last executing test programs:

2m13.46311433s ago: executing program 3 (id=502):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x100}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSETELEM={0x34, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x7c}}, 0x0)

2m13.46227802s ago: executing program 3 (id=503):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x109}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r3 = openat$cgroup_devices(r2, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r3, 0x0, 0x0)

2m13.430726521s ago: executing program 3 (id=504):
r0 = add_key$fscrypt_v1(&(0x7f0000000040), 0x0, &(0x7f00000000c0)={0x0, "5a8730b3fdc7879b8e759d7a0403df3d56b700d68062b5ed4130f3bfc766c100c8a8b123d2001f4035250c91b66286724347981e4f1af20a1171efd0ceedadac", 0x1f}, 0x48, 0xfffffffffffffffd)
keyctl$invalidate(0x15, r0)
keyctl$get_security(0x11, r0, 0x0, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r2 = add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r1)
keyctl$KEYCTL_MOVE(0x1e, r0, r1, 0xffffffffffffffff, 0x1)
add_key$keyring(&(0x7f0000000280), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, r2)
pipe2$watch_queue(&(0x7f0000000180), 0x80)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x5)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r6 = socket$inet(0x2, 0x2, 0x0)
r7 = syz_open_dev$evdev(&(0x7f0000000140), 0x1, 0x800)
ioctl$EVIOCGEFFECTS(r7, 0x80044584, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
socket(0x10, 0x3, 0x0)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x2000c12, &(0x7f00000001c0)=ANY=[], 0x4, 0xa1c, &(0x7f0000001500)="$eJzs3UtsXfWdB/Dv8SMxBiUBMgyDgNyESTDgcWxnSCZiwST2TWLGj5HtSESzIAxxRpl4hpa0EqBKBKntqqiVWnXR7lBX7QaJTdlU7Npdu+qiEmLVPeoqVReuzr3Xjh/3+trGjxA+n+j4nsfv/P+/8/znXh/ff/hqWTi4YmphoTbUdC/NbL587fTlX+58wtzLzo9+/uFHH5TD+7ezL515sfh10pOkknQleTzpHhmdnppoU9DN5GqST5Miyf7UXzfkaoof5qG705+m+HlZb0v7Nloy7SzwtbbX5x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyLipHRwcGhYl/GJi+/WqlLKmuMjE5PFVlYWLtkcZ26T2q9fheftK03KcohPT2LXX0/fjjJRE9t/LEklWN5sr7kyVqH5OnJuw8+duilR7s6Ftdvlc2Xsn/jxd56592br8/Pz73VOmThvfo2bE9u95iL1cmxmamxiXMXq5WxmanK2dOnB09eujBTuTA2Xp25MjNbnaiMTFfPzU5NV/pGnqsMnT17qlIduDJ1efLi6MB4dXHmmX8ZHhw8XXll4D+r56ZnpiZPvjIwM3JpbHx8bPJiLaZcXMacKU/E/xibrcxWz01UKtdvzM+dWpVT5+qdXQYNtduSMmi4XdDw4PDw0NDw8ND7jd6zl2acfvHsi2cGB7sGV8maiB06abm3PND6MO/EbRy2pKPe/ud/xzOWyVzOq6k0/TeS0UxnKhMtljcstv/HT1bXrXd5+99o5buWLX6i/HEsTzcme1q0/y1y2b1/t/JO3s3NvJ75zGcub+15Rrv772KqmcxYZjKVsUzkXG1OpTGnkrM5ndMZzGu5lCOZSSUXMpbxVDOTK5nJbKq1M2ok06nmXGYzlelU0peRPJdKhnI2Z3MqlVQzkCuZyuVM5mJGc65WyvXcqO33U+vkuBQ0tJGg4XWCVjfm5bm+ufa/er/+T5AN2/6bOGzRQqP939c+tG9kNxICAAAAtt0//S4HDj/y28+SIk/VPpe/MDZefXmv0wIAAAC2Ue1xvSfLl+5y7Kme2vv/wb1OCwAAANhGRe1v7IokvTlSH1v8SygfAgAAAMB9ovb7/6dTHLk7w/t/AAAAuM+0/479thFF/+LX/1au1V+vNSLqU0XvhbHx6sDI1PhLQzlR+5aBJE+tLa0zKbprf37wfI7Wo4721l9775ZY1tlTRg0NvDSU53OssSF9z5Qvz/Q1iRyuRz5bj3x2eWRnVkSeKiMB4H53bJ32eKPt//Ppr0f0P1Fr8rueaNIGD2pZAeBesdTHzl8bXZo1af8bEU+3av//dZ33/2XEI7l+pP5IwUDeyJuZz7X0p/HEwZFmpS72RlB/DKG/zacBvY1HFv5wpiP9az4P6Fna1uWxcxlOf9NPBJaVWyzmcKoe17kzxwAAdtuxddvhjbX//W3e/y+2ud/7zCOFAHAvWOrBfhMj720meO6tW3u9jQDASlppAAAAAAAAAAAAAAAAAAAAAAAAAAAA2H4b+gL/359I5ufnki10FrDlkZ7NZLj+SEd2Kec9H+lMsle1v5xNr1Ue4y9R6a8eaKz+573f8/fdyB7fmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgVRdLZbH5Hsj/JYJKTu5/Vzrm91wlsl8q+La1W3MmdvJ0D254PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDXXOP7/ztSf32wPitdHcnxJFeT/Nde57id7ux1AjujaB/yf/XAu9//35F0Z6FIV/2wp+geGZ2emiiLKvaXyz//8KMPyqF92Wt7VSgLKGtY0blEo4Zlc7pXrvVwba3e0blbN7/15jcqo+drJ+b52QvjoxMXp//9buBjxcdJJfVh0WK+3zn+mx8tm93oKKH4uNzS5lbXe6FW7+jaev+x2dot6t2AG/Nzw2VNs9VXZ7/9/zfeXrbokRxNnulL+lbW9D/l0KKmo6v350rFF8X3iwP5aa7Wjn+5N4qFojxEB2vb/8D1G/NzA2+8OX9tKaf3VuR0KEeSXEt6Np7TkdbnZu2s6+guax2sBZU/Drcpb13LShxqsV8frp0yvZvahkqb66vNfm9kdKppRj/+5qM5sekjfaJNjU0VXxR/Ki7lj/nusv4/OsrjfzxNr84mRdQil50py5etuLw66pG1LR9evuC11WW2vCrZioX96y7+Qf47/7Z0/DuW3f8bx2p37kfLamx+XSSbvy5+cXBNi3JXbbccXtUiNe4+rdZp5Hm4HtUiz3/IC/UyN3FHeaFdi71D1//Pir78Jbf1/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANz7iqSz2fyO5HiSQ0kOltOVZGF1zO0t1NfRW2wlzW1zO/nbwsKaTbnPFC0PTnEnd/J2Dux2RgAAAAAAAADsjPOjn3/40QflUPt9fGf+uaOxpJJ0JTlU/KR7ZHR6aqJNQd3J1cVf6fdsLoer5Y+H7k5/Wk493malvX18AAC+0v4eAAD//96vcOY=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x82041, 0x146)
syz_clone3(&(0x7f0000000600)={0x4040680, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0x0], 0x1}, 0x58)

