xa)
r4 = syz_open_procfs$pagemap(0x0, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000100)={0x1f, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000040), 0x0, 0x4, 0xa, 0x0, 0x44, 0x2})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_migrate_pages_start\x00', r2, 0x0, 0x7}, 0x18)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0xa)
vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f00000002c0)="761b5d0fdc8e8585c6cc19c149bc5c0ece3a270134425fe6d3c34ce8fddc8dd7ff06486520fd18", 0x27}, {0x0}, {&(0x7f0000000540)}], 0x3, 0xf)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet_smc(0x2b, 0x1, 0x0)
r5 = socket(0x80000000000000a, 0x2, 0x2)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000340)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x6}}, {{0xa, 0xfffe, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}}}, 0x108)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x369842)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2c, &(0x7f0000000580)={0x0, {{0xa, 0x0, 0x103, @mcast1}}, {{0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, '\x00', 0x38}, 0x20200000}}}, 0x108)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2b, &(0x7f0000000200)={0x1, {{0xa, 0x4e24, 0x0, @rand_addr=' \x01\x00'}}, {{0xa, 0x0, 0xa4ffffff, @rand_addr=' \x01\x00', 0xff}}}, 0x108)
socket$packet(0x11, 0x3, 0x300)

1.031962397s ago: executing program 7 (id=5313):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xd2, 0xd2, 0x6, [@type_tag={0xd, 0x0, 0x0, 0x12, 0x2}, @datasec={0xe, 0x4, 0x0, 0xf, 0x2, [{0x5, 0x5, 0x6}, {0x1, 0x2307, 0x80}, {0x5, 0xc, 0xfffffeff}, {0x4, 0x3ff, 0x800}], "f6b0"}, @fwd={0x8}, @decl_tag={0x2, 0x0, 0x0, 0x11, 0x5, 0x8}, @var={0xa, 0x0, 0x0, 0xe, 0x5}, @func_proto={0x0, 0xa, 0x0, 0xd, 0x0, [{0x8, 0x4}, {0xa, 0x1}, {0xa, 0x1}, {0x9}, {0x3}, {0xe, 0x4}, {0xd, 0x3}, {0xc, 0x4}, {0x7, 0x5}, {0x9, 0x1}]}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, &(0x7f0000000240)=""/146, 0xf2, 0x92, 0x0, 0x93}, 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, &(0x7f0000000500)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
munlock(&(0x7f0000002000/0x1000)=nil, 0x1000)

992.09479ms ago: executing program 7 (id=5314):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x1ff, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0xa)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfd', @ANYRESHEX=r4])

989.55152ms ago: executing program 3 (id=5315):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10)
bind$tipc(r2, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x402}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0xf5, 0x1}, 0x10)

931.526895ms ago: executing program 3 (id=5316):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x81)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000580), r2)
sendmsg$NET_DM_CMD_STOP(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r3, 0x1, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x4040004)
dup3(r0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
write$P9_RREADLINK(r1, &(0x7f0000000040)={0xe, 0x17, 0x1, {0x5, './bus'}}, 0xe)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r5, 0x0, 0x401}, 0x18)
move_mount(r0, &(0x7f0000000100)='./bus\x00', r1, &(0x7f00000000c0)='./bus\x00', 0x14)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r7, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
ioctl$int_in(r7, 0x5421, &(0x7f0000000100)=0x9)
connect$inet(r7, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r9, 0x0, 0x7}, 0x18)
close(r7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000003640)='kfree\x00', r10, 0x0, 0x400}, 0x18)
pipe2(&(0x7f0000001cc0)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x2, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r11, @ANYBLOB=',wfdno=', @ANYRESHEX=r12, @ANYBLOB="dd8e721839c10000000000000000"])

927.556315ms ago: executing program 7 (id=5317):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x41, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

918.940476ms ago: executing program 8 (id=5318):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000008040000cd00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0}, &(0x7f00000004c0), &(0x7f0000000580)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r3, 0x6)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r5 = epoll_create1(0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/slabinfo\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000200))
ioctl$PPPIOCBRIDGECHAN(r4, 0x40047435, &(0x7f0000000080))
ioctl$sock_inet_tcp_SIOCINQ(r3, 0x541b, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mkdir(&(0x7f00000003c0)='./file0\x00', 0x12c)
utime(&(0x7f0000000100)='./file0\x00', 0x0)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb57ae0fffc5a2a630b00c145", 0x18, 0xffffffffffffffff)

872.06471ms ago: executing program 8 (id=5319):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d214"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x8040)

871.60251ms ago: executing program 8 (id=5320):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x1a, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000000000000000000095"], &(0x7f00000007c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x805, 0x0)
getsockopt$bt_hci(r2, 0x84, 0x85, &(0x7f0000000080)=""/4060, &(0x7f00000010c0)=0xfdc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x8040)

841.000552ms ago: executing program 8 (id=5321):
r0 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f42607", 0x29}], 0x1)
read(r0, &(0x7f00000034c0)=""/4074, 0xfea)

804.010805ms ago: executing program 8 (id=5322):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd'])

803.588415ms ago: executing program 8 (id=5323):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e85000000070000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ipvlan1\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8946, 0x0)

152.510888ms ago: executing program 6 (id=5324):
r0 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dddbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}, {0x1, 0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}, {&(0x7f00000000c0)="fefc06c431ad02b4830274c1d9f556aff1d4b044e5a8e572fbff0000", 0x1c}, {&(0x7f0000000100)="1a61b1bd6dda7c6a8778a9a10bc874b37416d8a49e414df6c99a1cdd9f21a61c585f5122e2fef101bdee703ad7cde0844899e6ffe19eadaf849eb0e6eaa45c1665a4324d0d2333eaadb05d6e30b997e5275185f9155cd665d43bcecace2c931e955393f5bea0cb88f7081b8756245da3466746aad545", 0x76}], 0x3)
read(r0, &(0x7f00000034c0)=""/4074, 0xfea)

135.675469ms ago: executing program 6 (id=5325):
r0 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dddbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}, {0x1, 0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}, {&(0x7f00000000c0)="fefc06c431ad02b4830274c1d9f556aff1d4b044e5a8e572fbff0000", 0x1c}, {&(0x7f0000000100)="1a61b1bd6dda7c6a8778a9a10bc874b37416d8a49e414df6c99a1cdd9f21a61c585f5122e2fef101bdee703ad7cde0844899e6ffe19eadaf849eb0e6eaa45c1665a4324d0d2333eaadb05d6e30b997e5275185f9155cd665d43bcecace2c931e955393f5bea0cb88f7081b8756245da3466746aad545", 0x76}], 0x3)
read(r0, &(0x7f00000034c0)=""/4074, 0xfea)

69.629674ms ago: executing program 7 (id=5326):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00000000002f9078ac1e0001e0000001000086dd00189078140000000000dfff85ddffff00000000d6dfbc68d98f4bfced4945af434aace10e275e"], 0xfdef)

43.534917ms ago: executing program 6 (id=5327):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10)
bind$tipc(r2, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x402}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0xf5, 0x1}, 0x10)

23.997808ms ago: executing program 3 (id=5328):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x1ff, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0xfffffffd, 0x0, 0x8}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0xa)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno', @ANYRESHEX=r4])

23.679468ms ago: executing program 6 (id=5329):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x2)
readv(r2, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)

0s ago: executing program 3 (id=5330):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) (async)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) (async, rerun: 64)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) (async)
syz_mount_image$msdos(&(0x7f00000011c0), &(0x7f0000001200)='./file0\x00', 0x2000010, &(0x7f0000000040)=ANY=[@ANYBLOB='allow_utime=00000000000000004,\x00\x00\x00\x00\x00\x00\x00'], 0x1, 0x11a7, &(0x7f0000002440)="$eJzs209rI2UcB/Bfa7U1tbX+q7YXH/Sil8H24EG8FGlBGlDaRmgFYUpTDYlJyOSQiIeePfk6xKM3QX0DfRfeiiB66WlnabPbbkv3sLtsA7ufzyVf+Gbg+THwwDPMnHz68/fNwyI7zPsxOTERk92IdJoixWTcdxQf/vnJ/z9t7+5trlWr61spbaztrHycUpp/94+vf/z1vb/6s1/9Nv/7dBwvfHPy7+rfx4vHSyd3dr5rFKlRpHann/K03+n08/1WPR00imaW0petel7UU6Nd1HtX+sNWp9sdprx9MFfp9upFkfL2MDXrw9TvpH5vmPJv80Y7ZVmW5irBk6j9clqWZURZvhgvRVmW5ctRidl4JeZiPl6NhXgtXo834s14Kxbj7Xgnls7/Ne51AwAAAAAAAAAAAAAAAAAAwLPF9/8AAAAAAAAAAAAAAAAAAAAwftu7e5tr1er6VkozEf8cDWqD2uh31G98Xl3/KJ1buLzqv8Gg9sJFvzLq09V+Oir3+tUb+5n44P1Rf9Z99kX1Wr8cB09/fAAAAHguZOnCjef7LHtYP0oPPB+4dn6fiuWpWxuDx1QMf2jmrVa9JwiC0DrbtM/CuHcmbsPl3R/3SgAAAAAAAAAAAHgUt/Fe4bhnBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7rIDxwIAAAAAwvyt0+jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgqwAAAP//p1h2bw==") (async)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x80000, 0x0)
getdents64(r4, &(0x7f0000000080)=""/31, 0x1f)
getdents64(r4, 0xfffffffffffffffe, 0x63)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async, rerun: 64)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]}) (rerun: 64)
r5 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
fremovexattr(r5, &(0x7f0000000500)=@known='trusted.overlay.opaque\x00')
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0) (async, rerun: 64)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0xa1041e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1") (async, rerun: 64)
sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000580), 0xffffffffffffffff) (rerun: 32)
sendmsg$TIPC_NL_BEARER_ADD(r7, &(0x7f0000000c00)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000005c0)={&(0x7f0000000b00)={0xc4, r8, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0xb0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}}, {0x14, 0x2, @in={0x2, 0x4e23, @rand_addr=0x64010101}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5f}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @local}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x7b1, @private0={0xfc, 0x0, '\x00', 0x1}, 0x84}}}}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)
r9 = socket$kcm(0x10, 0x2, 0x0)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000040)=0x5)
sendmsg$kcm(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)="d8000000180081084e81f782db44b904021d0800fd007c06e8fe55a10a0015400600142603600e120800060000000201a80016000800014003e01100036010fab94dcf5c0461c1d67f6f9400e08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef409001b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed1bffec62070000cbee5de6ccd44a677575a62cef352a92954b43370e9701ee1b6ec75a526c5d5b5701cf8773", 0xd8}], 0x1}, 0x400c0) (async)
socket$inet6_sctp(0xa, 0x5, 0x84)

kernel console output (not intermixed with test programs):

  245.543798][T15192] Call Trace:
[  245.543804][T15192]  <TASK>
[  245.543810][T15192]  __dump_stack+0x1d/0x30
[  245.543828][T15192]  dump_stack_lvl+0xe8/0x140
[  245.543845][T15192]  dump_stack+0x15/0x1b
[  245.543862][T15192]  should_fail_ex+0x265/0x280
[  245.543952][T15192]  should_failslab+0x8c/0xb0
[  245.543972][T15192]  kmem_cache_alloc_node_noprof+0x57/0x320
[  245.543999][T15192]  ? __alloc_skb+0x101/0x320
[  245.544030][T15192]  __alloc_skb+0x101/0x320
[  245.544072][T15192]  netlink_alloc_large_skb+0xba/0xf0
[  245.544101][T15192]  netlink_sendmsg+0x3cf/0x6b0
[  245.544124][T15192]  ? __pfx_netlink_sendmsg+0x10/0x10
[  245.544196][T15192]  __sock_sendmsg+0x145/0x180
[  245.544221][T15192]  ____sys_sendmsg+0x31e/0x4e0
[  245.544240][T15192]  ___sys_sendmsg+0x17b/0x1d0
[  245.544265][T15192]  __x64_sys_sendmsg+0xd4/0x160
[  245.544347][T15192]  x64_sys_call+0x191e/0x2ff0
[  245.544367][T15192]  do_syscall_64+0xd2/0x200
[  245.544392][T15192]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  245.544411][T15192]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  245.544464][T15192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.544483][T15192] RIP: 0033:0x7fd94c3aebe9
[  245.544496][T15192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.544512][T15192] RSP: 002b:00007fd94ae0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  245.544530][T15192] RAX: ffffffffffffffda RBX: 00007fd94c5d5fa0 RCX: 00007fd94c3aebe9
[  245.544610][T15192] RDX: 0000000000040400 RSI: 000020000000c2c0 RDI: 0000000000000005
[  245.544621][T15192] RBP: 00007fd94ae0f090 R08: 0000000000000000 R09: 0000000000000000
[  245.544631][T15192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.544642][T15192] R13: 00007fd94c5d6038 R14: 00007fd94c5d5fa0 R15: 00007ffdc209fb48
[  245.544657][T15192]  </TASK>
[  245.812478][T15199] loop7: detected capacity change from 0 to 1024
[  245.842468][T15199] EXT4-fs error (device loop7): ext4_xattr_inode_iget:437: comm syz.7.4021: inode #3237228: comm syz.7.4021: iget: illegal inode #
[  245.856891][T15199] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.4021: error while reading EA inode 3237228 err=-117
[  245.904419][T15215] sd 0:0:1:0: device reset
[  245.905427][T15211] serio: Serial port ptm0
[  245.909597][T15214] 9pnet_fd: Insufficient options for proto=fd
[  245.993687][T15222] loop7: detected capacity change from 0 to 512
[  246.003669][T15222] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.4026: error while reading EA inode 32 err=-116
[  246.016300][T15222] EXT4-fs (loop7): Remounting filesystem read-only
[  246.022845][T15222] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  246.033232][T15222] EXT4-fs (loop7): 1 orphan inode deleted
[  246.583858][T15245] sd 0:0:1:0: device reset
[  246.601996][T15247] 9pnet_fd: Insufficient options for proto=fd
[  246.618961][T15249] __nla_validate_parse: 16 callbacks suppressed
[  246.618975][T15249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4039'.
[  246.636050][T15249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4039'.
[  246.646520][T15249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4039'.
[  246.655771][T15249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4039'.
[  246.664898][T15251] loop8: detected capacity change from 0 to 128
[  246.677835][T15251] bio_check_eod: 69 callbacks suppressed
[  246.677856][T15251] syz.8.4040: attempt to access beyond end of device
[  246.677856][T15251] loop8: rw=2049, sector=145, nr_sectors = 8 limit=128
[  246.698396][T15251] syz.8.4040: attempt to access beyond end of device
[  246.698396][T15251] loop8: rw=2049, sector=161, nr_sectors = 8 limit=128
[  246.712956][T15251] syz.8.4040: attempt to access beyond end of device
[  246.712956][T15251] loop8: rw=2049, sector=177, nr_sectors = 24 limit=128
[  246.727164][T15251] syz.8.4040: attempt to access beyond end of device
[  246.727164][T15251] loop8: rw=2049, sector=209, nr_sectors = 8 limit=128
[  246.743980][T15251] syz.8.4040: attempt to access beyond end of device
[  246.743980][T15251] loop8: rw=2049, sector=225, nr_sectors = 8 limit=128
[  246.757512][T15251] syz.8.4040: attempt to access beyond end of device
[  246.757512][T15251] loop8: rw=2049, sector=241, nr_sectors = 8 limit=128
[  246.768956][T15259] netlink: 160 bytes leftover after parsing attributes in process `syz.3.4044'.
[  246.791409][T15251] syz.8.4040: attempt to access beyond end of device
[  246.791409][T15251] loop8: rw=2049, sector=257, nr_sectors = 8 limit=128
[  246.810704][T15251] syz.8.4040: attempt to access beyond end of device
[  246.810704][T15251] loop8: rw=2049, sector=273, nr_sectors = 8 limit=128
[  246.824437][T15263] loop7: detected capacity change from 0 to 1024
[  246.825753][T15251] syz.8.4040: attempt to access beyond end of device
[  246.825753][T15251] loop8: rw=2049, sector=289, nr_sectors = 9 limit=128
[  246.891771][T15272] sd 0:0:1:0: device reset
[  246.914002][T15274] 9pnet_fd: Insufficient options for proto=fd
[  246.923205][T15277] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4052'.
[  246.933740][T15277] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4052'.
[  246.943081][T15277] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4052'.
[  246.950548][T15281] loop8: detected capacity change from 0 to 128
[  246.952703][T15277] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4052'.
[  246.989171][T15281] syz.8.4053: attempt to access beyond end of device
[  246.989171][T15281] loop8: rw=2049, sector=145, nr_sectors = 8 limit=128
[  247.009249][T15284] loop5: detected capacity change from 0 to 128
[  247.032296][T15288] serio: Serial port ptm0
[  247.069678][T15296] loop5: detected capacity change from 0 to 1024
[  247.092597][T15299] loop8: detected capacity change from 0 to 512
[  247.101154][T15299] EXT4-fs error (device loop8): ext4_xattr_inode_iget:442: comm syz.8.4057: error while reading EA inode 32 err=-116
[  247.115493][T15299] EXT4-fs (loop8): Remounting filesystem read-only
[  247.122054][T15299] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  247.132214][T15299] EXT4-fs (loop8): 1 orphan inode deleted
[  247.146402][T15302] loop5: detected capacity change from 0 to 128
[  247.169111][T15304] sd 0:0:1:0: device reset
[  247.666228][T15312] 9pnet_fd: Insufficient options for proto=fd
[  247.866018][T15318] lo speed is unknown, defaulting to 1000
[  247.924085][T15330] loop6: detected capacity change from 0 to 128
[  247.960654][T15334] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4074'.
[  247.969755][T15331] loop8: detected capacity change from 0 to 1024
[  248.064520][T15346] 9pnet_fd: Insufficient options for proto=fd
[  248.123183][T15352] loop8: detected capacity change from 0 to 128
[  248.137130][T15353] loop5: detected capacity change from 0 to 512
[  248.148396][T15353] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4079: error while reading EA inode 32 err=-116
[  248.169151][T15353] EXT4-fs (loop5): Remounting filesystem read-only
[  248.175760][T15353] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  248.190380][T15353] EXT4-fs (loop5): 1 orphan inode deleted
[  248.295849][T15363] loop7: detected capacity change from 0 to 128
[  248.379468][T15373] sd 0:0:1:0: device reset
[  248.444784][T15380] loop8: detected capacity change from 0 to 128
[  248.897741][T15390] lo speed is unknown, defaulting to 1000
[  248.929024][T15406] sd 0:0:1:0: device reset
[  249.101727][   T29] kauditd_printk_skb: 196 callbacks suppressed
[  249.101740][   T29] audit: type=1326 audit(1755065502.300:55942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15420 comm="syz.3.4109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  249.134979][   T29] audit: type=1326 audit(1755065502.300:55943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15420 comm="syz.3.4109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  249.158573][   T29] audit: type=1326 audit(1755065502.300:55944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15420 comm="syz.3.4109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  249.182325][   T29] audit: type=1326 audit(1755065502.300:55945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15420 comm="syz.3.4109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  249.206099][   T29] audit: type=1326 audit(1755065502.300:55946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15420 comm="syz.3.4109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  249.229732][   T29] audit: type=1326 audit(1755065502.300:55947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15420 comm="syz.3.4109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  249.253477][   T29] audit: type=1326 audit(1755065502.310:55948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15420 comm="syz.3.4109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  249.301003][T15425] 9pnet_fd: Insufficient options for proto=fd
[  249.333139][   T29] audit: type=1326 audit(1755065502.530:55949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15427 comm="syz.5.4113" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdf1b95ebe9 code=0x0
[  249.356955][T15431] sd 0:0:1:0: device reset
[  249.385276][T15438] loop5: detected capacity change from 0 to 512
[  249.394817][T15438] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4113: error while reading EA inode 32 err=-116
[  249.411013][T15438] EXT4-fs (loop5): Remounting filesystem read-only
[  249.417601][T15438] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  249.429748][T15438] EXT4-fs (loop5): 1 orphan inode deleted
[  249.449505][   T29] audit: type=1326 audit(1755065502.650:55950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15442 comm="syz.8.4120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  249.476379][   T29] audit: type=1326 audit(1755065502.670:55951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15442 comm="syz.8.4120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  249.534532][T15453] serio: Serial port ptm0
[  249.858474][T15461] sd 0:0:1:0: device reset
[  249.961950][T15463] 9pnet_fd: Insufficient options for proto=fd
[  250.074932][T15465] loop6: detected capacity change from 0 to 128
[  250.131376][T15469] loop6: detected capacity change from 0 to 128
[  250.467997][T15490] 9pnet_fd: Insufficient options for proto=fd
[  250.471075][T15492] loop7: detected capacity change from 0 to 128
[  250.677420][T15516] loop6: detected capacity change from 0 to 512
[  250.685571][T15516] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.4150: error while reading EA inode 32 err=-116
[  250.698850][T15516] EXT4-fs (loop6): Remounting filesystem read-only
[  250.705397][T15516] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  250.715608][T15516] EXT4-fs (loop6): 1 orphan inode deleted
[  250.975360][T15526] loop8: detected capacity change from 0 to 128
[  251.033140][T15528] 9pnet_fd: Insufficient options for proto=fd
[  251.072709][T15530] sd 0:0:1:0: device reset
[  251.494753][T15557] sd 0:0:1:0: device reset
[  251.533499][T15559] loop6: detected capacity change from 0 to 128
[  251.538695][T15561] 9pnet_fd: Insufficient options for proto=fd
[  251.634871][T15554] loop5: detected capacity change from 0 to 128
[  251.681774][T15554] bio_check_eod: 93 callbacks suppressed
[  251.681788][T15554] syz.5.4166: attempt to access beyond end of device
[  251.681788][T15554] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[  251.704379][T15568] loop7: detected capacity change from 0 to 128
[  251.709490][T15554] syz.5.4166: attempt to access beyond end of device
[  251.709490][T15554] loop5: rw=2049, sector=169, nr_sectors = 24 limit=128
[  251.716627][T15572] __nla_validate_parse: 20 callbacks suppressed
[  251.716640][T15572] netlink: 160 bytes leftover after parsing attributes in process `syz.6.4175'.
[  251.724432][T15554] syz.5.4166: attempt to access beyond end of device
[  251.724432][T15554] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[  251.750895][T15568] syz.7.4174: attempt to access beyond end of device
[  251.750895][T15568] loop7: rw=2049, sector=145, nr_sectors = 40 limit=128
[  251.767079][T15568] syz.7.4174: attempt to access beyond end of device
[  251.767079][T15568] loop7: rw=2049, sector=193, nr_sectors = 8 limit=128
[  251.768086][T15554] syz.5.4166: attempt to access beyond end of device
[  251.768086][T15554] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128
[  251.780726][T15568] syz.7.4174: attempt to access beyond end of device
[  251.780726][T15568] loop7: rw=2049, sector=209, nr_sectors = 8 limit=128
[  251.796108][T15554] syz.5.4166: attempt to access beyond end of device
[  251.796108][T15554] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[  251.807770][T15568] syz.7.4174: attempt to access beyond end of device
[  251.807770][T15568] loop7: rw=2049, sector=225, nr_sectors = 8 limit=128
[  251.834535][T15568] syz.7.4174: attempt to access beyond end of device
[  251.834535][T15568] loop7: rw=2049, sector=241, nr_sectors = 8 limit=128
[  251.996093][T15595] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15595 comm=syz.8.4184
[  252.017426][T15595] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  252.033251][T15595] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  252.093953][T15607] loop5: detected capacity change from 0 to 512
[  252.116564][T15607] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4186: error while reading EA inode 32 err=-116
[  252.136549][T15607] EXT4-fs (loop5): Remounting filesystem read-only
[  252.143255][T15607] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  252.153576][T15607] EXT4-fs (loop5): 1 orphan inode deleted
[  252.160396][T15607] EXT4-fs mount: 38 callbacks suppressed
[  252.160416][T15607] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.178558][T15607] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.250767][T15616] sd 0:0:1:0: device reset
[  252.270251][T15618] serio: Serial port ptm0
[  252.562581][T15620] 9pnet_fd: Insufficient options for proto=fd
[  252.768624][T15626] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4197'.
[  252.779627][T15626] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4197'.
[  252.788877][T15626] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4197'.
[  252.799835][T15626] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4197'.
[  252.872155][T15630] loop7: detected capacity change from 0 to 128
[  252.941941][T15638] loop5: detected capacity change from 0 to 128
[  253.094502][T15653] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4209'.
[  253.149437][T15653] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4209'.
[  253.160563][T15653] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4209'.
[  253.220431][T15660] loop5: detected capacity change from 0 to 128
[  253.387986][T15671] loop8: detected capacity change from 0 to 512
[  253.419255][T15671] EXT4-fs error (device loop8): ext4_xattr_inode_iget:442: comm syz.8.4211: error while reading EA inode 32 err=-116
[  253.462581][T15671] EXT4-fs (loop8): Remounting filesystem read-only
[  253.469211][T15671] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  253.490889][T15671] EXT4-fs (loop8): 1 orphan inode deleted
[  253.497107][T15671] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.500111][T15678] sd 0:0:1:0: device reset
[  253.526156][T15671] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.570460][T15682] serio: Serial port ptm0
[  253.773572][T15694] loop5: detected capacity change from 0 to 128
[  253.809103][T15697] 9pnet_fd: Insufficient options for proto=fd
[  254.000104][T15713] loop5: detected capacity change from 0 to 128
[  254.142216][T15724] 9pnet_fd: Insufficient options for proto=fd