2m12.388113076s ago: executing program 3 (id=513):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x12ab, &(0x7f0000000140)={0x0, 0x7492, 0x10, 0x0, 0x1f7}, &(0x7f0000000380)=<r2=>0x0, &(0x7f0000000340)=<r3=>0x0)
r4 = socket$inet(0x2, 0x3, 0x8)
writev(r1, &(0x7f0000000700)=[{&(0x7f00000002c0)="b3c6ed75b844e8f6b49f7b4dc979cbb4a7f61a2df6441b150c05bac739353dbc19410eb127caa504afd93a9c75e3729ae954d2e0d4", 0x35}, {&(0x7f0000000300)="483bd1233982157fefb0e12f8d4ecc3c301d95f49b9e", 0x16}, {&(0x7f0000000540)="eae7a0bb51c5997fa754a7c90e5085aeeece261ff2591461ba0101f3f823ebffe477ceb2c21221710c4cc02d5683f17c3f88836129881718219d2e5d61813ec34ba90f6ccade058903aa426f45dae5f71ab588adccd5a37fc7626e3f8be3a26c199151a58b553532e2cde09c615c30e666400a05650697bbf79afb91df8174d88dde9b827076268410f4eb82e6f4216cdcc30c4c7a552c7b859013cf02b8c9b339279a6718212896401ec1efffe382586ec3e2039b92eadbd5d189abc2917cc9a3c3", 0xe1}, {&(0x7f0000000640)="73fd5599b2ec8ab47c555a6362fa00c51a07c05a2918e589651e378dbc392ea9dc171bf7c6c5d9945cb14253df4e616f081606eec70c03d4aca8a1d9713070357c9c909831319a6e2fc21062155d9962bb20e1ebbe80b70f7eb8ce4734f08a97782fee2015031797dada79bc7c6f7078d664129dc114af4f9bb39c46f7aa8e5209967b7759", 0x85}, {&(0x7f00000003c0)="f46f4edd0825c561966efb0137639856b6b404af4528c35979b3e8", 0x1b}, {&(0x7f0000000440)="4f1d600727531c41b5c9b736b3645ac98768858d0613e0064089426afb70c6519e088e9f70badc662dc81bd35f0ce6441fc388213c87e610cda788274a2debf93d8f20c526f7cc050fb84f231672fb3cd5b07de674afaedeb3f5fe554768e61fbd5bf3fa39a1fda6b9387350", 0x6c}], 0x6)
setsockopt$inet_int(r4, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
r5 = socket$inet(0x2, 0x3, 0x6)
r6 = dup3(r4, r5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x12b)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYRES64=r2], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000500)='kmem_cache_free\x00', r9, 0x0, 0x4000000000010000}, 0x18)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[@ANYRESHEX=r8, @ANYRES32=r1, @ANYBLOB="adffa888000000001800128009000100626f6e64000000000c000280050001000600000008000a0079515d8bcf6472df9057e9d54d73e35a2950e1111703308baf81a386161c60909f75083e07edb22cac410d9483b5fc6d"], 0x44}}, 0x0)
listen(r5, 0xf)
move_mount(r8, &(0x7f0000000080)='./file0/file0\x00', r8, &(0x7f0000000040)='./file0/../file0\x00', 0x0)
setsockopt$inet_int(r6, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r6, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="200329bd7000fddbdf252600000008000300", @ANYRES32=r11, @ANYBLOB="1e00940008000001000500000006deeec4b5e6093b0ce6faaa6522d7b99bb2f8b6f5cc98fadcf85bba309c280929bd8be78a31c32f4b9c51b4d68e1ea0e4c1fb97c5ce8a647d7685f85b8f39b3116bf5080110b759357dc4778bfb161550a801716bdc64a3d2d5641b1c6ddb6eeaa24d6473095fec9e22ce04c8ea2843"], 0x3c}, 0x1, 0x0, 0x0, 0x84}, 0x6004845)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000900), &(0x7f0000000400)='./file0\x00', 0x200, 0x6000, 0x1})
r12 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r12, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r12, 0x29, 0x20, &(0x7f0000000180)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0xb}, 0x20)

2m12.271446048s ago: executing program 3 (id=517):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
r1 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x80, 0x0, 0xfffffdfc}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x1000000, 0x0, 0x0)

2m11.984050673s ago: executing program 3 (id=526):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x3, 0x8000}, 0x4)
syz_emit_ethernet(0x3a, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(0xffffffffffffffff, 0x5386, &(0x7f0000000440))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r7, 0x0, 0x200000000000006}, 0x18)
readv(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000080)=""/140, 0x8c}], 0x1)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, &(0x7f0000000000))
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="0203000907000000000000000000220005000600000000000a00000000000000fe8000"/56], 0x38}, 0x1, 0x7}, 0x4a79a644ae8bc70)
r8 = syz_open_dev$loop(&(0x7f0000000100), 0x6, 0x620000)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000740)='./file0\x00', 0x800, &(0x7f00000006c0)=ANY=[], 0x5, 0x7fd, &(0x7f0000000840)="$eJzs3U1oHPfZAPBnZMmRlfc1Ie+LX2NsZ+LkBRscZSU7CiKFZLMayZOsdsXuKtiEkphaDsZyE+IGah/q+JLS0hJ66jHJoZf2VHppKbTQHtpTob32Fgj0kLS0t5aAyszs2pL14S/FNunvJ6z5eub/f+av9TwaSTMbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAkjZlabSKJZt5aPJlurjHTac9vsX3Q3q/XTLboNyIp/sXoaOytVu393+ub9xSfDsX+aml/jBaT0bj88J5Hnvuf4aHB/lsktN2GN1p58dLl86eXl5fevpUWRrY9p+3y3V+uWfzRWNziyM5lrbzbzufrc1mad9vp9NRU7ekTs910Nm9m3VPdXjafNjpZvdfupIcbR9KJ6eljaTZ+qr3YmpupN7N0uFr57FOTtdpU+tL4QlbvdNutp18a7zZO5M1m3pordyw2FzHPFi/El/Ne2svq82l69tzy0rG1Ke1al2QRNLFmzecrq5f2P/nIJ+98/I9zS5M3O9zJ2uTkxMTk5MRUEhG12vD1Fc9MP/NsrTZcu0Gsi7inL1oeQNt8Boc7N9Sv/9GMPFqxGCcj3fCjETPRiXbMx/UX8OrtfYP6//9P//UPW/X7/qr6X1X5of17r2/eF2X9P1gtHdys/ld973xok5y/qI/SV4pPF+NSXI7zcTqWYzmW4u0vpL9k+9oa2t7M5iKLVuTRjXbkMR/1ck3aX5PGdEzFVNTitTgRs9GNNGYjj2Zk0Y1T0Y1eZOUrqhGdyKIevWhHJ9I4HI04EmlMxHRMx7FII4vxOBXtWIxWzMVM1MtWzsa5ctyP3ZDXnm+9/os3/vjJB+VXaxA0sdUQvxtRBv19i6B1xVz957ZFxG+37wQOd2FlUP8BAACAL62k/Ol7cf0/EgfKudm8mb26JubVz27ca7j49O49TBMAAAC4C+Vv/vdHUs3EgUiK6//a2qCfjJSTh+5DfgAAAMDdS8p77IqL/7F4rJob3C5Vu9+5AQAAANuj/LX/wWIyFnGlXOH6HwAAAL5kXvlZf+bGZ+x/PHjG7tDCQ8mv/hadzkhy/MOTTyYX6kVc/cKOar/+5JVrLfZm9w3uJqjamhq+/HCxPNzI9ieDBwV/3r+ZoHq0wL7ha7uvzeOFXdXaJEmKBK4ubJpArElgd/8oriVQLsX34vEq5vEz1fTMYEt1tGOzeTMbb7Sbz01Evb57qJed7L3z9XPfjPLwv9Oa353E2XPLS+Nfe3P5TJnL1aKVqxf6x7vuOYpb5LIyuJ3iwPqnGxdNjZQ3YvT7Hav6ra0+/qGLu4uZoRvHYIs+34tD/1XGHBqrYsfWHv9o0efE+GZHP1Yd38S6Ix9e/8KqsjjVXyqyuHb7yHvxRDXzxOEnqskGWUxulUUxFpOrs6jGLIZuY/w3ySIeiYgPHr9y8sBoRHbsZlkcu8ssAO6Xs+VTf4oqVJ2eqyr0r5VKUf87nZGdsabuVDvc6lkuKXu5yTv5jBSn/luq7v9c2eKMfriKOVx9PzG8b4O6UtvgjP7Wubd+1z+jH//xDz/86sHf//SO6/roIGTXYObR3zw8FGUWu/pZXO5v6Ywk379WSaqq+lGx/qNN++02J5NiCHd848JbsefipctPnbtw+o2lN5Z2RsRU7Xit9kyS9L94K+V3DGoPABs4FAerQr7pe+xs8i485TcAZURyfKur6h2RPHrtTwqKmvhmLMeZOFrebRARj23c79iqP0M4Gof6yW581Tq26h1ejm50VXclrsUWdbKKndw4dsN2j60asf/7wRf59QCAe+HQTerwpvX/ekRy9CbX3Wtr+ZEq9sggg81reUQ8f29HAwD+M2Sdz5Kx3reTTidfeG1ienqi3juRpZ124+W0k8/MZWne6mWdGK635rJ0odPutRvtZjHzSj6TddPu4sJCu9NLZ9uddKHdzU+W7/ye9t/6vZvN11u9vNFdaGb1bpY22q1evdFLZ/JuI11YfLGZd09knXLn7kLWyGfzRr2Xt1tpt73YaWTjadrNslWB+UzW6uWzeTHbShc6+Xy9czUimovzWTqTdRudfKHXrhoc9JW3Ztud+bLZv+y+36MNAA+Gi5cunz+9vLz09p3N/PlWgjfvfXTkXh4rAFC5XqU//e8bt/nhOwAAAAAAAAAAAAAAPBju8v6/9TO7trfB0a1iVq5ErN+UrKys3EYXu+ImMTurkdoR2ztQ92Tm6ra0MxQbjfODM5Nsvun1558/v9nuL17Ze+LWurjp/5ThiOjf6vrupzt//n616YU7Opyh29/rTxFxB32tJFvE3OcTEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABs4N8BAAD//2uxZPA=")
r9 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r10, 0x6, 0x2e, &(0x7f00000001c0)=0xb1e0, 0x4)
getdents64(r9, 0x0, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r11, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f00000002c0)={r11, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
sendmsg$nl_route(r11, &(0x7f0000000700)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000580)=@ipv6_newnexthop={0x5c, 0x68, 0x300, 0x70bd27, 0x25dfdbfe, {0xa, 0x0, 0x4, 0x0, 0x10}, [@NHA_ID={0x8}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @SEG6_LOCAL_OIF={0x8, 0x7, 0x1}}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}, @NHA_FDB={0x4}, @NHA_GROUP={0x24, 0x2, [{0x1, 0x7f}, {0x2, 0x38}, {0x1, 0x6}, {0x1, 0x4}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x480d4}, 0x200c4045)