[  254.143006][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  254.143018][   T29] audit: type=1326 audit(1755065507.342:56079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.8.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  254.193177][   T29] audit: type=1326 audit(1755065507.382:56080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.8.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  254.216857][   T29] audit: type=1326 audit(1755065507.382:56081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.8.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  254.240450][   T29] audit: type=1326 audit(1755065507.382:56082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.8.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  254.264269][   T29] audit: type=1326 audit(1755065507.382:56083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.8.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  254.287975][   T29] audit: type=1326 audit(1755065507.382:56084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15725 comm="syz.8.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  254.441873][T15739] loop7: detected capacity change from 0 to 128
[  254.454132][   T29] audit: type=1326 audit(1755065507.652:56085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15740 comm="syz.8.4249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  254.503434][T15741] serio: Serial port ptm0
[  254.733548][   T29] audit: type=1326 audit(1755065507.652:56086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15740 comm="syz.8.4249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  254.757267][   T29] audit: type=1326 audit(1755065507.662:56087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15740 comm="syz.8.4249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  254.780934][   T29] audit: type=1326 audit(1755065507.662:56088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15740 comm="syz.8.4249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  254.868090][T15756] 9pnet_fd: Insufficient options for proto=fd
[  254.953215][T15761] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15761 comm=syz.6.4257
[  254.968235][T15763] serio: Serial port ptm1
[  255.046940][T15768] loop5: detected capacity change from 0 to 128
[  255.096411][T15772] loop6: detected capacity change from 0 to 128
[  255.309886][T15785] loop8: detected capacity change from 0 to 1024
[  255.330683][T15785] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.428005][T13082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.483490][T15796] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15796 comm=syz.3.4274
[  255.745140][T15813] serio: Serial port ptm0
[  255.778607][T15820] loop5: detected capacity change from 0 to 512
[  255.796416][T15820] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.809235][T15820] ext4 filesystem being mounted at /269/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  255.829710][T15824] loop7: detected capacity change from 0 to 1024
[  255.840508][T15820] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.4283: corrupted inode contents
[  255.841269][T15826] sd 0:0:1:0: device reset
[  255.853127][T15820] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #2: comm syz.5.4283: mark_inode_dirty error
[  255.864635][T15824] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.869336][T15820] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.4283: corrupted inode contents
[  255.897173][T15820] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.4283: mark_inode_dirty error
[  255.924290][ T7056] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.952100][T15836] loop7: detected capacity change from 0 to 1024
[  255.959666][T12772] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.971481][T15836] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.031213][ T7056] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.073278][T15856] sd 0:0:1:0: device reset
[  256.099385][T15857] serio: Serial port ptm0
[  256.110729][T15858] loop5: detected capacity change from 0 to 512
[  256.123062][T15858] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4294: error while reading EA inode 32 err=-116
[  256.149492][T15858] EXT4-fs (loop5): Remounting filesystem read-only
[  256.151427][T15865] loop6: detected capacity change from 0 to 512
[  256.156153][T15858] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  256.173876][T15858] EXT4-fs (loop5): 1 orphan inode deleted
[  256.177460][T15862] serio: Serial port ptm1
[  256.179950][T15858] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.196479][T15858] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.204979][T15865] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.217981][T15865] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  256.235823][T15865] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.4300: corrupted inode contents
[  256.248679][T15865] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #2: comm syz.6.4300: mark_inode_dirty error
[  256.260275][T15865] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.4300: corrupted inode contents
[  256.273858][T15865] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.4300: mark_inode_dirty error
[  256.298374][T14386] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.772439][T15893] loop8: detected capacity change from 0 to 128
[  256.798500][T15893] bio_check_eod: 67 callbacks suppressed
[  256.798514][T15893] syz.8.4309: attempt to access beyond end of device
[  256.798514][T15893] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  256.854767][T15893] syz.8.4309: attempt to access beyond end of device
[  256.854767][T15893] loop8: rw=2049, sector=169, nr_sectors = 24 limit=128
[  256.889914][T15893] syz.8.4309: attempt to access beyond end of device
[  256.889914][T15893] loop8: rw=2049, sector=201, nr_sectors = 8 limit=128
[  256.916980][T15893] syz.8.4309: attempt to access beyond end of device
[  256.916980][T15893] loop8: rw=2049, sector=217, nr_sectors = 8 limit=128
[  256.930464][T15893] syz.8.4309: attempt to access beyond end of device
[  256.930464][T15893] loop8: rw=2049, sector=233, nr_sectors = 8 limit=128
[  256.943937][T15893] syz.8.4309: attempt to access beyond end of device
[  256.943937][T15893] loop8: rw=2049, sector=249, nr_sectors = 8 limit=128
[  256.957341][T15893] syz.8.4309: attempt to access beyond end of device
[  256.957341][T15893] loop8: rw=2049, sector=265, nr_sectors = 8 limit=128
[  256.972035][T15893] syz.8.4309: attempt to access beyond end of device
[  256.972035][T15893] loop8: rw=2049, sector=281, nr_sectors = 9 limit=128
[  257.037391][T15899] loop8: detected capacity change from 0 to 512
[  257.058256][T15899] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.075393][T15899] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  257.095159][T15899] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.4312: corrupted inode contents
[  257.107165][T15899] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #2: comm syz.8.4312: mark_inode_dirty error
[  257.120116][T15899] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.4312: corrupted inode contents
[  257.134343][T15899] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #2: comm syz.8.4312: mark_inode_dirty error
[  257.173819][T15906] serio: Serial port ptm0
[  257.179083][T15911] loop5: detected capacity change from 0 to 1024
[  257.199170][T13082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.212084][T15911] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.264468][T12772] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.297416][T15920] sd 0:0:1:0: device reset
[  257.314072][T15921] __nla_validate_parse: 25 callbacks suppressed
[  257.314086][T15921] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4318'.
[  257.417938][T15930] loop5: detected capacity change from 0 to 128
[  257.431464][T15931] loop7: detected capacity change from 0 to 512
[  257.443727][T15931] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.4321: error while reading EA inode 32 err=-116
[  257.463767][T15931] EXT4-fs (loop7): Remounting filesystem read-only
[  257.468084][T15930] syz.5.4323: attempt to access beyond end of device
[  257.468084][T15930] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[  257.470347][T15931] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  257.496326][T15931] EXT4-fs (loop7): 1 orphan inode deleted
[  257.503766][T15931] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.516644][T15931] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.530481][T15930] syz.5.4323: attempt to access beyond end of device
[  257.530481][T15930] loop5: rw=2049, sector=169, nr_sectors = 24 limit=128
[  257.602590][T15942] 9pnet_fd: Insufficient options for proto=fd
[  257.681621][T15948] serio: Serial port ptm0
[  257.726287][T15955] sd 0:0:1:0: device reset
[  257.831327][T15959] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4336'.
[  257.856624][T15959] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4336'.
[  257.871002][T15959] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4336'.
[  257.882765][T15962] loop5: detected capacity change from 0 to 128
[  257.912799][T15959] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4336'.
[  258.272783][T15976] 9pnet_fd: Insufficient options for proto=fd
[  258.472487][T15988] serio: Serial port ptm0
[  258.502514][T15991] loop5: detected capacity change from 0 to 1024
[  258.514166][T15991] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.559382][T12772] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.657618][T16012] loop8: detected capacity change from 0 to 512
[  258.674930][T16012] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.676277][T16016] sd 0:0:1:0: device reset
[  258.692001][T16012] ext4 filesystem being mounted at /157/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  258.706105][T16012] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.4358: corrupted inode contents
[  258.719488][T16012] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #2: comm syz.8.4358: mark_inode_dirty error
[  258.731587][T16012] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.4358: corrupted inode contents
[  258.744645][T16012] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #2: comm syz.8.4358: mark_inode_dirty error
[  258.766636][T13082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.796695][T16025] loop6: detected capacity change from 0 to 1024
[  258.878824][T16025] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.907749][T14386] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.316052][   T29] kauditd_printk_skb: 179 callbacks suppressed
[  259.316098][   T29] audit: type=1326 audit(1755065512.525:56268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16035 comm="syz.6.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94c3aebe9 code=0x7ffc0000
[  259.346027][   T29] audit: type=1326 audit(1755065512.525:56269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16035 comm="syz.6.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd94c3aebe9 code=0x7ffc0000
[  259.369912][   T29] audit: type=1326 audit(1755065512.525:56270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16035 comm="syz.6.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94c3aebe9 code=0x7ffc0000
[  259.393573][   T29] audit: type=1326 audit(1755065512.525:56271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16035 comm="syz.6.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94c3aebe9 code=0x7ffc0000
[  259.417237][   T29] audit: type=1326 audit(1755065512.525:56272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16035 comm="syz.6.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fd94c3aebe9 code=0x7ffc0000
[  259.440910][   T29] audit: type=1326 audit(1755065512.525:56273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16035 comm="syz.6.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94c3aebe9 code=0x7ffc0000
[  259.464489][   T29] audit: type=1326 audit(1755065512.525:56274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16035 comm="syz.6.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94c3aebe9 code=0x7ffc0000
[  259.556527][T16050] loop5: detected capacity change from 0 to 128
[  259.564683][   T29] audit: type=1326 audit(1755065512.775:56275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16047 comm="syz.5.4370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  259.588285][   T29] audit: type=1326 audit(1755065512.775:56276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16047 comm="syz.5.4370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  259.615081][   T29] audit: type=1326 audit(1755065512.775:56277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16047 comm="syz.5.4370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  259.737253][T16057] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4372'.
[  259.751003][T16057] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4372'.
[  259.851898][T16057] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4372'.
[  259.934129][T16059] sd 0:0:1:0: device reset
[  259.975933][T16057] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4372'.
[  259.995238][T16064] serio: Serial port ptm0
[  260.295217][T16077] loop6: detected capacity change from 0 to 512
[  260.310883][T16077] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.4381: error while reading EA inode 32 err=-116
[  260.333964][T16077] EXT4-fs (loop6): Remounting filesystem read-only
[  260.340500][T16077] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  260.353234][T16077] EXT4-fs (loop6): 1 orphan inode deleted
[  260.363858][T16077] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.379010][T16077] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.989693][T16091] serio: Serial port ptm0
[  261.078150][T16096] sd 0:0:1:0: device reset
[  261.116944][T16098] loop6: detected capacity change from 0 to 1024
[  261.150517][T16105] loop5: detected capacity change from 0 to 128
[  261.157847][T16098] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.196881][T16107] 9pnet_fd: Insufficient options for proto=fd
[  261.208947][T14386] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.386449][T16122] serio: Serial port ptm0
[  261.426497][T16125] sd 0:0:1:0: device reset
[  261.448706][T16126] loop8: detected capacity change from 0 to 512
[  261.469833][T16126] EXT4-fs error (device loop8): ext4_xattr_inode_iget:442: comm syz.8.4398: error while reading EA inode 32 err=-116
[  261.482285][T16126] EXT4-fs (loop8): Remounting filesystem read-only
[  261.488800][T16126] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  261.500358][T16126] EXT4-fs (loop8): 1 orphan inode deleted
[  261.506440][T16126] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.518951][T16126] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.554711][T16133] serio: Serial port ptm1
[  261.628466][T16136] lo speed is unknown, defaulting to 1000
[  261.674477][T16136] chnl_net:caif_netlink_parms(): no params data found
[  261.712276][T16136] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.719350][T16136] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.726755][T16136] bridge_slave_0: entered allmulticast mode
[  261.736392][T16136] bridge_slave_0: entered promiscuous mode
[  261.744714][T16136] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.751835][T16136] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.759102][T16136] bridge_slave_1: entered allmulticast mode
[  261.765663][T16136] bridge_slave_1: entered promiscuous mode
[  261.784049][T16136] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  261.794458][T16136] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  261.815265][T16136] team0: Port device team_slave_0 added
[  261.822464][T16136] team0: Port device team_slave_1 added
[  261.828836][   T12] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.856191][T16136] batman_adv: batadv0: Adding interface: batadv_slave_0
[  261.863213][T16136] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.889127][T16136] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  261.900411][T16136] batman_adv: batadv0: Adding interface: batadv_slave_1
[  261.907352][T16136] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.933577][T16136] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  261.948609][   T12] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.980769][T16136] hsr_slave_0: entered promiscuous mode
[  261.986783][T16136] hsr_slave_1: entered promiscuous mode
[  261.996662][T16136] debugfs: 'hsr0' already exists in 'hsr'