2m11.983531533s ago: executing program 32 (id=526):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000000)={0x3, 0x8000}, 0x4)
syz_emit_ethernet(0x3a, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(0xffffffffffffffff, 0x5386, &(0x7f0000000440))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r7, 0x0, 0x200000000000006}, 0x18)
readv(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000080)=""/140, 0x8c}], 0x1)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, &(0x7f0000000000))
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="0203000907000000000000000000220005000600000000000a00000000000000fe8000"/56], 0x38}, 0x1, 0x7}, 0x4a79a644ae8bc70)
r8 = syz_open_dev$loop(&(0x7f0000000100), 0x6, 0x620000)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000740)='./file0\x00', 0x800, &(0x7f00000006c0)=ANY=[], 0x5, 0x7fd, &(0x7f0000000840)="$eJzs3U1oHPfZAPBnZMmRlfc1Ie+LX2NsZ+LkBRscZSU7CiKFZLMayZOsdsXuKtiEkphaDsZyE+IGah/q+JLS0hJ66jHJoZf2VHppKbTQHtpTob32Fgj0kLS0t5aAyszs2pL14S/FNunvJ6z5eub/f+av9TwaSTMbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAkjZlabSKJZt5aPJlurjHTac9vsX3Q3q/XTLboNyIp/sXoaOytVu393+ub9xSfDsX+aml/jBaT0bj88J5Hnvuf4aHB/lsktN2GN1p58dLl86eXl5fevpUWRrY9p+3y3V+uWfzRWNziyM5lrbzbzufrc1mad9vp9NRU7ekTs910Nm9m3VPdXjafNjpZvdfupIcbR9KJ6eljaTZ+qr3YmpupN7N0uFr57FOTtdpU+tL4QlbvdNutp18a7zZO5M1m3pordyw2FzHPFi/El/Ne2svq82l69tzy0rG1Ke1al2QRNLFmzecrq5f2P/nIJ+98/I9zS5M3O9zJ2uTkxMTk5MRUEhG12vD1Fc9MP/NsrTZcu0Gsi7inL1oeQNt8Boc7N9Sv/9GMPFqxGCcj3fCjETPRiXbMx/UX8OrtfYP6//9P//UPW/X7/qr6X1X5of17r2/eF2X9P1gtHdys/ld973xok5y/qI/SV4pPF+NSXI7zcTqWYzmW4u0vpL9k+9oa2t7M5iKLVuTRjXbkMR/1ck3aX5PGdEzFVNTitTgRs9GNNGYjj2Zk0Y1T0Y1eZOUrqhGdyKIevWhHJ9I4HI04EmlMxHRMx7FII4vxOBXtWIxWzMVM1MtWzsa5ctyP3ZDXnm+9/os3/vjJB+VXaxA0sdUQvxtRBv19i6B1xVz957ZFxG+37wQOd2FlUP8BAACAL62k/Ol7cf0/EgfKudm8mb26JubVz27ca7j49O49TBMAAAC4C+Vv/vdHUs3EgUiK6//a2qCfjJSTh+5DfgAAAMDdS8p77IqL/7F4rJob3C5Vu9+5AQAAANuj/LX/wWIyFnGlXOH6HwAAAL5kXvlZf+bGZ+x/PHjG7tDCQ8mv/hadzkhy/MOTTyYX6kVc/cKOar/+5JVrLfZm9w3uJqjamhq+/HCxPNzI9ieDBwV/3r+ZoHq0wL7ha7uvzeOFXdXaJEmKBK4ubJpArElgd/8oriVQLsX34vEq5vEz1fTMYEt1tGOzeTMbb7Sbz01Evb57qJed7L3z9XPfjPLwv9Oa353E2XPLS+Nfe3P5TJnL1aKVqxf6x7vuOYpb5LIyuJ3iwPqnGxdNjZQ3YvT7Hav6ra0+/qGLu4uZoRvHYIs+34tD/1XGHBqrYsfWHv9o0efE+GZHP1Yd38S6Ix9e/8KqsjjVXyqyuHb7yHvxRDXzxOEnqskGWUxulUUxFpOrs6jGLIZuY/w3ySIeiYgPHr9y8sBoRHbsZlkcu8ssAO6Xs+VTf4oqVJ2eqyr0r5VKUf87nZGdsabuVDvc6lkuKXu5yTv5jBSn/luq7v9c2eKMfriKOVx9PzG8b4O6UtvgjP7Wubd+1z+jH//xDz/86sHf//SO6/roIGTXYObR3zw8FGUWu/pZXO5v6Ywk379WSaqq+lGx/qNN++02J5NiCHd848JbsefipctPnbtw+o2lN5Z2RsRU7Xit9kyS9L94K+V3DGoPABs4FAerQr7pe+xs8i485TcAZURyfKur6h2RPHrtTwqKmvhmLMeZOFrebRARj23c79iqP0M4Gof6yW581Tq26h1ejm50VXclrsUWdbKKndw4dsN2j60asf/7wRf59QCAe+HQTerwpvX/ekRy9CbX3Wtr+ZEq9sggg81reUQ8f29HAwD+M2Sdz5Kx3reTTidfeG1ienqi3juRpZ124+W0k8/MZWne6mWdGK635rJ0odPutRvtZjHzSj6TddPu4sJCu9NLZ9uddKHdzU+W7/ye9t/6vZvN11u9vNFdaGb1bpY22q1evdFLZ/JuI11YfLGZd09knXLn7kLWyGfzRr2Xt1tpt73YaWTjadrNslWB+UzW6uWzeTHbShc6+Xy9czUimovzWTqTdRudfKHXrhoc9JW3Ztud+bLZv+y+36MNAA+Gi5cunz+9vLz09p3N/PlWgjfvfXTkXh4rAFC5XqU//e8bt/nhOwAAAAAAAAAAAAAAPBju8v6/9TO7trfB0a1iVq5ErN+UrKys3EYXu+ImMTurkdoR2ztQ92Tm6ra0MxQbjfODM5Nsvun1558/v9nuL17Ze+LWurjp/5ThiOjf6vrupzt//n616YU7Opyh29/rTxFxB32tJFvE3OcTEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABs4N8BAAD//2uxZPA=")
r9 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r10, 0x6, 0x2e, &(0x7f00000001c0)=0xb1e0, 0x4)
getdents64(r9, 0x0, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r11, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f00000002c0)={r11, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
sendmsg$nl_route(r11, &(0x7f0000000700)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000580)=@ipv6_newnexthop={0x5c, 0x68, 0x300, 0x70bd27, 0x25dfdbfe, {0xa, 0x0, 0x4, 0x0, 0x10}, [@NHA_ID={0x8}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @SEG6_LOCAL_OIF={0x8, 0x7, 0x1}}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}, @NHA_FDB={0x4}, @NHA_GROUP={0x24, 0x2, [{0x1, 0x7f}, {0x2, 0x38}, {0x1, 0x6}, {0x1, 0x4}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x480d4}, 0x200c4045)

23.503750947s ago: executing program 1 (id=2913):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c0000001000370401000000ffdbdf2500000000", @ANYRES32=r2, @ANYBLOB="890c0400010000000500100005000000240012800b0001006772657461700000140002800800040003000000060003008000000045fb10f08a20e55dc31a664701630f13980c2d29c849c634"], 0x4c}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @multicast2}}}], 0x20}}], 0x1, 0x4040880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
memfd_create(&(0x7f0000000280)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000"], 0x48)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1018e58, &(0x7f0000000380)={[{@nodioread_nolock}, {@minixdf}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@nodiscard}, {@inlinecrypt}, {@i_version}]}, 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, 0x1410, 0x1, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x24044836}, 0xc094)

23.023591114s ago: executing program 1 (id=2919):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xd, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000540)=ANY=[], 0xed)

22.777574658s ago: executing program 1 (id=2921):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802"], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x182, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)