[  262.002422][T16136] Cannot create hsr debugfs directory
[  262.013653][   T12] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.091759][   T12] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.241932][   T12] team0: Port device geneve1 removed
[  262.266943][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  262.278979][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  262.288449][   T12] bond0 (unregistering): Released all slaves
[  262.393466][   T12] hsr_slave_0: left promiscuous mode
[  262.399142][   T12] hsr_slave_1: left promiscuous mode
[  262.410125][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  262.417712][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  262.447389][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  262.454830][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  262.487119][T16172] loop8: detected capacity change from 0 to 1024
[  262.508770][T16172] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.528288][   T12] veth1_macvtap: left promiscuous mode
[  262.550470][   T12] veth0_macvtap: left promiscuous mode
[  262.607549][T13082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.667002][T16183] sd 0:0:1:0: device reset
[  262.708375][   T12] team0 (unregistering): Port device team_slave_1 removed
[  262.731210][   T12] team0 (unregistering): Port device team_slave_0 removed
[  262.742200][T16185] loop8: detected capacity change from 0 to 128
[  262.764858][T16185] bio_check_eod: 30 callbacks suppressed
[  262.764872][T16185] syz.8.4413: attempt to access beyond end of device
[  262.764872][T16185] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  262.805149][T16185] syz.8.4413: attempt to access beyond end of device
[  262.805149][T16185] loop8: rw=2049, sector=169, nr_sectors = 24 limit=128
[  262.820100][T16185] syz.8.4413: attempt to access beyond end of device
[  262.820100][T16185] loop8: rw=2049, sector=201, nr_sectors = 8 limit=128
[  262.846382][T16185] syz.8.4413: attempt to access beyond end of device
[  262.846382][T16185] loop8: rw=2049, sector=217, nr_sectors = 8 limit=128
[  262.860091][T16185] syz.8.4413: attempt to access beyond end of device
[  262.860091][T16185] loop8: rw=2049, sector=233, nr_sectors = 8 limit=128
[  262.876687][T16185] syz.8.4413: attempt to access beyond end of device
[  262.876687][T16185] loop8: rw=2049, sector=249, nr_sectors = 8 limit=128
[  262.891675][T16185] syz.8.4413: attempt to access beyond end of device
[  262.891675][T16185] loop8: rw=2049, sector=265, nr_sectors = 8 limit=128
[  262.905307][T16185] syz.8.4413: attempt to access beyond end of device
[  262.905307][T16185] loop8: rw=2049, sector=281, nr_sectors = 9 limit=128
[  262.984103][T16192] loop8: detected capacity change from 0 to 1024
[  263.001416][T16192] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.027566][T13082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.029198][T16136] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  263.046099][T16136] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  263.055154][T16136] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  263.066930][T16136] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  263.079670][T16197] serio: Serial port ptm0
[  263.171224][T16136] 8021q: adding VLAN 0 to HW filter on device bond0
[  263.184769][T16136] 8021q: adding VLAN 0 to HW filter on device team0
[  263.196358][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.203460][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.222439][T16136] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  263.232854][T16136] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  263.245658][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.252714][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  263.313081][T16214] 9pnet_fd: Insufficient options for proto=fd
[  263.359744][T16136] 8021q: adding VLAN 0 to HW filter on device batadv0
[  263.559711][T16136] veth0_vlan: entered promiscuous mode
[  263.567297][T16136] veth1_vlan: entered promiscuous mode
[  263.582425][T16136] veth0_macvtap: entered promiscuous mode
[  263.590115][T16136] veth1_macvtap: entered promiscuous mode
[  263.601818][T16136] batman_adv: batadv0: Interface activated: batadv_slave_0
[  263.613590][T16136] batman_adv: batadv0: Interface activated: batadv_slave_1
[  263.686125][   T12] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.713227][   T12] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.725301][   T12] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.752193][   T12] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.778277][T16247] loop6: detected capacity change from 0 to 512
[  263.810563][T16247] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.836478][T16253] loop7: detected capacity change from 0 to 128
[  263.864460][T16247] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  263.892532][T16253] syz.7.4403: attempt to access beyond end of device
[  263.892532][T16253] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  263.941705][T16253] syz.7.4403: attempt to access beyond end of device
[  263.941705][T16253] loop7: rw=2049, sector=169, nr_sectors = 24 limit=128
[  263.954383][T16255] serio: Serial port ptm0
[  263.974629][T16247] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.4430: corrupted inode contents
[  263.989342][T16260] loop5: detected capacity change from 0 to 128
[  263.989425][T16247] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #2: comm syz.6.4430: mark_inode_dirty error
[  264.015364][T16247] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.4430: corrupted inode contents
[  264.035838][T16247] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.4430: mark_inode_dirty error
[  264.040656][T16267] loop7: detected capacity change from 0 to 1024
[  264.061733][T16267] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.091412][T14386] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.121478][T16136] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.140648][T16276] loop6: detected capacity change from 0 to 512
[  264.150274][T16276] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.4441: error while reading EA inode 32 err=-116
[  264.167283][T16280] serio: Serial port ptm0
[  264.170913][T16276] EXT4-fs (loop6): Remounting filesystem read-only
[  264.178259][T16276] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  264.188619][T16276] EXT4-fs (loop6): 1 orphan inode deleted
[  264.194700][T16276] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.207122][T16276] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.247560][T16287] loop6: detected capacity change from 0 to 128
[  264.254128][T16291] 9pnet_fd: Insufficient options for proto=fd
[  264.361903][T16307] sd 0:0:1:0: device reset
[  264.370674][T16310] loop5: detected capacity change from 0 to 512
[  264.378854][T16310] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4456: error while reading EA inode 32 err=-116
[  264.408441][T16310] EXT4-fs (loop5): Remounting filesystem read-only
[  264.415141][T16310] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  264.418964][   T29] kauditd_printk_skb: 98 callbacks suppressed
[  264.418977][   T29] audit: type=1326 audit(1755065517.627:56376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16316 comm="syz.3.4459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  264.426409][T16310] EXT4-fs (loop5): 1 orphan inode deleted
[  264.459308][   T29] audit: type=1326 audit(1755065517.647:56377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16316 comm="syz.3.4459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  264.463098][T16310] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.484698][   T29] audit: type=1326 audit(1755065517.647:56378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16316 comm="syz.3.4459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  264.484723][   T29] audit: type=1326 audit(1755065517.647:56379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16316 comm="syz.3.4459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  264.484762][   T29] audit: type=1326 audit(1755065517.647:56380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16316 comm="syz.3.4459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  264.548719][T16310] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.733417][T16338] sd 0:0:1:0: device reset
[  264.771312][T16343] loop5: detected capacity change from 0 to 128
[  264.797204][   T29] audit: type=1326 audit(1755065517.987:56381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16344 comm="syz.3.4471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  264.820857][   T29] audit: type=1326 audit(1755065517.987:56382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16344 comm="syz.3.4471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  264.844409][   T29] audit: type=1326 audit(1755065517.987:56383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16344 comm="syz.3.4471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  264.868022][   T29] audit: type=1326 audit(1755065517.987:56384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16344 comm="syz.3.4471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  264.891725][   T29] audit: type=1326 audit(1755065517.987:56385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16344 comm="syz.3.4471" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  265.083748][T16355] loop7: detected capacity change from 0 to 512
[  265.223028][T16355] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.4475: error while reading EA inode 32 err=-116
[  265.301541][T16355] EXT4-fs (loop7): Remounting filesystem read-only
[  265.308095][T16355] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  265.323008][T16355] EXT4-fs (loop7): 1 orphan inode deleted
[  265.359313][T16355] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.372933][T16355] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.461902][T16374] sd 0:0:1:0: device reset
[  265.500643][T16380] loop7: detected capacity change from 0 to 1024
[  265.540513][T16379] 9pnet_fd: Insufficient options for proto=fd
[  265.557145][T16386] serio: Serial port ptm0
[  265.562419][T16380] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.605513][T16136] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.630372][T16394] loop7: detected capacity change from 0 to 512
[  265.641880][T16394] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  265.654517][T16394] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  265.672372][T16394] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #2: comm syz.7.4489: corrupted inode contents
[  265.684369][T16394] EXT4-fs error (device loop7): ext4_dirty_inode:6538: inode #2: comm syz.7.4489: mark_inode_dirty error
[  265.697016][T16394] EXT4-fs error (device loop7): ext4_do_update_inode:5653: inode #2: comm syz.7.4489: corrupted inode contents
[  265.711145][T16394] EXT4-fs error (device loop7): __ext4_ext_dirty:206: inode #2: comm syz.7.4489: mark_inode_dirty error
[  265.765955][T16136] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.798723][T16411] loop7: detected capacity change from 0 to 128
[  265.810602][T16413] 9pnet_fd: Insufficient options for proto=fd
[  265.866647][T16420] 9pnet_fd: Insufficient options for proto=fd
[  265.900069][T16423] loop7: detected capacity change from 0 to 1024
[  265.919990][T16423] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.944946][T16136] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.988435][T16431] serio: Serial port ptm1
[  266.314758][T16449] loop6: detected capacity change from 0 to 128
[  266.333177][T16450] loop7: detected capacity change from 0 to 512
[  266.352528][T16450] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.4509: error while reading EA inode 32 err=-116
[  266.361841][T16453] loop6: detected capacity change from 0 to 128
[  266.366969][T16450] EXT4-fs (loop7): Remounting filesystem read-only
[  266.377534][T16450] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  266.391928][T16450] EXT4-fs (loop7): 1 orphan inode deleted
[  266.398342][T16450] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.415815][T16450] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.421037][T16457] loop6: detected capacity change from 0 to 1024
[  266.441050][T16457] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.470491][T14386] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.714836][T16475] loop6: detected capacity change from 0 to 512
[  266.725357][T16475] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.4520: error while reading EA inode 32 err=-116
[  266.748890][T16475] EXT4-fs (loop6): Remounting filesystem read-only
[  266.755444][T16475] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  266.765649][T16475] EXT4-fs (loop6): 1 orphan inode deleted
[  266.772566][T16475] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.785125][T16475] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.820920][T16482] 9pnet_fd: Insufficient options for proto=fd
[  266.847511][T16484] loop8: detected capacity change from 0 to 128
[  266.876868][T16486] loop8: detected capacity change from 0 to 128
[  266.941184][T16488] loop8: detected capacity change from 0 to 512
[  267.059662][T16488] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.128198][T16488] ext4 filesystem being mounted at /189/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  267.170043][T16488] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.4525: corrupted inode contents
[  267.201590][T16488] EXT4-fs error (device loop8): ext4_dirty_inode:6538: inode #2: comm syz.8.4525: mark_inode_dirty error
[  267.228799][T16488] EXT4-fs error (device loop8): ext4_do_update_inode:5653: inode #2: comm syz.8.4525: corrupted inode contents
[  267.241426][T16488] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #2: comm syz.8.4525: mark_inode_dirty error
[  267.307020][T13082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.479663][T16508] serio: Serial port ptm0
[  267.515270][T16513] loop6: detected capacity change from 0 to 1024
[  267.822594][T16520] loop8: detected capacity change from 0 to 128
[  267.933349][T16520] bio_check_eod: 70 callbacks suppressed
[  267.933359][T16520] syz.8.4537: attempt to access beyond end of device
[  267.933359][T16520] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  267.955333][T16513] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  267.976406][T16520] syz.8.4537: attempt to access beyond end of device
[  267.976406][T16520] loop8: rw=2049, sector=169, nr_sectors = 24 limit=128
[  267.997524][T16520] syz.8.4537: attempt to access beyond end of device
[  267.997524][T16520] loop8: rw=2049, sector=201, nr_sectors = 8 limit=128
[  268.009940][T16526] loop7: detected capacity change from 0 to 128
[  268.011274][T16520] syz.8.4537: attempt to access beyond end of device
[  268.011274][T16520] loop8: rw=2049, sector=217, nr_sectors = 8 limit=128
[  268.025279][T16526] syz.7.4538: attempt to access beyond end of device
[  268.025279][T16526] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  268.036375][T14386] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.044142][T16526] syz.7.4538: attempt to access beyond end of device
[  268.044142][T16526] loop7: rw=2049, sector=169, nr_sectors = 24 limit=128
[  268.066574][T16526] syz.7.4538: attempt to access beyond end of device
[  268.066574][T16526] loop7: rw=2049, sector=201, nr_sectors = 8 limit=128
[  268.074445][T16520] syz.8.4537: attempt to access beyond end of device
[  268.074445][T16520] loop8: rw=2049, sector=233, nr_sectors = 8 limit=128
[  268.080235][T16526] syz.7.4538: attempt to access beyond end of device
[  268.080235][T16526] loop7: rw=2049, sector=217, nr_sectors = 8 limit=128
[  268.112767][T16520] syz.8.4537: attempt to access beyond end of device
[  268.112767][T16520] loop8: rw=2049, sector=249, nr_sectors = 8 limit=128
[  268.301219][T16542] serio: Serial port ptm0
[  268.330758][T16543] loop5: detected capacity change from 0 to 512
[  268.350684][T16543] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4544: error while reading EA inode 32 err=-116
[  268.373359][T16546] serio: Serial port ptm1
[  268.378797][T16543] EXT4-fs (loop5): Remounting filesystem read-only
[  268.385324][T16543] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  268.411067][T16543] EXT4-fs (loop5): 1 orphan inode deleted
[  269.061979][T16571] 9pnet_fd: Insufficient options for proto=fd
[  269.113078][T16578] loop6: detected capacity change from 0 to 128
[  269.151450][T16584] loop5: detected capacity change from 0 to 512
[  269.162415][T16583] loop6: detected capacity change from 0 to 1024
[  269.211450][T16587] loop8: detected capacity change from 0 to 128
[  269.253235][T16584] ext4 filesystem being mounted at /332/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  269.497587][T16604] sd 0:0:1:0: device reset
[  269.525360][T16608] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16608 comm=syz.6.4570
[  269.550309][   T29] kauditd_printk_skb: 85 callbacks suppressed
[  269.550322][   T29] audit: type=1326 audit(1755065522.760:56471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16609 comm="syz.7.4571" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5f07d2ebe9 code=0x0
[  269.551299][T16614] loop5: detected capacity change from 0 to 128
[  269.590924][   T29] audit: type=1326 audit(1755065522.800:56472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16613 comm="syz.5.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  269.614629][   T29] audit: type=1326 audit(1755065522.800:56473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16613 comm="syz.5.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  269.620025][T16616] serio: Serial port ptm0
[  269.639036][   T29] audit: type=1326 audit(1755065522.800:56474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16613 comm="syz.5.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  269.666220][   T29] audit: type=1326 audit(1755065522.800:56475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16613 comm="syz.5.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  269.689826][   T29] audit: type=1326 audit(1755065522.800:56476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16613 comm="syz.5.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  269.690001][T16617] loop7: detected capacity change from 0 to 512
[  269.713571][   T29] audit: type=1326 audit(1755065522.800:56477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16613 comm="syz.5.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  269.723853][T16617] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.4571: error while reading EA inode 32 err=-116
[  269.743373][   T29] audit: type=1326 audit(1755065522.800:56478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16613 comm="syz.5.4572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  269.757183][T16617] EXT4-fs (loop7): Remounting filesystem read-only
[  269.785663][T16617] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  269.795896][T16617] EXT4-fs (loop7): 1 orphan inode deleted
[  269.811330][T16621] loop5: detected capacity change from 0 to 1024
[  269.824500][T16623] loop6: detected capacity change from 0 to 128
[  269.924267][T16639] sd 0:0:1:0: device reset
[  269.979414][T16645] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16645 comm=syz.5.4585
[  269.980325][T16647] 9pnet_fd: Insufficient options for proto=fd
[  270.038548][T16655] serio: Serial port ptm0
[  270.138890][   T29] audit: type=1326 audit(1755065523.350:56479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16669 comm="syz.5.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  270.162660][   T29] audit: type=1326 audit(1755065523.350:56480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16669 comm="syz.5.4596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf1b95ebe9 code=0x7ffc0000
[  270.270463][T16678] sd 0:0:1:0: device reset
[  270.307306][T16681] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16681 comm=syz.8.4600
[  270.333409][T16683] 9pnet_fd: Insufficient options for proto=fd
[  270.398576][T16685] loop8: detected capacity change from 0 to 128
[  270.575900][T16709] loop5: detected capacity change from 0 to 512
[  270.608056][T16709] ext4 filesystem being mounted at /356/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  270.639149][T16716] 9pnet_fd: Insufficient options for proto=fd
[  270.652037][T16717] loop8: detected capacity change from 0 to 512
[  270.667270][T16717] EXT4-fs error (device loop8): ext4_xattr_inode_iget:442: comm syz.8.4614: error while reading EA inode 32 err=-116
[  270.683159][T16717] EXT4-fs (loop8): Remounting filesystem read-only
[  270.689749][T16717] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  270.726807][T16717] EXT4-fs (loop8): 1 orphan inode deleted
[  270.888406][T16741] loop6: detected capacity change from 0 to 512
[  270.899000][T16741] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  270.929741][T16747] 9pnet_fd: Insufficient options for proto=fd
[  271.101964][T16771] loop6: detected capacity change from 0 to 512
[  271.120998][T16771] ext4 filesystem being mounted at /165/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  271.140109][T16775] 9pnet_fd: Insufficient options for proto=fd
[  271.377019][T16796] loop6: detected capacity change from 0 to 512
[  271.391343][T16796] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.4648: error while reading EA inode 32 err=-116
[  271.404058][T16796] EXT4-fs (loop6): Remounting filesystem read-only
[  271.410621][T16796] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  271.420860][T16796] EXT4-fs (loop6): 1 orphan inode deleted
[  271.459941][T16806] serio: Serial port ptm0
[  271.510659][T16808] 9pnet_fd: Insufficient options for proto=fd
[  271.803617][T16824] loop5: detected capacity change from 0 to 1024
[  272.174188][T16831] loop6: detected capacity change from 0 to 128
[  272.218649][T16833] sd 0:0:1:0: device reset
[  272.314564][T16838] 9pnet_fd: Insufficient options for proto=fd
[  272.334131][T16841] loop8: detected capacity change from 0 to 128
[  272.560070][T16856] sd 0:0:1:0: device reset
[  272.587071][T16858] loop8: detected capacity change from 0 to 512
[  272.688060][T16858] EXT4-fs error (device loop8): ext4_xattr_inode_iget:442: comm syz.8.4672: error while reading EA inode 32 err=-116
[  272.708285][T16858] EXT4-fs (loop8): Remounting filesystem read-only
[  272.714818][T16858] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  272.724969][T16858] EXT4-fs (loop8): 1 orphan inode deleted
[  272.814173][T16867] serio: Serial port ptm0
[  272.999236][T16874] 9pnet_fd: Insufficient options for proto=fd
[  273.317008][T16890] serio: Serial port ptm1
[  273.610001][T16914] loop7: detected capacity change from 0 to 128
[  273.624446][T16914] bio_check_eod: 62 callbacks suppressed
[  273.624518][T16914] syz.7.4697: attempt to access beyond end of device
[  273.624518][T16914] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  273.645262][T16914] syz.7.4697: attempt to access beyond end of device
[  273.645262][T16914] loop7: rw=2049, sector=169, nr_sectors = 24 limit=128
[  273.668434][T16914] syz.7.4697: attempt to access beyond end of device
[  273.668434][T16914] loop7: rw=2049, sector=201, nr_sectors = 8 limit=128
[  273.682098][T16914] syz.7.4697: attempt to access beyond end of device
[  273.682098][T16914] loop7: rw=2049, sector=217, nr_sectors = 8 limit=128
[  273.708158][T16918] loop5: detected capacity change from 0 to 128
[  273.712228][T16914] syz.7.4697: attempt to access beyond end of device
[  273.712228][T16914] loop7: rw=2049, sector=233, nr_sectors = 8 limit=128
[  273.729224][T16918] syz.5.4698: attempt to access beyond end of device
[  273.729224][T16918] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[  273.745007][T16914] syz.7.4697: attempt to access beyond end of device
[  273.745007][T16914] loop7: rw=2049, sector=249, nr_sectors = 8 limit=128
[  273.746886][T16918] syz.5.4698: attempt to access beyond end of device
[  273.746886][T16918] loop5: rw=2049, sector=169, nr_sectors = 24 limit=128
[  273.762172][T16914] syz.7.4697: attempt to access beyond end of device
[  273.762172][T16914] loop7: rw=2049, sector=265, nr_sectors = 8 limit=128
[  273.778522][T16918] syz.5.4698: attempt to access beyond end of device
[  273.778522][T16918] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[  273.985178][T16924] 9pnet_fd: Insufficient options for proto=fd
[  274.020231][T16940] serio: Serial port ptm0
[  274.108687][T16943] serio: Serial port ptm1
[  274.348616][T16952] loop6: detected capacity change from 0 to 128
[  274.486010][T16964] 9pnet_fd: Insufficient options for proto=fd
[  274.581703][   T29] kauditd_printk_skb: 119 callbacks suppressed
[  274.581717][   T29] audit: type=1326 audit(1755065527.792:56600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16967 comm="syz.6.4721" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd94c3aebe9 code=0x0
[  274.618019][T16970] serio: Serial port ptm0
[  274.622680][   T29] audit: type=1326 audit(1755065527.832:56601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16969 comm="syz.8.4722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  274.646342][   T29] audit: type=1326 audit(1755065527.832:56602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16969 comm="syz.8.4722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  274.669955][   T29] audit: type=1326 audit(1755065527.832:56603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16969 comm="syz.8.4722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  274.693534][   T29] audit: type=1326 audit(1755065527.832:56604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16969 comm="syz.8.4722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  274.697224][T16976] loop6: detected capacity change from 0 to 512
[  274.718061][   T29] audit: type=1326 audit(1755065527.832:56605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16969 comm="syz.8.4722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  274.729696][T16976] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.4721: error while reading EA inode 32 err=-116
[  274.747969][   T29] audit: type=1326 audit(1755065527.832:56606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16969 comm="syz.8.4722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  274.766664][T16976] EXT4-fs (loop6): Remounting filesystem read-only
[  274.783722][   T29] audit: type=1326 audit(1755065527.832:56607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16969 comm="syz.8.4722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  274.790236][T16976] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  274.792245][T16976] EXT4-fs (loop6): 1 orphan inode deleted
[  274.813819][   T29] audit: type=1326 audit(1755065527.832:56608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16969 comm="syz.8.4722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  274.813845][   T29] audit: type=1326 audit(1755065527.832:56609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16969 comm="syz.8.4722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  274.903474][T16982] loop8: detected capacity change from 0 to 128
[  275.131848][T17004] serio: Serial port ptm0
[  275.499802][T17015] serio: Serial port ptm0
[  275.560514][T17017] loop8: detected capacity change from 0 to 128
[  275.718025][T17025] loop8: detected capacity change from 0 to 128
[  275.801874][T17031] 9pnet_fd: Insufficient options for proto=fd
[  275.847520][T17039] loop7: detected capacity change from 0 to 128
[  275.892508][T17048] loop5: detected capacity change from 0 to 512
[  275.905231][T17048] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4751: error while reading EA inode 32 err=-116
[  275.919985][T17048] EXT4-fs (loop5): Remounting filesystem read-only
[  275.926548][T17048] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  275.936745][T17048] EXT4-fs (loop5): 1 orphan inode deleted
[  276.039417][T17059] 9pnet_fd: Insufficient options for proto=fd
[  276.200063][T17077] serio: Serial port ptm1
[  276.471549][T17087] 9pnet_fd: Insufficient options for proto=fd
[  276.924967][T17102] loop5: detected capacity change from 0 to 512
[  276.939005][T17102] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4774: error while reading EA inode 32 err=-116
[  276.953601][T17102] EXT4-fs (loop5): Remounting filesystem read-only
[  276.960205][T17102] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  276.982360][T17102] EXT4-fs (loop5): 1 orphan inode deleted
[  277.144733][T17115] serio: Serial port ptm0
[  277.304432][T17120] 9pnet_fd: Insufficient options for proto=fd
[  277.434404][T17125] loop6: detected capacity change from 0 to 512
[  277.453627][T17125] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.4785: error while reading EA inode 32 err=-116
[  277.477676][T17125] EXT4-fs (loop6): Remounting filesystem read-only
[  277.484308][T17125] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  277.535866][T17125] EXT4-fs (loop6): 1 orphan inode deleted
[  277.819987][T17143] loop5: detected capacity change from 0 to 128
[  277.978150][T17149] 9pnet_fd: Insufficient options for proto=fd
[  278.335771][T17166] loop7: detected capacity change from 0 to 512
[  278.355558][T17166] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.4803: error while reading EA inode 32 err=-116
[  278.361421][T17173] loop5: detected capacity change from 0 to 128
[  278.369263][T17166] EXT4-fs (loop7): Remounting filesystem read-only
[  278.380650][T17166] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  278.392810][T17166] EXT4-fs (loop7): 1 orphan inode deleted
[  278.591144][T17180] loop5: detected capacity change from 0 to 128
[  278.756513][T17199] serio: Serial port ptm0
[  279.156914][T17217] loop8: detected capacity change from 0 to 128
[  279.250420][T17217] bio_check_eod: 70 callbacks suppressed
[  279.250434][T17217] syz.8.4824: attempt to access beyond end of device
[  279.250434][T17217] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  279.274548][T17217] syz.8.4824: attempt to access beyond end of device
[  279.274548][T17217] loop8: rw=2049, sector=169, nr_sectors = 24 limit=128
[  279.288406][T17217] syz.8.4824: attempt to access beyond end of device
[  279.288406][T17217] loop8: rw=2049, sector=201, nr_sectors = 8 limit=128
[  279.303041][T17217] syz.8.4824: attempt to access beyond end of device
[  279.303041][T17217] loop8: rw=2049, sector=217, nr_sectors = 8 limit=128
[  279.316532][T17217] syz.8.4824: attempt to access beyond end of device
[  279.316532][T17217] loop8: rw=2049, sector=233, nr_sectors = 8 limit=128
[  279.343372][T17217] syz.8.4824: attempt to access beyond end of device
[  279.343372][T17217] loop8: rw=2049, sector=249, nr_sectors = 8 limit=128
[  279.356937][T17217] syz.8.4824: attempt to access beyond end of device
[  279.356937][T17217] loop8: rw=2049, sector=265, nr_sectors = 8 limit=128
[  279.370533][T17217] syz.8.4824: attempt to access beyond end of device
[  279.370533][T17217] loop8: rw=2049, sector=281, nr_sectors = 9 limit=128
[  279.417948][T17232] loop8: detected capacity change from 0 to 128
[  279.427758][T17234] FAULT_INJECTION: forcing a failure.
[  279.427758][T17234] name failslab, interval 1, probability 0, space 0, times 0
[  279.430055][T17232] syz.8.4831: attempt to access beyond end of device
[  279.430055][T17232] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  279.440493][T17234] CPU: 0 UID: 0 PID: 17234 Comm: syz.7.4832 Tainted: G        W           6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[  279.440527][T17234] Tainted: [W]=WARN
[  279.440534][T17234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  279.440545][T17234] Call Trace:
[  279.440552][T17234]  <TASK>
[  279.440560][T17234]  __dump_stack+0x1d/0x30
[  279.440594][T17234]  dump_stack_lvl+0xe8/0x140
[  279.440688][T17234]  dump_stack+0x15/0x1b
[  279.440761][T17234]  should_fail_ex+0x265/0x280
[  279.440782][T17234]  should_failslab+0x8c/0xb0
[  279.440805][T17234]  kmem_cache_alloc_noprof+0x50/0x310
[  279.440910][T17234]  ? skb_clone+0x151/0x1f0
[  279.440932][T17234]  skb_clone+0x151/0x1f0