21.596876176s ago: executing program 1 (id=2945):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='mnt\x00', 0xe, &(0x7f0000000040)={[{@noauto_da_alloc}, {@errors_remount}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000040)={'ip6tnl0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x4, 0x9, 0x0, 0x3, 0x1, @private2, @mcast1, 0x700, 0x7800, 0x1, 0xfffffffa}})
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x401, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12504, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000002, 0x6031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000100)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x14)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'veth0_to_batadv\x00', <r5=>0x0})
setsockopt$inet6_mreq(r4, 0x29, 0x1c, &(0x7f00000001c0)={@remote, r5}, 0x14)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETQUEUE(r6, 0x400454d9, &(0x7f00000001c0)={'ipvlan1\x00', 0x400})
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r7, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

21.192417033s ago: executing program 1 (id=2957):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
accept4(r0, 0x0, 0x0, 0x80000)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x406, r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x18)
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x74, &(0x7f0000000440)=""/137, &(0x7f00000001c0)=0x89)
write$sndseq(r2, &(0x7f0000000180)=[{0xff, 0x0, 0x10, 0x0, @time={0x800, 0x400}, {0x6}, {}, @raw8={"6254704152ef72d0dfee7f72"}}, {0x0, 0x0, 0xff, 0x3, @time={0x8000, 0x6}, {0x1, 0x31}, {0xfc}, @result={0x8eb8, 0x168}}], 0x38)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a0, 0x0, 0x12, 0x60d, 0x1d8, 0x202, 0x2d0, 0x2e8, 0x2e8, 0x2d0, 0x2c0, 0x4, 0x0, {[{{@ipv6={@local, @mcast1, [0x0, 0x0, 0xc0], [0x0, 0xff000000], 'veth1_to_batadv\x00', 'macsec0\x00'}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x2, 0x2}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@mh={{0x28}, {'Yv'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x0, 0x0, 0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)

20.659798781s ago: executing program 1 (id=2967):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x14)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0x64}, {&(0x7f0000000300)='V', 0x1}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e0b9821c0", 0x1000}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0xfffffec0}], 0x4, 0x0, 0x0, 0x8010}, 0x0)
dup2(r3, r2)
setsockopt$sock_attach_bpf(r3, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmmsg(r2, &(0x7f0000004b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000003600)=[{&(0x7f00000012c0)="23a0be3ec0d9edaccda531874ecf98434f3d10665f6e0346136984c1f2f15d", 0x1f}, {&(0x7f0000001300)="11ca5641cbf9577fa297e890dc4746449416908fa7066d54ca4ed8fb87a71d621ef53449e793c55ba58eab20a5044fd1ec07cc77e4e3bf3b8da2812b8943441c0c565de0c5dbc8c8", 0x48}, {&(0x7f0000001380)="190be02b544a87c33aa4aaaaabfccb6154043a8b5a2ea95211900186170c7a4f2651d264466253c5f9851a58793efcaf45a2c0f7546bf143b9bff46892f86a3e98e625eabbd1043b1e15036c9cf221d620f792d835bcad5a583cdd666c527279ce68530f3e71f6c170d033e0eec71d019b7058f398e887abb014e1930ffe52fe9b32fb847022f7298ba564e6fabd049f56aefe1e966ab30d411e62a5394c8bc6146b171d44ce5dc32018a6b0e15828d2e6853b3b2fec4d21c718e79ee351a06755a9", 0xc2}, {&(0x7f0000002600)="10470710797af31b3d0e1e5d6a8a110e205161c15b63824b139de0005a20e847b94c122dc2e7ceb6cbb49a3cd7566f32646afcf8d0cb3d9bfa22e3f3a3b148e4accb61dbd45b1f206df5ef5ecee238f9ad262d5b27bb5f6f2713e32ab61fcdcd949020bd434e6d341036403f2a0b5cc7e9e844d55c10298560ce5d8e3c0e37bef92616615a210f7f7ca721b98c72f7aab70e88c58d58325a1ff932b22d00258d180f70e8ba83721d8ed0020f0bc7dd6e32405f7868e06723b9873060e832da96acd114c36f07649a874991352a6ca8f0924acc4cd614e536c4560f619189b067160a802b90652e801b008c76cda51deb8dba72d7e375fa898c82e53b9ea45afef85aa3c903d6565f0c3b435b3d721de214f9ec539ab6d809c3732701ccf70b329ffab7d433f8e539b415d8691f7ec0a685792600d9908c003e1984328027937f98c3d8ff3ee434c25dec1341fb03f95aaf030d2cd52cdbc2b85586cba51526cd0f3eb6d46195102abe000e6ad1d381ecc3c9d9075009aa12c3bc56e5447add48ceb55f29b91c4cb628e1fae7d1812a43145607db3d23e90bb73ec12d99b7c642327b492d7038032e26804d36edb95b54366a2101e9419b7f98ddf654e2700d40c2f83ae492c15aa62069cdd321df874588ef8ad3b8d79a5d05c6e1785a14277af5ce69e15043b0d8579a7606f469bf6d157163bc09f7d281f295cff4cadce38fe24e2a420bc363c2a68e1d5594923d4285a40bb7aa96e655b10ad67656c2e340da3e8592b780b1950e63c9d600eb8d76e5ac3cd537d93132c57a2a43803dc28e04489a3ea68a71e52811000a6ebc5680cdb98af1e6ddc88562c442bc5c61060aa1b61486a6c84719d0d6b3f155b723471e70001138e4e023c89f00698aba1a3b38d5f69bee1fc076c75df92e3cb3ac41b2cbad30f4f7b746d80bd49e981a65d70f7631db375c445601a69d8f0fd1b174695fd670e8d0a82b420aab0356ba86f0e4572865505676acb5d81d215f3e37f62807ce97f5bc47bb747df70ae1589d806c9e51e5f5c8561605277f6dea51bfdf887d93f63a829ecfd18a4da3071af7d77d86591d407b156052f5a5dbbba74a16d041c6932373e71c4ad7ef06886e29e9139a687abf0f306e9e423f01e2ffb2758ba78b5ba69db675eb1dc55b60b052a48065d8cc3b66594d3351f1f7e99e294f49761f7db3a114fe680e4c9faec8bb4fdb70838dc73d3cd5c1a61f7f2f7a441a048e0aae3c7fd10b8df8d77fe861e9c241d54533091e1e9439a00820e84a609fb55ed6d02c7b1ffe904b907955d03345058bcaec1528b91532eb4dd0a1917514db1ca20607131efcac877242a5359ec0b21f343806f9fb672b51747dd6d8a649b9bd5f796efb6939680cbd619c3c8706ac883087b341726f9c6f64c98b0c9cb2d7737a8e08ded30d55c6541925b194f25ad1aa042f3db1c5501fc03b5d626f2e429e87435fdbfaad3e4949874bc8e70d0e0a2659557e19088617ab10e50fb4b1d99e6d2052596c363480ba99150979a744f489db9f56750e106224b9c4201d6815e322e1c30de74ce20345bbd3cd2d0b9e74b92b411763bb8c8664e031eb0b41f3e6282d23ae92eddf981c764112ba1e598920c12fed15e06e56cfd76a76d7ce6f7dab7c0d3b50e40f63e4895eabd964e74f9c7c5b9d61480f9055ff36ac5000ff8f7cb1", 0x4b4}], 0x4}}], 0x6, 0x200040d1)
close(0x3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r4}, &(0x7f0000000300), &(0x7f0000000080)='%pS    \x00'}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
openat(0xffffffffffffff9c, &(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x183341, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000100000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f00000000c0)=r8, 0x4)
sendmsg$unix(r7, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