[  279.440952][T17234]  __netlink_deliver_tap+0x2c9/0x500
[  279.440975][T17234]  netlink_unicast+0x66b/0x690
[  279.441042][T17234]  netlink_sendmsg+0x58b/0x6b0
[  279.441063][T17234]  ? __pfx_netlink_sendmsg+0x10/0x10
[  279.441082][T17234]  __sock_sendmsg+0x145/0x180
[  279.441167][T17234]  ____sys_sendmsg+0x31e/0x4e0
[  279.441189][T17234]  ___sys_sendmsg+0x17b/0x1d0
[  279.441219][T17234]  __x64_sys_sendmsg+0xd4/0x160
[  279.441292][T17234]  x64_sys_call+0x191e/0x2ff0
[  279.441311][T17234]  do_syscall_64+0xd2/0x200
[  279.441335][T17234]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  279.441381][T17234]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  279.441465][T17234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.441486][T17234] RIP: 0033:0x7f5f07d2ebe9
[  279.441501][T17234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.441584][T17234] RSP: 002b:00007f5f0678f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  279.441602][T17234] RAX: ffffffffffffffda RBX: 00007f5f07f55fa0 RCX: 00007f5f07d2ebe9
[  279.441614][T17234] RDX: 0000000020048440 RSI: 0000200000000480 RDI: 0000000000000003
[  279.441684][T17234] RBP: 00007f5f0678f090 R08: 0000000000000000 R09: 0000000000000000
[  279.441696][T17234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.441711][T17234] R13: 00007f5f07f56038 R14: 00007f5f07f55fa0 R15: 00007ffcea947098
[  279.441729][T17234]  </TASK>
[  279.670696][T17232] syz.8.4831: attempt to access beyond end of device
[  279.670696][T17232] loop8: rw=2049, sector=169, nr_sectors = 24 limit=128
[  279.782336][   T29] kauditd_printk_skb: 173 callbacks suppressed
[  279.782348][   T29] audit: type=1326 audit(1755065533.005:56783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17244 comm="syz.8.4838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  279.815544][   T29] audit: type=1326 audit(1755065533.035:56784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17244 comm="syz.8.4838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  279.839448][   T29] audit: type=1326 audit(1755065533.035:56785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17244 comm="syz.8.4838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  279.863412][   T29] audit: type=1326 audit(1755065533.035:56786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17244 comm="syz.8.4838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  279.908508][T17253] 9pnet_fd: Insufficient options for proto=fd
[  280.054770][T17258] loop8: detected capacity change from 0 to 128
[  280.070593][   T29] audit: type=1326 audit(1755065533.285:56787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17257 comm="syz.8.4842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  280.079860][T17263] sd 0:0:1:0: device reset
[  280.094326][   T29] audit: type=1326 audit(1755065533.285:56788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17257 comm="syz.8.4842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  280.122233][   T29] audit: type=1326 audit(1755065533.285:56789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17257 comm="syz.8.4842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  280.145965][   T29] audit: type=1326 audit(1755065533.285:56790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17257 comm="syz.8.4842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  280.169621][   T29] audit: type=1326 audit(1755065533.285:56791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17257 comm="syz.8.4842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=328 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  280.193240][   T29] audit: type=1326 audit(1755065533.285:56792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17257 comm="syz.8.4842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  280.317565][T17269] loop8: detected capacity change from 0 to 2048
[  280.395049][T17269]  loop8: p1 < > p4
[  280.399763][T17269] loop8: p4 size 8388608 extends beyond EOD, truncated
[  280.570648][T17275] loop7: detected capacity change from 0 to 128
[  280.677875][T17285] 9pnet_fd: Insufficient options for proto=fd
[  280.740824][T17296] loop8: detected capacity change from 0 to 128
[  280.747818][T17297] loop7: detected capacity change from 0 to 128
[  280.790500][T17299] loop8: detected capacity change from 0 to 128
[  280.892334][T17306] FAULT_INJECTION: forcing a failure.
[  280.892334][T17306] name fail_futex, interval 1, probability 0, space 0, times 1
[  280.905242][T17306] CPU: 1 UID: 0 PID: 17306 Comm: syz.7.4863 Tainted: G        W           6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[  280.905276][T17306] Tainted: [W]=WARN
[  280.905283][T17306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  280.905294][T17306] Call Trace:
[  280.905299][T17306]  <TASK>
[  280.905360][T17306]  __dump_stack+0x1d/0x30
[  280.905382][T17306]  dump_stack_lvl+0xe8/0x140
[  280.905471][T17306]  dump_stack+0x15/0x1b
[  280.905488][T17306]  should_fail_ex+0x265/0x280
[  280.905514][T17306]  should_fail+0xb/0x20
[  280.905532][T17306]  get_futex_key+0x594/0xbd0
[  280.905554][T17306]  ? timerqueue_add+0x14e/0x180
[  280.905638][T17306]  futex_wait_requeue_pi+0x15c/0x640
[  280.905685][T17306]  ? __pfx_futex_wake_mark+0x10/0x10
[  280.905800][T17306]  do_futex+0x136/0x380
[  280.905822][T17306]  __se_sys_futex+0x2ed/0x360
[  280.905847][T17306]  __x64_sys_futex+0x78/0x90
[  280.905949][T17306]  x64_sys_call+0x2e39/0x2ff0
[  280.905989][T17306]  do_syscall_64+0xd2/0x200
[  280.906014][T17306]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  280.906034][T17306]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  280.906092][T17306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.906113][T17306] RIP: 0033:0x7f5f07d2ebe9
[  280.906128][T17306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.906146][T17306] RSP: 002b:00007f5f0678f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  280.906163][T17306] RAX: ffffffffffffffda RBX: 00007f5f07f55fa0 RCX: 00007f5f07d2ebe9
[  280.906174][T17306] RDX: 0000000000000000 RSI: 000080000000000b RDI: 000020000000cffc
[  280.906253][T17306] RBP: 00007f5f0678f090 R08: 0000200000048000 R09: 0000000000000300
[  280.906265][T17306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  280.906294][T17306] R13: 00007f5f07f56038 R14: 00007f5f07f55fa0 R15: 00007ffcea947098
[  280.906376][T17306]  </TASK>
[  281.126310][T17314] netlink: 56 bytes leftover after parsing attributes in process `+}[@'.
[  281.180515][T17320] 9pnet_fd: Insufficient options for proto=fd
[  281.212595][T17322] sd 0:0:1:0: device reset
[  281.217290][T17324] loop7: detected capacity change from 0 to 128
[  281.239926][T17314] tmpfs: Bad value for 'size'
[  281.368343][T17334] loop8: detected capacity change from 0 to 128
[  281.468895][T17336] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4878'.
[  281.641013][T17347] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4881'.
[  281.737952][T17347] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.851639][T17347] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.860468][T17357] 9pnet_fd: Insufficient options for proto=fd
[  281.934485][T17347] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.966919][T17361] loop5: detected capacity change from 0 to 128
[  281.984367][T17347] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.014374][T17365] sd 0:0:1:0: device reset
[  282.063247][ T9479] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  282.078339][ T9479] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  282.097573][T17372] loop5: detected capacity change from 0 to 512
[  282.136002][ T9479] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  282.144507][ T9479] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.180646][T17372] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4889: error while reading EA inode 32 err=-116
[  282.208321][T17372] EXT4-fs (loop5): Remounting filesystem read-only
[  282.214913][T17372] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  282.227559][T17372] EXT4-fs (loop5): 1 orphan inode deleted
[  282.241522][T17372] EXT4-fs mount: 34 callbacks suppressed
[  282.241550][T17372] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  282.245936][T17385] 9pnet_fd: Insufficient options for proto=fd
[  282.271833][T17372] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.339141][T17393] loop6: detected capacity change from 0 to 128
[  282.378941][T17397] sd 0:0:1:0: device reset
[  282.762021][T17416] 9pnet_fd: Insufficient options for proto=fd
[  282.921726][T17431] sd 0:0:1:0: device reset
[  282.950599][T17436] loop8: detected capacity change from 0 to 128
[  282.971165][T17438] loop5: detected capacity change from 0 to 512
[  283.015031][T17441] netlink: 96 bytes leftover after parsing attributes in process `syz.8.4917'.
[  283.032220][T17438] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4916: error while reading EA inode 32 err=-116
[  283.046501][T17438] EXT4-fs (loop5): Remounting filesystem read-only
[  283.053046][T17438] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  283.072621][T17438] EXT4-fs (loop5): 1 orphan inode deleted
[  283.082946][T17438] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.104856][T17438] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.189902][T17450] 9pnet_fd: Insufficient options for proto=fd
[  283.293449][T17463] sd 0:0:1:0: device reset
[  283.325339][T17464] loop8: detected capacity change from 0 to 512
[  283.339539][T17468] loop5: detected capacity change from 0 to 128
[  283.517888][T17477] loop5: detected capacity change from 0 to 512
[  283.531799][T17477] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4930: error while reading EA inode 32 err=-116
[  283.584417][T17477] EXT4-fs (loop5): Remounting filesystem read-only
[  283.591005][T17477] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  283.620725][T17464] EXT4-fs error (device loop8): ext4_xattr_inode_iget:442: comm syz.8.4924: error while reading EA inode 32 err=-116
[  283.648375][T17464] EXT4-fs (loop8): Remounting filesystem read-only
[  283.654918][T17464] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  283.667226][T17477] EXT4-fs (loop5): 1 orphan inode deleted
[  283.679218][T17477] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.693335][T17477] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.694715][T17464] EXT4-fs (loop8): 1 orphan inode deleted
[  283.708737][T17481] netlink: 72 bytes leftover after parsing attributes in process `syz.7.4931'.
[  283.717925][T17481] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4931'.
[  283.727079][T17464] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.741154][T17464] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.750441][T17481] netlink: 72 bytes leftover after parsing attributes in process `syz.7.4931'.
[  283.759453][T17481] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4931'.
[  284.231727][T17505] serio: Serial port ptm0
[  284.397734][T17510] sd 0:0:1:0: device reset
[  284.439348][T17512] serio: Serial port ptm0
[  284.612129][T17534] loop5: detected capacity change from 0 to 128
[  284.624956][T17534] bio_check_eod: 86 callbacks suppressed
[  284.624970][T17534] syz.5.4951: attempt to access beyond end of device
[  284.624970][T17534] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[  284.649195][T17534] syz.5.4951: attempt to access beyond end of device
[  284.649195][T17534] loop5: rw=2049, sector=169, nr_sectors = 24 limit=128
[  284.666393][T17535] loop7: detected capacity change from 0 to 512
[  284.674247][T17534] syz.5.4951: attempt to access beyond end of device
[  284.674247][T17534] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[  284.688134][T17534] syz.5.4951: attempt to access beyond end of device
[  284.688134][T17534] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128
[  284.702044][T17534] syz.5.4951: attempt to access beyond end of device
[  284.702044][T17534] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[  284.710716][T17535] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.4950: error while reading EA inode 32 err=-116
[  284.715625][T17534] syz.5.4951: attempt to access beyond end of device
[  284.715625][T17534] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128
[  284.740850][T17535] EXT4-fs (loop7): Remounting filesystem read-only
[  284.747478][T17535] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  284.747480][T17534] syz.5.4951: attempt to access beyond end of device
[  284.747480][T17534] loop5: rw=2049, sector=265, nr_sectors = 8 limit=128
[  284.771146][T17534] syz.5.4951: attempt to access beyond end of device
[  284.771146][T17534] loop5: rw=2049, sector=281, nr_sectors = 9 limit=128
[  284.784840][T17535] EXT4-fs (loop7): 1 orphan inode deleted
[  284.790917][T17535] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.834425][   T29] kauditd_printk_skb: 258 callbacks suppressed
[  284.834453][   T29] audit: type=1326 audit(1755065538.047:57051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17539 comm="syz.3.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  284.864245][   T29] audit: type=1326 audit(1755065538.047:57052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17539 comm="syz.3.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  284.874367][T17535] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.887855][   T29] audit: type=1326 audit(1755065538.047:57053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17539 comm="syz.3.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  284.887878][   T29] audit: type=1326 audit(1755065538.047:57054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17539 comm="syz.3.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  284.887899][   T29] audit: type=1326 audit(1755065538.047:57055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17539 comm="syz.3.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  284.967681][   T29] audit: type=1326 audit(1755065538.047:57056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17539 comm="syz.3.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  284.991333][   T29] audit: type=1326 audit(1755065538.047:57057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17539 comm="syz.3.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  284.993997][T17540] serio: Serial port ptm0
[  285.026550][   T29] audit: type=1326 audit(1755065538.087:57058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17539 comm="syz.3.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  285.050178][   T29] audit: type=1326 audit(1755065538.087:57059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17539 comm="syz.3.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  285.050201][   T29] audit: type=1326 audit(1755065538.208:57060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17541 comm="syz.3.4953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f47997a14a5 code=0x7ffc0000
[  285.078414][T17544] sd 0:0:1:0: device reset
[  285.134641][T17546] loop8: detected capacity change from 0 to 128
[  285.152971][T17546] syz.8.4955: attempt to access beyond end of device
[  285.152971][T17546] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  285.173772][T17546] syz.8.4955: attempt to access beyond end of device
[  285.173772][T17546] loop8: rw=2049, sector=169, nr_sectors = 24 limit=128
[  285.246420][T17557] 9pnet_fd: Insufficient options for proto=fd
[  285.364919][T17568] loop6: detected capacity change from 0 to 128
[  285.390069][T17562] serio: Serial port ptm0
[  285.398606][T17571] sd 0:0:1:0: device reset
[  285.440765][T17575] serio: Serial port ptm1
[  285.566053][T17586] 9pnet_fd: Insufficient options for proto=fd
[  285.733075][T17593] FAULT_INJECTION: forcing a failure.
[  285.733075][T17593] name failslab, interval 1, probability 0, space 0, times 0
[  285.745747][T17593] CPU: 1 UID: 0 PID: 17593 Comm: syz.8.4974 Tainted: G        W           6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[  285.745839][T17593] Tainted: [W]=WARN
[  285.745846][T17593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  285.745857][T17593] Call Trace:
[  285.745863][T17593]  <TASK>