20.640705311s ago: executing program 33 (id=2967):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x14)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0x64}, {&(0x7f0000000300)='V', 0x1}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b91e8f6cdccd17abe8d40ed02463af4bb0e496344f350097f1cc13313fa1e172b63556ed2b8a8121c01a5fb343ff7767821626fc49b0d6bd522e1c9bf137d5a5bccb4bc8dbb64c83a82ef6c2894f3896c9f6bf0c3764011d53eeb6db9ea9dae22d3ebcca4942d5828c0bca0d9ea37701d5a06c066ac4fe318e11e9c0d6c658ac810fb5d7836cfffe4ccbb0934e5567d74695980a156d4bf1c18861c5a29ccd349999dc20562d00e1f6c1851ae563541086438d60b975c8ceb466414ff60efa0b2dee790fd0659ffa98b92414c13d5a6825368f56c4984412205041cd8e006c7127d4395ecdffb5addf80ef938ce54a367154c4fc286d5f969325c12b13655a9a956dd3b98281f537e837669fc55d8930676e807aa8cd046e0f4583d59f86cb99f3f7a7ddde1fb39111fdec7677d2fee4b8f4814a5def5ebcc67c653384ce80eaffd880405f7edf8fd3ea049f040595df4a75e2f892e7a85e0ba351fb8d263bfff7168bb85017b360fcd2ba89346682a6ea7ccc46afbdb5ab444e3f477238b2ab503bde914d3cf1789539cde9c0621152cd97bff9f235d88a1ef4ea4309db3a05d401af7fb82784b050ef529dab4f1f003eb29710a962f7538c521e617e2f0efac36182d09985e1d725cc38c3833a53742a02f76fb2854a9e45f0febacf3bda83f11183ef5b9fef02ebcdf56d4104b175bad937d8f61964f97d673577cdcbbb48d8eb62b063ee6563b9ff053719baff871bcd83822d865b2f7ef023076425ac5cd71b1f2309de0c6f14cc9c4d3e8fad945f756a7c8a084ea1bfdf5ac6e740043e7f7bdaca06774b084ae314c2636529d4fdcd965c7f8c07156572620b827d694efdc9d2bfc5aa9391220a83765f2c71fcd48d4acaed60afb53d1013fa3b15e948ec4159f7d130ef85b594018346e99034c18738285223ea53a6b1d5cf11a607de2e19608ba03ec970a915b773824261f3fc931dd6d3b934d89f07baf14776314c3eeb8cd0537ef5736f565fbd14e520d4ab2f77ed9597b76ff91f8d1f99ebd6e473efda7accb273975a06944d1037032129992b994ca791a09b4d83980a1e494b0f97098df5f6fb6bbb02722adb11dc319c565c2c363cbd19d9fb3efb4613b62d6584cd53f7bd80e3e89304f444ce9dd1835661e3bb4de02ccf568a2a5daaf0d56898d4286c3fb62e22af62d7ac318685834467f337561dde2e0c1e2827cdffcf42c17728ee64b3ff4ccc0227590badd0bd7e448b8cca0892d6a5e0130d2ac665f47c6b28daa101c1b319869bdd39fa924d6d9ba7d72feda5f21ac78641c7d4801d41c7879721b3be4dab40d9c4a78552440101f373489cc5240b0144a9ce32691a784b6dfe971a21bb5980ff67da2d1bb90b223c9e192a39c1aeadd1f5c790811079c0b51a97105c99b6f95d71bb3ea47c33d9dcb0a53c929c44499e184a3cd722c908d3b0d157e28ffdeb2ed7192e780d96a7a2f0fd5a87bdc973e049da0caf931f26f5a21813e2e602ceb2259997e0205ce48fd9424bd6d4d75dd4301f429ee30745cd839a40dbeab4c3db2f0f10bbaea071ca41d1392385681730a3678a5f60f604dbe19cb9d7dd234337e327451b8cc65394af399432ef7fc3765d055874ebdca14e5999292d6f72f31e92bacf25db5ef8f5212952c1910de06ddbe1687a0e1837922f2228289916ed3aeb7b9cc24da3ae47139e371930afa6d3573df6732c26c0c7ae06d9cedfa77160711bcb06e6553338deae4c5731cf53cc154113096d02f3036d7d9edfcdc331e4bb860c5208489212e904eab70e7f860b0379895cbdecbf7a0b7a25e5b853c7dbe08a4e296a30afec8cf5a9f6ea4aef32a508655d539a770b21e660c9ee1d7688c56abeb7cf1afccc8d59780cf26312589e0c8e1bc00ad7b1325cd9a5dd69246e0b33407c381ea09265154aec297e4ccdf9785a1042a83e77c13d4ce4360782f2428f9916b5cd123b089eb683d30c1e895b9944aa905a1a5b52301d8cc5e4741834ead6ebdb5dc05c9c49c5e883e99d40b9838037beaf876534d747856103e59caf6266fbbe760b6ef83d004634b74f14f8eb4aef93c4cc9cbbd78d83d532c70feef51ea3f170b25d81a6a9b074bfca7e9b3771bf83517e0dd9d0600f70b86b20f61fe36076f8bada334b2390fa954973bc901619a3cfd039349cb328625f495ab288dbdd6dbfd022c2a83f59e0b998619a12e35891b5ae9e83a71765507b4a571cd2241e5885c705244c1022688bef7c5065fbcf219fc01753adb611b3fbc09403dcb10a4f99d788667eff75fa27074ca8481a633530e26163ccf7dada049d23e717e067b6fa5b2f652bc50abda9e7ccdc5f2f3c35ecc2c4431c819c9691be4422e379750774e9f39dae06f26423c8a4278789c9f3111b43f6dd25b0ad47c4cc5fda3f3ed82079c9366e0adced883488f429c1d7e1b351fd0bb204dd7977ef224c4df6d7a5f7697bc6500a7d03a8a914154779fa7092bf1be6bad4092367ce5d295a5d5d0e7c469f372ca2011d612637025e89f178ae9ada0c5b73bcb7d7c034ff595263cd4216e3c76ba5f3d81932a088a90bf8043e877e299c670ef1622a098d5519d9adc4ee7d4cd00e5934a4375fa83fdb81214b892482b31bdde59a70aaf25cb7f417c3a2a91c4e54b48149f6c41d9d396ee6ff13e3028c64a7c9b1f2e7c6e67184a3d52d6f570db3d225c947423c4c6533f22df57d15c5e5a3183422bd378b06fe4732a9401dcb19840fb8fa5c50a0ff497fef362c507753e46b8881d3e767f3b1d893a3805941c94f2efa05ce34b9ea81d716984af6834230d4707a87089d40779503ee6a9bb245d7d997f14acb80e89731c042bbbbe3dcd05177b0ee0eec23455830ef5b65aca357f2b0b887e0b9821c0", 0x1000}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0xfffffec0}], 0x4, 0x0, 0x0, 0x8010}, 0x0)
dup2(r3, r2)
setsockopt$sock_attach_bpf(r3, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmmsg(r2, &(0x7f0000004b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000003600)=[{&(0x7f00000012c0)="23a0be3ec0d9edaccda531874ecf98434f3d10665f6e0346136984c1f2f15d", 0x1f}, {&(0x7f0000001300)="11ca5641cbf9577fa297e890dc4746449416908fa7066d54ca4ed8fb87a71d621ef53449e793c55ba58eab20a5044fd1ec07cc77e4e3bf3b8da2812b8943441c0c565de0c5dbc8c8", 0x48}, {&(0x7f0000001380)="190be02b544a87c33aa4aaaaabfccb6154043a8b5a2ea95211900186170c7a4f2651d264466253c5f9851a58793efcaf45a2c0f7546bf143b9bff46892f86a3e98e625eabbd1043b1e15036c9cf221d620f792d835bcad5a583cdd666c527279ce68530f3e71f6c170d033e0eec71d019b7058f398e887abb014e1930ffe52fe9b32fb847022f7298ba564e6fabd049f56aefe1e966ab30d411e62a5394c8bc6146b171d44ce5dc32018a6b0e15828d2e6853b3b2fec4d21c718e79ee351a06755a9", 0xc2}, {&(0x7f0000002600)="10470710797af31b3d0e1e5d6a8a110e205161c15b63824b139de0005a20e847b94c122dc2e7ceb6cbb49a3cd7566f32646afcf8d0cb3d9bfa22e3f3a3b148e4accb61dbd45b1f206df5ef5ecee238f9ad262d5b27bb5f6f2713e32ab61fcdcd949020bd434e6d341036403f2a0b5cc7e9e844d55c10298560ce5d8e3c0e37bef92616615a210f7f7ca721b98c72f7aab70e88c58d58325a1ff932b22d00258d180f70e8ba83721d8ed0020f0bc7dd6e32405f7868e06723b9873060e832da96acd114c36f07649a874991352a6ca8f0924acc4cd614e536c4560f619189b067160a802b90652e801b008c76cda51deb8dba72d7e375fa898c82e53b9ea45afef85aa3c903d6565f0c3b435b3d721de214f9ec539ab6d809c3732701ccf70b329ffab7d433f8e539b415d8691f7ec0a685792600d9908c003e1984328027937f98c3d8ff3ee434c25dec1341fb03f95aaf030d2cd52cdbc2b85586cba51526cd0f3eb6d46195102abe000e6ad1d381ecc3c9d9075009aa12c3bc56e5447add48ceb55f29b91c4cb628e1fae7d1812a43145607db3d23e90bb73ec12d99b7c642327b492d7038032e26804d36edb95b54366a2101e9419b7f98ddf654e2700d40c2f83ae492c15aa62069cdd321df874588ef8ad3b8d79a5d05c6e1785a14277af5ce69e15043b0d8579a7606f469bf6d157163bc09f7d281f295cff4cadce38fe24e2a420bc363c2a68e1d5594923d4285a40bb7aa96e655b10ad67656c2e340da3e8592b780b1950e63c9d600eb8d76e5ac3cd537d93132c57a2a43803dc28e04489a3ea68a71e52811000a6ebc5680cdb98af1e6ddc88562c442bc5c61060aa1b61486a6c84719d0d6b3f155b723471e70001138e4e023c89f00698aba1a3b38d5f69bee1fc076c75df92e3cb3ac41b2cbad30f4f7b746d80bd49e981a65d70f7631db375c445601a69d8f0fd1b174695fd670e8d0a82b420aab0356ba86f0e4572865505676acb5d81d215f3e37f62807ce97f5bc47bb747df70ae1589d806c9e51e5f5c8561605277f6dea51bfdf887d93f63a829ecfd18a4da3071af7d77d86591d407b156052f5a5dbbba74a16d041c6932373e71c4ad7ef06886e29e9139a687abf0f306e9e423f01e2ffb2758ba78b5ba69db675eb1dc55b60b052a48065d8cc3b66594d3351f1f7e99e294f49761f7db3a114fe680e4c9faec8bb4fdb70838dc73d3cd5c1a61f7f2f7a441a048e0aae3c7fd10b8df8d77fe861e9c241d54533091e1e9439a00820e84a609fb55ed6d02c7b1ffe904b907955d03345058bcaec1528b91532eb4dd0a1917514db1ca20607131efcac877242a5359ec0b21f343806f9fb672b51747dd6d8a649b9bd5f796efb6939680cbd619c3c8706ac883087b341726f9c6f64c98b0c9cb2d7737a8e08ded30d55c6541925b194f25ad1aa042f3db1c5501fc03b5d626f2e429e87435fdbfaad3e4949874bc8e70d0e0a2659557e19088617ab10e50fb4b1d99e6d2052596c363480ba99150979a744f489db9f56750e106224b9c4201d6815e322e1c30de74ce20345bbd3cd2d0b9e74b92b411763bb8c8664e031eb0b41f3e6282d23ae92eddf981c764112ba1e598920c12fed15e06e56cfd76a76d7ce6f7dab7c0d3b50e40f63e4895eabd964e74f9c7c5b9d61480f9055ff36ac5000ff8f7cb1", 0x4b4}], 0x4}}], 0x6, 0x200040d1)
close(0x3)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r4}, &(0x7f0000000300), &(0x7f0000000080)='%pS    \x00'}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
openat(0xffffffffffffff9c, &(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x183341, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000100000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f00000000c0)=r8, 0x4)
sendmsg$unix(r7, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

4.586998189s ago: executing program 0 (id=3268):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18020000020000000000000000000000850000004100000095000000000000009ed6b7feb30d1c0287815f5f5e7beffb581ce04ca56c54b8cc4c6f90c4b1cc70d0c4a1023239ffd06014383da94bbeee1f8f8c42b63c28785ad6e26694ba73ed7cf7227cc1576c2b1ab0e2f39cb9ec83f57ad44df33c39f02107d648eb9990fc72bbe91db3388aca359567c15cb8f23c9f50961eec7b98f10e1bc816789fd9639e00f769e5cb6b977a3a2684af"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f0000000300)={0x9, "b7462fea4315b7064ddd5f48719f0400181be04f476f0879ac2ed07043c1e31029c044952dc812b483ed1eda905e3c6c3013f06fc2966b05536f8b86a56bc3e924f16809ecb28ca2082bdc59320711dc86454c1951ad5c40065e999ebc4b4da4106dc92d779eeda0b3af4dd9c7ec948ac8cc5b63b0632456ac21fab0b996901336dba5ccd417223948d3a16e00686dfa0f21d99725974bb7086e10bf18b4113c37bf43db74611f2d8ca6d12822afb7da7b4f839d48d5050ca355ac7f44741fb13cdd9c21b7bd6bfe9382ce5fdf680fe18318dd0d449fd74a4a6b469c3bec2ef206ca09685762ed4dc6c3d318ce01b1520d19c281e443e67ff8a2088d48159e5ee0eb1b48d19287b17a8ac591a274c62a8e06e6bc7d2de2b4582948725612eda1c1bbf926bda5f6d37278c853c39462a803266144b55e92acbca7256c966c4cb90641aed21b184bd80ea6420038586c1c3c1e5b2e0f6c599150b5ef9b20b191f0ec48b1db947e19228e916131162d4ad24ef90c8e76f15d9d4b9f39e6daa944a49b9c4d0b12961658b63476f27dc7226ac0341e72ae47ab294d02c33b1def1377991cf2ef52ec19efcea61390b6ebff7ee28f6d1598fb95a7fccf68799715a9d17e7461e0cf3462e1c589f647e45cf193bb15ff9e782e9e1c929633d5bd666553774b8df537a09f9587ebc92bf57c87791f75ed59e080a77f0037e68c06f86e82"})
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
r4 = dup(r3)
r5 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
sendfile(r4, r5, 0x0, 0x8000fffffffe)

4.326048323s ago: executing program 0 (id=3276):
r0 = semget$private(0x0, 0x2, 0x24)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000000)=[0x60d, 0x2, 0x3])
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000003000000080000000100000000000000", @ANYRES32, @ANYBLOB="0000000000080000000000000000000000020000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000500), &(0x7f0000000580)}, 0x20)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
gettid()
r4 = gettid()
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x1000080, &(0x7f0000000800)=ANY=[@ANYRES8=r0, @ANYBLOB="816a70efc59d9f87ff41d25ed4afe9de27d383c1f38f0fad74f9c8ff3def8012e13d3e2c5e87d12d7a29cc9008779d75787b96b5453642c2dd71aa", @ANYRES64=0x0, @ANYRESHEX, @ANYRES32=r3, @ANYRES16=r4, @ANYRESDEC=r1], 0x2, 0x293, &(0x7f0000000340)="$eJzs3b1rc1UYAPAnH/bDJUUEQQQDIohDaQvuFVEoFhVrkIoUU5tKaUqhhYAOTZ0EJxdHwaVbQdDBTf8HwUUQcRFHuzm89L409zZNm6QN/Uhe2t8PQh7OOc89z/3IvVly8skLW5tr27vrR0f/xESSJMn8Z8dJkoupyEchUvsBANwn/ydJ/JekRl0LADAcnv8A8PAM+Px/b4glAQB3rNfzP5e9Lvft8i9/VWvzrw0wSTLeDv9YuX6tAMDtWFr+6O3jX1+eXIifvonY+qpRaVTS97T/9fXYiHrUYiZK8SgiaUvjtxYW35wpn4iIylYzy282KoXz+bNRiqmID9/pzp8tp87nPxVPd+bPRSme7T3/XM/8sXjlpY786SjFb5/GdtRj7eQrSUf+3my5/Ma7ixfyx1vj4qAw0vMDAAAAAAAAAAAAAAAAAAAAAMD9NF1um+q1fs90NqDY1Z/mD7w+0GlzpVH5upVfjOeL8eVo9x4AAAAAAAAAAAAAAAAAAACeDLuff7FZrddrO+1g9f2NZ85aCtHR1SfI9e8aSVBoBeOnLUlzVPXksjUP6rWdfHa8W13t4IZTFLONXuh6MSLuegd/PKz9frDy8dKAWX9mld5iGTF54+3ke9Xz/ULfrN5H9YcBJ331g4isJV0fo+vEXTdYvWTMyYXXCp77br76897f/3aPif2Oz3J2TVXrXbeKiSgP444EAAAAAAAAAAAAAAAAAAAP19nPgK8YuD+kggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgBM7+//+qoHmxZazddTgZkY+IPumFUe8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3uMAAAD//9K+q5A=")
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
clock_adjtime(0x0, &(0x7f0000000040)={0x37db, 0x538d28a0, 0x0, 0x0, 0x100, 0x5, 0x0, 0x0, 0x0, 0x0, 0x4})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)={0x20, 0x2, 0x1, 0x101, 0x0, 0x0, {0x4, 0x0, 0x6}, [@CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x7ff}, @CTA_FILTER={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000080), 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(0xffffffffffffffff, 0x84, 0x23, &(0x7f0000000100)={0x0, 0x8}, 0x8)
r7 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_ext={0x1c, 0x2a, &(0x7f00000008c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x611, 0x0, 0x0, 0x0, 0x8}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, @tail_call={{0x18, 0x2, 0x1, 0x0, r7}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xbe}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3143}, @call={0x85, 0x0, 0x0, 0x10}]}, &(0x7f00000006c0)='syzkaller\x00', 0x1ff, 0x29, &(0x7f0000000740)=""/41, 0x41000, 0x2, '\x00', 0x0, 0x0, r7, 0x8, &(0x7f0000000b00)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0xba1c, 0xffffffffffffffff, 0x0, &(0x7f0000000b40), 0x0, 0x10, 0x2}, 0x94)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f0000000600)={0x0, <r8=>0x0})
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680), 0x5}, 0x0, 0x6, 0x4}, r8, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000480), 0xc0d00)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r9, 0x4058534c, &(0x7f0000000180)={0x80, 0x2b, 0x5, 0x0, 0x7fffffff, 0x105})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r9, 0x4058534c, &(0x7f0000000040)={0x80, 0x2b, 0x5, 0x4, 0x7, 0xb})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