[  285.745869][T17593]  __dump_stack+0x1d/0x30
[  285.745890][T17593]  dump_stack_lvl+0xe8/0x140
[  285.745907][T17593]  dump_stack+0x15/0x1b
[  285.745971][T17593]  should_fail_ex+0x265/0x280
[  285.745992][T17593]  should_failslab+0x8c/0xb0
[  285.746055][T17593]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  285.746079][T17593]  ? sidtab_sid2str_get+0xa0/0x130
[  285.746130][T17593]  kmemdup_noprof+0x2b/0x70
[  285.746153][T17593]  sidtab_sid2str_get+0xa0/0x130
[  285.746170][T17593]  security_sid_to_context_core+0x1eb/0x2e0
[  285.746214][T17593]  security_sid_to_context+0x27/0x40
[  285.746230][T17593]  selinux_lsmprop_to_secctx+0x67/0xf0
[  285.746247][T17593]  security_lsmprop_to_secctx+0x43/0x80
[  285.746270][T17593]  audit_log_task_context+0x77/0x190
[  285.746323][T17593]  audit_log_task+0xf4/0x250
[  285.746344][T17593]  audit_seccomp+0x61/0x100
[  285.746466][T17593]  ? __seccomp_filter+0x68c/0x10d0
[  285.746488][T17593]  __seccomp_filter+0x69d/0x10d0
[  285.746511][T17593]  ? mas_find+0x222/0x700
[  285.746611][T17593]  ? apply_vma_lock_flags+0x20b/0x250
[  285.746636][T17593]  __secure_computing+0x82/0x150
[  285.746652][T17593]  syscall_trace_enter+0xcf/0x1e0
[  285.746672][T17593]  do_syscall_64+0xac/0x200
[  285.746730][T17593]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  285.746754][T17593]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  285.746817][T17593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.746916][T17593] RIP: 0033:0x7f8324dbd5fc
[  285.746928][T17593] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  285.746945][T17593] RSP: 002b:00007f8323827030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  285.746965][T17593] RAX: ffffffffffffffda RBX: 00007f8324fe5fa0 RCX: 00007f8324dbd5fc
[  285.746979][T17593] RDX: 000000000000000f RSI: 00007f83238270a0 RDI: 0000000000000004
[  285.746992][T17593] RBP: 00007f8323827090 R08: 0000000000000000 R09: 0000000000000000
[  285.747005][T17593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.747027][T17593] R13: 00007f8324fe6038 R14: 00007f8324fe5fa0 R15: 00007ffd10c8e0c8
[  285.747043][T17593]  </TASK>
[  285.988966][T17596] loop7: detected capacity change from 0 to 128
[  286.010217][T17598] sd 0:0:1:0: device reset
[  286.052816][T17600] loop8: detected capacity change from 0 to 128
[  286.107823][T17613] serio: Serial port ptm0
[  286.132246][T17615] loop7: detected capacity change from 0 to 512
[  286.159893][T17615] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.4982: error while reading EA inode 32 err=-116
[  286.173419][T17615] EXT4-fs (loop7): Remounting filesystem read-only
[  286.179948][T17615] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  286.191356][T17615] EXT4-fs (loop7): 1 orphan inode deleted
[  286.197339][T17615] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.212497][T17615] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.227677][T17622] 9pnet_fd: Insufficient options for proto=fd
[  286.263080][T17625] serio: Serial port ptm1
[  286.313885][T17632] sd 0:0:1:0: device reset
[  286.342278][T17635] loop5: detected capacity change from 0 to 512
[  286.379780][T17640] loop8: detected capacity change from 0 to 128
[  286.409828][T17635] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.4989: error while reading EA inode 32 err=-116
[  286.423773][T17635] EXT4-fs (loop5): Remounting filesystem read-only
[  286.430344][T17635] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  286.443168][T17635] EXT4-fs (loop5): 1 orphan inode deleted
[  286.449640][T17635] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.464099][T17635] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.620174][T17653] 9pnet_fd: Insufficient options for proto=fd
[  286.799815][T17656] serio: Serial port ptm0
[  287.032107][T17661] sd 0:0:1:0: device reset
[  287.310115][T17683] loop5: detected capacity change from 0 to 128
[  287.391640][T17687] 9pnet_fd: Insufficient options for proto=fd
[  288.355961][T17739] loop7: detected capacity change from 0 to 128
[  288.368109][T17740] loop8: detected capacity change from 0 to 512
[  288.387959][T17740] EXT4-fs error (device loop8): ext4_xattr_inode_iget:442: comm syz.8.5028: error while reading EA inode 32 err=-116
[  288.402513][T17740] EXT4-fs (loop8): Remounting filesystem read-only
[  288.409174][T17740] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  288.420074][T17740] EXT4-fs (loop8): 1 orphan inode deleted
[  288.426079][T17740] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.439591][T17740] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.490299][T17755] serio: Serial port ptm0
[  288.633890][T17766] loop5: detected capacity change from 0 to 128
[  288.823009][T17776] loop5: detected capacity change from 0 to 128
[  289.502779][T17793] sd 0:0:1:0: device reset
[  289.588737][T17797] loop8: detected capacity change from 0 to 128
[  289.627551][T17797] bio_check_eod: 70 callbacks suppressed
[  289.627566][T17797] syz.8.5055: attempt to access beyond end of device
[  289.627566][T17797] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  289.684765][T17803] netlink: 'syz.3.5058': attribute type 1 has an invalid length.
[  289.692543][T17803] netlink: 224 bytes leftover after parsing attributes in process `syz.3.5058'.
[  289.701637][T17797] syz.8.5055: attempt to access beyond end of device
[  289.701637][T17797] loop8: rw=2049, sector=169, nr_sectors = 24 limit=128
[  289.715450][T17797] syz.8.5055: attempt to access beyond end of device
[  289.715450][T17797] loop8: rw=2049, sector=201, nr_sectors = 8 limit=128
[  289.729142][T17797] syz.8.5055: attempt to access beyond end of device
[  289.729142][T17797] loop8: rw=2049, sector=217, nr_sectors = 8 limit=128
[  289.750076][T17805] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.762967][T17810] loop7: detected capacity change from 0 to 512
[  289.788100][T17810] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.5059: error while reading EA inode 32 err=-116
[  289.804308][T17810] EXT4-fs (loop7): Remounting filesystem read-only
[  289.810923][T17810] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  289.822513][T17797] syz.8.5055: attempt to access beyond end of device
[  289.822513][T17797] loop8: rw=2049, sector=233, nr_sectors = 8 limit=128
[  289.836296][T17810] EXT4-fs (loop7): 1 orphan inode deleted
[  289.844306][T17810] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.883715][T17797] syz.8.5055: attempt to access beyond end of device
[  289.883715][T17797] loop8: rw=2049, sector=249, nr_sectors = 8 limit=128
[  289.886311][T17805] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.897183][T17797] syz.8.5055: attempt to access beyond end of device
[  289.897183][T17797] loop8: rw=2049, sector=265, nr_sectors = 8 limit=128
[  289.920852][T17797] syz.8.5055: attempt to access beyond end of device
[  289.920852][T17797] loop8: rw=2049, sector=281, nr_sectors = 9 limit=128
[  289.936280][T17810] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.991826][T17805] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.028956][T17805] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.087471][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.106329][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.116000][   T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.124322][   T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.153709][T17829] sd 0:0:1:0: device reset
[  290.179847][T17833] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  290.179844][   T29] kauditd_printk_skb: 202 callbacks suppressed
[  290.179873][   T29] audit: type=1400 audit(1755065543.400:57262): avc:  denied  { load_policy } for  pid=17832 comm="syz.8.5069" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  290.230106][T17833] SELinux: failed to load policy
[  290.361407][   T29] audit: type=1326 audit(1755065543.580:57263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17842 comm="syz.8.5073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  290.456676][T17846] serio: Serial port ptm0
[  290.772474][   T29] audit: type=1326 audit(1755065543.680:57264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17842 comm="syz.8.5073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  290.796069][   T29] audit: type=1326 audit(1755065543.680:57265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17842 comm="syz.8.5073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  290.819770][   T29] audit: type=1326 audit(1755065543.680:57266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17842 comm="syz.8.5073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  290.870414][   T29] audit: type=1326 audit(1755065544.080:57267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17866 comm="syz.3.5082" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f479976ebe9 code=0x0
[  290.972496][T17872] loop8: detected capacity change from 0 to 128
[  290.992725][   T29] audit: type=1326 audit(1755065544.211:57268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17871 comm="syz.8.5084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  291.016354][   T29] audit: type=1326 audit(1755065544.211:57269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17871 comm="syz.8.5084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  291.043401][   T29] audit: type=1326 audit(1755065544.211:57270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17871 comm="syz.8.5084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  291.045401][T17872] syz.8.5084: attempt to access beyond end of device
[  291.045401][T17872] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  291.067109][   T29] audit: type=1326 audit(1755065544.211:57271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17871 comm="syz.8.5084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  291.099286][T17872] syz.8.5084: attempt to access beyond end of device
[  291.099286][T17872] loop8: rw=2049, sector=169, nr_sectors = 24 limit=128
[  291.188055][T17879] loop7: detected capacity change from 0 to 128
[  291.258474][T17885] serio: Serial port ptm0
[  291.334665][T17894] loop7: detected capacity change from 0 to 512
[  291.347791][T17894] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.5093: error while reading EA inode 32 err=-116
[  291.361963][T17894] EXT4-fs (loop7): Remounting filesystem read-only
[  291.368553][T17894] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  291.381138][T17894] EXT4-fs (loop7): 1 orphan inode deleted
[  291.387247][T17894] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.401202][T17894] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.968276][T17926] serio: Serial port ptm0
[  292.077615][T17932] tmpfs: Unknown parameter '0xffffffffffffffff'
[  292.311594][T17956] loop8: detected capacity change from 0 to 512
[  292.319477][T17956] EXT4-fs error (device loop8): ext4_xattr_inode_iget:442: comm syz.8.5112: error while reading EA inode 32 err=-116
[  292.333165][T17956] EXT4-fs (loop8): Remounting filesystem read-only
[  292.339759][T17956] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  292.350302][T17956] EXT4-fs (loop8): 1 orphan inode deleted
[  292.356693][T17956] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  292.377020][T17956] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.436210][T17965] serio: Serial port ptm0
[  292.618742][T17972] FAULT_INJECTION: forcing a failure.
[  292.618742][T17972] name failslab, interval 1, probability 0, space 0, times 0
[  292.631441][T17972] CPU: 0 UID: 0 PID: 17972 Comm: syz.6.5123 Tainted: G        W           6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[  292.631476][T17972] Tainted: [W]=WARN
[  292.631483][T17972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  292.631496][T17972] Call Trace:
[  292.631503][T17972]  <TASK>
[  292.631569][T17972]  __dump_stack+0x1d/0x30
[  292.631591][T17972]  dump_stack_lvl+0xe8/0x140
[  292.631611][T17972]  dump_stack+0x15/0x1b
[  292.631685][T17972]  should_fail_ex+0x265/0x280
[  292.631707][T17972]  ? audit_log_d_path+0x8d/0x150
[  292.631735][T17972]  should_failslab+0x8c/0xb0
[  292.631755][T17972]  __kmalloc_cache_noprof+0x4c/0x320
[  292.631820][T17972]  audit_log_d_path+0x8d/0x150
[  292.631849][T17972]  audit_log_d_path_exe+0x42/0x70
[  292.631878][T17972]  audit_log_task+0x1e9/0x250
[  292.631959][T17972]  audit_seccomp+0x61/0x100
[  292.631984][T17972]  ? __seccomp_filter+0x68c/0x10d0
[  292.632055][T17972]  __seccomp_filter+0x69d/0x10d0
[  292.632074][T17972]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  292.632101][T17972]  ? vfs_write+0x7e8/0x960
[  292.632128][T17972]  __secure_computing+0x82/0x150
[  292.632149][T17972]  syscall_trace_enter+0xcf/0x1e0
[  292.632238][T17972]  do_syscall_64+0xac/0x200
[  292.632262][T17972]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  292.632286][T17972]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  292.632305][T17972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.632405][T17972] RIP: 0033:0x7fd94c3aebe9
[  292.632433][T17972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.632477][T17972] RSP: 002b:00007fd94ae0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000121
[  292.632497][T17972] RAX: ffffffffffffffda RBX: 00007fd94c5d5fa0 RCX: 00007fd94c3aebe9
[  292.632509][T17972] RDX: 0000000000000008 RSI: 0000200000000200 RDI: ffffffffffffffff
[  292.632522][T17972] RBP: 00007fd94ae0f090 R08: 0000000000000000 R09: 0000000000000000
[  292.632535][T17972] R10: 0000000000080800 R11: 0000000000000246 R12: 0000000000000001
[  292.632548][T17972] R13: 00007fd94c5d6038 R14: 00007fd94c5d5fa0 R15: 00007ffdc209fb48
[  292.632639][T17972]  </TASK>
[  292.872670][T17974] loop6: detected capacity change from 0 to 128
[  293.679678][T18008] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.688165][T18008] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.983512][T18030] loop6: detected capacity change from 0 to 512
[  293.992374][T18030] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.5142: error while reading EA inode 32 err=-116
[  294.005431][T18030] EXT4-fs (loop6): Remounting filesystem read-only
[  294.012123][T18030] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  294.023798][T18030] EXT4-fs (loop6): 1 orphan inode deleted
[  294.030057][T18030] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.044248][T18030] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.084365][T18043] loop5: detected capacity change from 0 to 128
[  294.147088][T18051] loop5: detected capacity change from 0 to 164
[  294.155535][T18051] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  294.165871][T18051] FAULT_INJECTION: forcing a failure.
[  294.165871][T18051] name failslab, interval 1, probability 0, space 0, times 0
[  294.178659][T18051] CPU: 0 UID: 0 PID: 18051 Comm: syz.5.5155 Tainted: G        W           6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[  294.178700][T18051] Tainted: [W]=WARN
[  294.178707][T18051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  294.178719][T18051] Call Trace:
[  294.178725][T18051]  <TASK>
[  294.178733][T18051]  __dump_stack+0x1d/0x30
[  294.178753][T18051]  dump_stack_lvl+0xe8/0x140
[  294.178803][T18051]  dump_stack+0x15/0x1b
[  294.178812][T18051]  should_fail_ex+0x265/0x280
[  294.178824][T18051]  should_failslab+0x8c/0xb0
[  294.178904][T18051]  kmem_cache_alloc_node_noprof+0x57/0x320
[  294.178920][T18051]  ? __alloc_skb+0x101/0x320
[  294.178938][T18051]  __alloc_skb+0x101/0x320
[  294.178969][T18051]  ? audit_log_start+0x365/0x6c0
[  294.179063][T18051]  audit_log_start+0x380/0x6c0
[  294.179080][T18051]  audit_seccomp+0x48/0x100
[  294.179094][T18051]  ? __seccomp_filter+0x68c/0x10d0
[  294.179105][T18051]  __seccomp_filter+0x69d/0x10d0
[  294.179130][T18051]  ? mntput_no_expire+0x6f/0x460
[  294.179188][T18051]  ? __rcu_read_unlock+0x4f/0x70
[  294.179210][T18051]  __secure_computing+0x82/0x150
[  294.179221][T18051]  syscall_trace_enter+0xcf/0x1e0
[  294.179234][T18051]  do_syscall_64+0xac/0x200