4.262751014s ago: executing program 0 (id=3277):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r1}, 0x18)
fsopen(&(0x7f00000000c0)='proc\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x40, 0x1, 0x40, 0xfc, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0x2, 0xfffffffc}, 0x1100, 0x5dd8, 0x2, 0x1, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r3, 0x0, r5, 0x0, 0x88000cc, 0x0)
fcntl$setpipe(r4, 0x407, 0x100004)
write$eventfd(r4, &(0x7f0000000240), 0xffffff14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r6, @ANYBLOB="0000000000000000b708000000feffff7b8af8aa6bad86e9c46f7b3d3bd9d70ffc6dff00000000bfa200080000000007e90000f8ffff7f7e5fb2aaac40b300b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
add_key(&(0x7f00000001c0)='user\x00', &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)='9', 0x1, 0xfffffffffffffffc)
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x2, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0x0, 0x6}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_INTERVAL={0x8, 0x3, 0x4}, @TCA_CODEL_TARGET={0x8, 0x1, 0x400}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r8, &(0x7f0000000000), 0xfffffecc)
splice(r7, 0x0, r9, 0x0, 0x4ffe6, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
getsockopt$PNPIPE_IFINDEX(r0, 0x113, 0x2, &(0x7f0000003500), &(0x7f0000003540)=0x4)

3.390552627s ago: executing program 0 (id=3293):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x22, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, &(0x7f00000003c0)="a8cf4658948be5672314f6800eb2fb5e1570dc5d3c53465450d7787fd1ee42ddaed361dbc344c8980e9509069fbbfc485a75e1934c78a361ce3b81dea5e6ea54278465dae07687ad1c6f6901522cda88f8d1d4c73eeaaa79a091489b7d91a8c34a1c9db441db7f84ef5b036d5bbb92700fb6aa7c90b505f84eec4e02bc0b7c53a86f26f2790654502ee91930461b42c327e390c89563821bf71b848e0c12c9804f13b1eeb12130d197d19b3cd8f991f710614603c7799e2a66f215dbfc0a5eea9807f0f870", 0xc5, 0x1, 0x0, 0x0)
r3 = dup(r0)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, '.\x00'}, 0x6e)

3.23180351s ago: executing program 0 (id=3294):
writev(0xffffffffffffffff, &(0x7f00000025c0)=[{0x0}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0xb, &(0x7f0000000900)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f0000000040)='./file0\x00', 0xfffffffe)

3.164755621s ago: executing program 0 (id=3295):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
accept4(r0, 0x0, 0x0, 0x80000)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x406, r1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x18)
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x74, &(0x7f0000000440)=""/137, &(0x7f00000001c0)=0x89)
write$sndseq(r2, &(0x7f0000000180)=[{0xff, 0x0, 0x10, 0x0, @time={0x800, 0x400}, {0x6}, {}, @raw8={"6254704152ef72d0dfee7f72"}}, {0x0, 0x0, 0xff, 0x3, @time={0x8000, 0x6}, {0x1, 0x31}, {0xfc}, @result={0x8eb8, 0x168}}], 0x38)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newqdisc={0x90, 0x10, 0x200, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf}, {0xe, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x38, 0x2, {{0x5, 0x4, 0x0, 0x2, 0x8, 0x3}, [@TCA_NETEM_CORR={0x10, 0x1, {0xfffffffd, 0x6, 0x6}}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0x9, 0x9}}]}}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x3, 0x691, 0xfffffffd, 0x0, 0x0, 0x3, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a0, 0x0, 0x12, 0x60d, 0x1d8, 0x202, 0x2d0, 0x2e8, 0x2e8, 0x2d0, 0x2c0, 0x4, 0x0, {[{{@ipv6={@local, @mcast1, [0x0, 0x0, 0xc0], [0x0, 0xff000000], 'veth1_to_batadv\x00', 'macsec0\x00'}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x2, 0x2}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@mh={{0x28}, {'Yv'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x0, 0x0, 0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000300), 0xa4700, 0x0)
sendmsg$can_bcm(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="0500"], 0x48}, 0x1, 0x0, 0x0, 0x40011}, 0x0)

1.92842203s ago: executing program 2 (id=3311):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg0\x00', 0x2})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000380)=ANY=[@ANYBLOB="01000004"])