[  294.179255][T18051]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  294.179267][T18051]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  294.179280][T18051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.179295][T18051] RIP: 0033:0x7fdf1b95d5fc
[  294.179304][T18051] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  294.179314][T18051] RSP: 002b:00007fdf1a3bf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  294.179325][T18051] RAX: ffffffffffffffda RBX: 00007fdf1bb85fa0 RCX: 00007fdf1b95d5fc
[  294.179332][T18051] RDX: 000000000000000f RSI: 00007fdf1a3bf0a0 RDI: 0000000000000006
[  294.179341][T18051] RBP: 00007fdf1a3bf090 R08: 0000000000000000 R09: 0000000000000000
[  294.179348][T18051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.179355][T18051] R13: 00007fdf1bb86038 R14: 00007fdf1bb85fa0 R15: 00007ffe2a131b88
[  294.179365][T18051]  </TASK>
[  294.408361][T18054] loop5: detected capacity change from 0 to 512
[  294.425073][T18054] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  294.433061][T18054] System zones: 0-2, 18-18, 34-34
[  294.438816][T18054] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5156: bg 0: block 248: padding at end of block bitmap is not set
[  294.494436][T18054] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.5156: Failed to acquire dquot type 1
[  294.535807][T18054] EXT4-fs (loop5): 1 truncate cleaned up
[  294.551710][T18054] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.565814][T18054] ext4 filesystem being mounted at /483/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  294.796237][T12772] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.835572][T18074] serio: Serial port ptm0
[  294.848896][T18078] loop7: detected capacity change from 0 to 128
[  294.860525][T18078] bio_check_eod: 30 callbacks suppressed
[  294.860535][T18078] syz.7.5164: attempt to access beyond end of device
[  294.860535][T18078] loop7: rw=2049, sector=145, nr_sectors = 16 limit=128
[  294.879814][T18078] syz.7.5164: attempt to access beyond end of device
[  294.879814][T18078] loop7: rw=2049, sector=169, nr_sectors = 24 limit=128
[  294.894952][T18078] syz.7.5164: attempt to access beyond end of device
[  294.894952][T18078] loop7: rw=2049, sector=201, nr_sectors = 8 limit=128
[  294.908973][T18078] syz.7.5164: attempt to access beyond end of device
[  294.908973][T18078] loop7: rw=2049, sector=217, nr_sectors = 8 limit=128
[  294.952637][T18078] syz.7.5164: attempt to access beyond end of device
[  294.952637][T18078] loop7: rw=2049, sector=233, nr_sectors = 8 limit=128
[  294.968113][T18078] syz.7.5164: attempt to access beyond end of device
[  294.968113][T18078] loop7: rw=2049, sector=249, nr_sectors = 8 limit=128
[  294.981902][T18078] syz.7.5164: attempt to access beyond end of device
[  294.981902][T18078] loop7: rw=2049, sector=265, nr_sectors = 8 limit=128
[  294.996815][T18078] syz.7.5164: attempt to access beyond end of device
[  294.996815][T18078] loop7: rw=2049, sector=281, nr_sectors = 9 limit=128
[  295.046914][T18093] serio: Serial port ptm1
[  295.201613][   T29] kauditd_printk_skb: 204 callbacks suppressed
[  295.201632][   T29] audit: type=1326 audit(1755065548.423:57472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18094 comm="syz.7.5172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f5f07d2ebe9 code=0x7ffc0000
[  295.237109][   T29] audit: type=1326 audit(1755065548.443:57473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18092 comm="syz.7.5172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5f07ccadd9 code=0x7ffc0000
[  295.260623][   T29] audit: type=1326 audit(1755065548.443:57474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18092 comm="syz.7.5172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f07d2ebe9 code=0x7ffc0000
[  295.284214][   T29] audit: type=1326 audit(1755065548.443:57475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18092 comm="syz.7.5172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f07d2ebe9 code=0x7ffc0000
[  295.307867][   T29] audit: type=1326 audit(1755065548.463:57476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18106 comm="syz.6.5176" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd94c3aebe9 code=0x0
[  295.331087][T18112] loop6: detected capacity change from 0 to 512
[  295.342862][T18112] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.5176: error while reading EA inode 32 err=-116
[  295.355822][T18112] EXT4-fs (loop6): Remounting filesystem read-only
[  295.362352][T18112] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  295.372572][T18112] EXT4-fs (loop6): 1 orphan inode deleted
[  295.380059][T18112] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.392937][T18112] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.736786][T18125] loop8: detected capacity change from 0 to 128
[  295.794126][   T29] audit: type=1326 audit(1755065548.993:57477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.3.5183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  295.818402][   T29] audit: type=1326 audit(1755065548.993:57478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.3.5183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  295.842265][   T29] audit: type=1326 audit(1755065549.003:57479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18126 comm="syz.3.5183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  295.865825][   T29] audit: type=1326 audit(1755065549.003:57480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18124 comm="syz.8.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  295.889543][   T29] audit: type=1326 audit(1755065549.003:57481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18124 comm="syz.8.5182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8324dbebe9 code=0x7ffc0000
[  295.918203][T18125] syz.8.5182: attempt to access beyond end of device
[  295.918203][T18125] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  295.934909][T18125] syz.8.5182: attempt to access beyond end of device
[  295.934909][T18125] loop8: rw=2049, sector=169, nr_sectors = 24 limit=128
[  295.950217][T18127] serio: Serial port ptm0
[  295.992312][    T9] Process accounting resumed
[  296.096905][T18148] serio: Serial port ptm0
[  296.114461][T18136] lo speed is unknown, defaulting to 1000
[  296.205056][T18161] loop6: detected capacity change from 0 to 128
[  296.282171][T18168] serio: Serial port ptm1
[  296.369896][T18187] loop6: detected capacity change from 0 to 512
[  296.378925][T18187] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.5205: error while reading EA inode 32 err=-116
[  296.391469][T18187] EXT4-fs (loop6): Remounting filesystem read-only
[  296.398030][T18187] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  296.408437][T18187] EXT4-fs (loop6): 1 orphan inode deleted
[  296.416113][T18187] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.434951][T18187] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.003740][T18202] loop5: detected capacity change from 0 to 128
[  297.168415][T18220] loop5: detected capacity change from 0 to 128
[  297.196254][T18223] 9pnet_fd: Insufficient options for proto=fd
[  297.237941][T18227] serio: Serial port ptm0
[  297.346864][T18232] 9pnet_fd: Insufficient options for proto=fd
[  297.370044][T18234] loop7: detected capacity change from 0 to 128
[  297.468749][T18244] loop7: detected capacity change from 0 to 128
[  297.529044][T18250] serio: Serial port ptm1
[  297.539318][T18253] 9pnet_fd: Insufficient options for proto=fd
[  298.081439][T18284] loop5: detected capacity change from 0 to 128
[  298.122590][T18291] 9pnet_fd: Insufficient options for proto=fd
[  298.216854][T18302] serio: Serial port ptm0
[  298.338166][T18310] loop7: detected capacity change from 0 to 512
[  298.356607][T18310] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.5256: error while reading EA inode 32 err=-116
[  298.370290][T18310] EXT4-fs (loop7): Remounting filesystem read-only
[  298.376903][T18310] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  298.451391][T18310] EXT4-fs (loop7): 1 orphan inode deleted
[  298.460251][T18310] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.488731][T18310] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.530273][T18323] loop5: detected capacity change from 0 to 512
[  298.554726][T18323] EXT4-fs error (device loop5): ext4_xattr_inode_iget:442: comm syz.5.5258: error while reading EA inode 32 err=-116
[  298.568729][T18323] EXT4-fs (loop5): Remounting filesystem read-only
[  298.575291][T18323] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  298.594589][T18326] serio: Serial port ptm0
[  298.599210][T18323] EXT4-fs (loop5): 1 orphan inode deleted
[  298.606457][T18323] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.618924][T18323] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.971381][T18328] 9pnet_fd: Insufficient options for proto=fd
[  299.724300][T18348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  299.732789][T18348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  299.869710][T18354] 9pnet_fd: Insufficient options for proto=fd
[  299.937777][T18356] loop8: detected capacity change from 0 to 128
[  300.055660][T18356] bio_check_eod: 54 callbacks suppressed
[  300.055677][T18356] syz.8.5274: attempt to access beyond end of device
[  300.055677][T18356] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  300.082132][T18356] syz.8.5274: attempt to access beyond end of device
[  300.082132][T18356] loop8: rw=2049, sector=169, nr_sectors = 24 limit=128
[  300.095695][T18356] syz.8.5274: attempt to access beyond end of device
[  300.095695][T18356] loop8: rw=2049, sector=201, nr_sectors = 8 limit=128
[  300.116862][T18356] syz.8.5274: attempt to access beyond end of device
[  300.116862][T18356] loop8: rw=2049, sector=217, nr_sectors = 8 limit=128
[  300.134862][T18356] syz.8.5274: attempt to access beyond end of device
[  300.134862][T18356] loop8: rw=2049, sector=233, nr_sectors = 8 limit=128
[  300.149882][T18362] loop6: detected capacity change from 0 to 128
[  300.151515][T18356] syz.8.5274: attempt to access beyond end of device
[  300.151515][T18356] loop8: rw=2049, sector=249, nr_sectors = 8 limit=128
[  300.162610][T18362] syz.6.5276: attempt to access beyond end of device
[  300.162610][T18362] loop6: rw=2049, sector=145, nr_sectors = 16 limit=128
[  300.170817][T18356] syz.8.5274: attempt to access beyond end of device
[  300.170817][T18356] loop8: rw=2049, sector=265, nr_sectors = 8 limit=128
[  300.183290][T18362] syz.6.5276: attempt to access beyond end of device
[  300.183290][T18362] loop6: rw=2049, sector=169, nr_sectors = 24 limit=128
[  300.197308][T18356] syz.8.5274: attempt to access beyond end of device
[  300.197308][T18356] loop8: rw=2049, sector=281, nr_sectors = 9 limit=128
[  300.223486][   T29] kauditd_printk_skb: 137 callbacks suppressed
[  300.223500][   T29] audit: type=1326 audit(1755065553.445:57619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18361 comm="syz.6.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94c3aebe9 code=0x7ffc0000
[  300.225222][T18365] loop7: detected capacity change from 0 to 512
[  300.229686][   T29] audit: type=1326 audit(1755065553.445:57620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18361 comm="syz.6.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd94c3aebe9 code=0x7ffc0000
[  300.289220][T18365] EXT4-fs error (device loop7): ext4_xattr_inode_iget:442: comm syz.7.5278: error while reading EA inode 32 err=-116
[  300.303046][T18365] EXT4-fs (loop7): Remounting filesystem read-only
[  300.309711][T18365] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  300.334353][T18371] 9pnet_fd: Insufficient options for proto=fd
[  300.340561][T18365] EXT4-fs (loop7): 1 orphan inode deleted
[  300.346911][T18365] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.359790][T18365] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.372423][T18376] serio: Serial port ptm0
[  300.380376][T18378] sd 0:0:1:0: device reset
[  300.893490][T18387] 9pnet_fd: Insufficient options for proto=fd
[  300.998523][T18394] loop7: detected capacity change from 0 to 2048
[  301.023451][T18394] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.338875][T18409] 9pnet_fd: Insufficient options for proto=fd
[  301.443303][T18417] 9pnet_fd: Insufficient options for proto=fd
[  301.556623][T16136] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.696977][T18432] serio: Serial port ptm0
[  302.235616][   T29] audit: type=1326 audit(1755065555.466:57621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18434 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  302.259525][   T29] audit: type=1326 audit(1755065555.466:57622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18434 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  302.283207][   T29] audit: type=1326 audit(1755065555.466:57623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18434 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  302.306775][   T29] audit: type=1326 audit(1755065555.466:57624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18434 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  302.330437][   T29] audit: type=1326 audit(1755065555.486:57625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18434 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f479976ebe9 code=0x7ffc0000
[  302.465391][   T29] audit: type=1326 audit(1755065555.686:57626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18450 comm="syz.7.5313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f07d2ebe9 code=0x7ffc0000
[  302.497087][   T29] audit: type=1326 audit(1755065555.686:57627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18450 comm="syz.7.5313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f07d2ebe9 code=0x7ffc0000
[  302.520707][   T29] audit: type=1326 audit(1755065555.696:57628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18450 comm="syz.7.5313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f5f07d2ebe9 code=0x7ffc0000
[  302.548066][T18456] 9pnet_fd: Insufficient options for proto=fd
[  302.643845][T18472] 9pnet_fd: Insufficient options for proto=fd
[  303.473163][T18492] serio: Serial port ptm0
[  303.473447][T18490] 9pnet_fd: Insufficient options for proto=fd
[  303.495346][T18494] ==================================================================
[  303.503424][T18494] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  303.510704][T18494] 
[  303.513010][T18494] write to 0xffff888119f3a100 of 8 bytes by task 18493 on cpu 1:
[  303.520703][T18494]  mas_wmb_replace+0x20d/0x14a0
[  303.525544][T18494]  mas_wr_store_entry+0x1773/0x2b50
[  303.530728][T18494]  mas_store_prealloc+0x74d/0x9e0
[  303.535735][T18494]  vma_iter_store_new+0x1c5/0x200
[  303.540745][T18494]  vma_complete+0x125/0x580
[  303.545577][T18494]  __split_vma+0x591/0x650
[  303.549978][T18494]  vma_modify+0x21e/0xc80
[  303.554288][T18494]  vma_modify_flags+0x101/0x130
[  303.559126][T18494]  mprotect_fixup+0x2cc/0x570
[  303.563789][T18494]  do_mprotect_pkey+0x6d6/0x980
[  303.568634][T18494]  __x64_sys_mprotect+0x48/0x60
[  303.573467][T18494]  x64_sys_call+0x274e/0x2ff0
[  303.578125][T18494]  do_syscall_64+0xd2/0x200
[  303.582617][T18494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.588492][T18494] 
[  303.590803][T18494] read to 0xffff888119f3a100 of 8 bytes by task 18494 on cpu 0:
[  303.598410][T18494]  mas_state_walk+0x485/0x650
[  303.603073][T18494]  mas_walk+0x60/0x150
[  303.607133][T18494]  lock_vma_under_rcu+0x8d/0x160
[  303.612063][T18494]  do_user_addr_fault+0x233/0x1090
[  303.617163][T18494]  exc_page_fault+0x62/0xa0
[  303.621648][T18494]  asm_exc_page_fault+0x26/0x30
[  303.626478][T18494] 
[  303.628780][T18494] value changed: 0xffff88811086c541 -> 0xffff888119f3a100
[  303.635864][T18494] 
[  303.638168][T18494] Reported by Kernel Concurrency Sanitizer on:
[  303.644299][T18494] CPU: 0 UID: 0 PID: 18494 Comm: syz.3.5330 Tainted: G        W           6.17.0-rc1-syzkaller-00014-g0e39a731820a #0 PREEMPT(voluntary) 
[  303.658344][T18494] Tainted: [W]=WARN
[  303.662124][T18494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  303.672159][T18494] ==================================================================