1.699504793s ago: executing program 5 (id=3312):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c0000001000370401000000ffdbdf2500000000", @ANYRES32=r2, @ANYBLOB="890c0400010000000500100005000000240012800b0001006772657461700000140002800800040003000000060003008000000045fb10f08a20e55dc31a664701630f13980c2d29c849c634"], 0x4c}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r3 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedsend(r3, &(0x7f0000000600)="6d12483bb95dab4da2bccb9a5c51f7769b4aa2ed6f00bcfff2058843f7de72fa8f9dd7572991db9f2968c67d150dbd80321f91c14a7705c3d6e2292f74d074e24cdfdc28da61b60db4ac67a81c04430dd72555dcebe8193594b8fe29718d5781fe3f418379dab48089b86edc4facdbc388e30fdfabe867722b348dcfbff8f7745bb98584b3384eb1b1c541d05427c4e5c33b3692ebf599d4a179bcd27271d55e4a38ac7be3cae3e85eddbdcf574ac462df22b6b2242245f32d5826de908a96ea66331cad4d0ff094f552e118ee643f2f12f854c32d4e548bd82a69c4102bc516a41a52436f6dfd80133de801fdc8e75276c631f041d86269f2ba0791e8119868816c1fe9c78654919d6dcce67a5f32b77575867f43f76e99108bf9ee3fd550cc18f8bee8505da7ea8fe0a3a9e40c01be1d39435821c5f52cf39a7d5558f278b01be298e5460d3ebf011345ed0030603f767fe44876fdf1cb172a4cbfb2f7784ac61c4786a147b6d446eaf46d5b26c6b85580ba4913fc12a443d8dcf05d08513ae01a7f489826fdc8bff83c1708ebbc060aa72d25e6ce21521799bd37c34fdad973fd7e17070b7783bf341fc079c6b0c9811388430c84540d8d544d1887b73e3a9d2625358be4b09128ee7f8d2dacf2d9704b9143c0341568d1e39429e1d442d21878c87271e66651e12d077b8dd49c0bf285097e261a5116b91036368265c1c5b74353bb42ff4936e27a20c48dea290685b09c2e5baa29dbeb790969f793692fb112c973329236f30bd29c39ee6104e1e0ccd1f855e5837d156c83834661a2aa8929ad78c025413179d880ee905d0b1ee1c9c3eacb63ac807a6ce73d492502ce52beba9ea5214a9387e2c5a810a96e14956809b6865e46a9d9ce2deb4cce2155562dd7e3daef9b3c0c0a55f1fe1a89835971dbc9c09ee9d4abe827b0e87dcd08e5e7cf08869cdcd6fe7f42d93c075db2fec9d96aff21410c3cbd5d904ed147af08c297011ec105dec6fb319cc5637ac71dac05d01ef356dcc6b6bd3f8625204d92f6d0447c0ee5c72d13b4e951a5ba060d4e0ab4680bba08ca9e0079ed6332e6449e01ec480903b0f377e08e8146c8a1e86df678dd88f3768e0958b04f24d58f39a15ee93e4b3e1e2dcd91f8cd36c37b2806d5f7c1871d0e1d7496ac64b377a8fb32104166536597bbfd6d814b2eb41970ba1aef50238e34ec8069690029c58c8a01b28b711ff44aed4652629c7cdc7843d83efe9514bb5b1f80d1047e6075870c53505a142e48d6897d7811f84d8c3e8f9985f9a9d01c8fd68960aee376caa465f25622d7ff5deae8f0d628e048bc4387ca3046067768f3014a3ef4d1b55123ce45507ab1b6f587f6302bb9b715899d2fc20cabfd306549b6a2ec8ea5169e5be19cf59ef71cbb16d402cdc62a422b2bf5c01bb6139e60fd61ea4b77382c7e2e038c6511bfe08f7a3cea5e793f9e2cb4facce20e719d179104418f6745bf8065c70da3815c8e1a1b650d96865c41fd45dbcae51e1d54b41002c2f673cd1008dbf3f17847dd28d8fe3c24ef238000be692e05b0365cb7691fa8f134efe70df46b5cc4765def995971ae0c45f653292f4a3c26300e359afbe0c4f7b049f505ab8e8a0d4c7090cc07c62dbcb9bf6682425553de4ca63f98ac5d420d01bf729bf815683d11451eea0295675778f00bef94ac6e29dd2285847fd857cf2d204de3170e024169d568500befd5c6f34e9d3fcae78bd8fcd6d8f85fcf56241c7787d86bdfca06a6e69b996d72530c94eaa82e99f8ccbd66b53ce0f066fffcb3b643f84a1112c4c8a153ef745f7da3c4887f95de7df8dcf6653200eccb389a7aad4a874d347791cd00cf767bdd8d36de55cbc0879e11cddec175b36be0d1224d1dab7d8f8f3bab0f622d031be123b6ab48188716162afea5e0529830a39c3c9edc86b3e6020830f2f94060685d96887fb536afaedcd9523c53e5e210e87a07bc941b29b968ec9b0f6e5a74b929ad56ef7e80b981d39460040df8aedb253bc4681e72de2b3e886320b2f9a52f675bb08e4dee27b468d0822d6269ad1eee16d1c1781ad17b1fae21b44e427ace6d1fa932ca9c295c5ae74140ffea23ac2b70a6ca71af12c6d63adc32110521cee84dce3514c51417fa794fff4fb7b72844fbb3ba786173d3ffea23e03eb49acbd957d52494ffff3cd2dc420ace19bbe375aabb97953dd1b8adc24856a81b2888e2fb635332c2d4257cf6833ccb3135c0327f79c4846b691b693b066cd5de30ca40e29fe8775fd6a8844f566223008d017ccb6f2ee47496b61aa2900f64c1e2136c8dfbb6dd7ab368e0cfeb3e639657f16d9f26f0c575b61476ea7cd499e2fffe75f6118d19d6186e9433d1b92dc30e84bceba4c9bd8e889575c50da8e236d0ad184a2ae7e91e31485a44389a7c6a63c4d7588fa0755ae292102c46df1cfcc21eccfa5bc815a2491cb845de2feae93d5a9365cff327d048b7e66733b1d1cbf1eadae7296631f3f1681ab5878272a9b17e11f64e8ea8afbd297f388b951e39b94d909c74a4c667f6204128c84566c2347222a984f67177160e3f144518721f25aab93c9d0a34d407b84485bf1f2fa07af7de0617dbda0b2eb3ef839d6ad8649fa7133e14646cb30462e827a1bba8b6cf97c93c95552c70aae8ba4918f8b51275ed7e1f90f7ae7a5313aff699f54265adad4b0608a90165c8e7df729ceb0eda12357ea37e7bbb86fc542544c93d494d4edfd098432e389666a8a93f4333e630deefa87397ece144a59fbf736aeefb7b66744954e8076e9d0534508a3631dbdcd2c15b5fd844d62409bf6c63699ac5ff0cab98d4b7f0e33e5cb20853554c895ea26607e9554d74e1511c4c476c41aa7fa717259e5048d80f1f30f07dd5397c17d818dac1849b7ccf6425fa0265edfecb58a763615dedbe98e215ce63dd1688e191a191ccdb4e939bd370f68054440296cb511b5f070fb9479bdef321b7d124506f6345ac3c2ca0ef22292d3f83ec21908de3a3c7f98cc5e086034d0b08df704382a8ee9f6129542cac7dc5fd54e71270f5ea9739b625347f3200d6f74d41106aed8fa8af5a3a6cd58a44de62af681d449a44b5f86702e625a1658f2bb09e1c7a178ec27081bb8e0f3febf700a1663374325bbb17a17c6178fbc0424f83cfafdd8ed301450bc6822105e6033bc999c833ce3f60814f9db98c3880aae837027cc4fd82a1aa61d1c7fbacf0e5da0c820f97e35f52abb212dcfd77c7e159ef4f777a2cbf61508539660a577974291852a3dfdcb0706961faf65f62745240e281e9c1ea25a2bf29729008b59b5bac92c8ffc53b240761c0021edb53bad82a322510f480a53945c63803abb0b5947aa32a7ad5cf8059933ae4dc5d18a261b8d4a126dadd1d7f186cc0f3bc00c82c15516ea2a4b5a5517395d2a16a3beb920b16c706381bae273443ebfa3c37778596177de18a62cb96c08a35459a897ac87bcd87cdbcecae83c95cd4b5eb878a8d31e75955eb11e0cb58c6ad2b39f8f9350ff95778a961b07b4b0e4ff6b58caab6db44c6345c8ad9da0aef0c2b4a09e459a027d774da684ce2defd0b23b6e15ec573268050cba4cd1be4d899672ea3562f280df3b3ee878bd2e9989357829c363b4b47eacadeee76144957f4d76c3ea703aa5bf32f75a0370f49ae371f001eced8bbdaa781f66c83f959af0cb0ecbabeeeb0f91c26a22b430d5cae34e470f79f01446cdca5b70ba6448a8d9e4722dba03369b3204253eea942de2fb7b4408212a4c6a5d36c7e82417edd052a59d6d1ce2b0a2bd94f334647712cc2296e75db316be650195dd28a360e2e44fd32951b2b983d673bce51eea778d2ed2a2468c3b6b94b67ee175aa08f757d5522b43cefd5969511579cd79300802c811adad7b6bdf789f70bc76e94f8ea317043cf29b562a2041c553122ec338834455be1b68fe7470808451b0e1f1d444ae1e430c51c718a751142fa675a663e9d9f66a8a6199b56d18e4167e54942a37366fa0b5242de86bf1af6c758b2f0bb1f0fda16dc5241e3cc442326fdb501b95fe768c45781c8b60fbe576c7e790e2d5a2a76085cdca098fb3209b30a017eefbf6f8b315b38d8f8f194e456d1776cf6c9c4f4a99e9b50ca4bbc57ff1f035f13a3d8261617b5d55387488f9456a32400a84f95320e722c7abed22b9f8b574da8322fe104c12fb35c9d0c600dde78c47cd46647a8e24aafa53c68e2119ed1473bb3b7c9873d0a256e8eec8dc9f57820a7e23d49deb4041beae704b3fb527ce57316ff238515c248c80d51fd44e31dbb2d2e1d6b8007a03bf9b981fee094ee82f413698af66a3057621490d60207bca2e7a11e96cfb850a9a371ce672d0c4826be044acaa0a0a04fab4f2807eac896c48db2c35caf97fdf8bacb854f5351328cfbab2c3b251fc0abe20ba4b8fe8f4a98dfb76a0b1ea6b6463bdd900e23114c94f205f492a4acb30cc8a6efe6f73a96d3688853c60dce92732440db5ec245478bb64ebe9b60e7469ffb253febcda05613a8c1dbf72634e68d912e2fc98501d99c7dafb50081edcc60dc74daf9cecbcf65aa57661451fc6131f8c879b2181984bc4e0973ad6984837e19595caa35ff4713266b6a6c090a50afeb1461590c4c36f7fead0c9620af82302616c154e74199ee11353f6e9861472e2f1826afd0ce1a2ce9712b50019b32397960f54f4fce3c6655e13d8ef3ba20eaa3ca03a831a39732203dc3d2d3bf8de63fb4c96b3ec10cc852401f25a2575e98d9a25bf0767fc180f6fef5928565fa9ffdd620b6713f85bbc140060df1b50607b4eb51c0c71dac8ee2c19b9bd03b1840bb4d1f8a767d788a31926c9c39be4709dd57e856cb417d3947ce825f194fac18323f36a3b7743603abc628d477b3292a6b3f4965e882a110728f2a9f4fa8fd9d9d50859c48fe0f07f6a826bd5c5d8d645c0f7d8d03cf49be2419e2986f8ad55a228cacd0838f867a8612fd1c4b04d54dc9d5b05cc9395f5bb7fe918083bedfa33734a3f6afaf70379f4d423fa592dcfdeef84161df3f8f42204116442fc815a3cb3c79348d489296014fb8d4334c4ad776e14207ed2115781a0caac4cbfddf8f788f58cd9da9c33f145d87a187d7db78ce4368c5bdbba67fde5264a53a65a027a52aa09fd4943aeeae146a769a26a0f3597fd5004b60c179ce2bcafc78220d691c44c153c883bf942f01586b5321e4bbb28ab44d97bea3368f7c5d0c3dda0ef359065fd31f62060beb0b2a31f7164867e4b78f89f5ea0131aed7014ef3385f0b350ff847f4321b81c7dc9a484605ee397a2d5ea8ad9593020cea3acb6a106a560b4bf675c89aa3b14678dfef6602fdfa9afeeb6f16cb1b3cc944ad5d0492a3d07308c07dfc204c071d92f6b8b5694c70d166fe29f7894ceee7554dc32c71f3b971c8f20f2cafa4399a8755684090f90e6b45ee924d1205e0a075fd2259b6ca6430d28c780735353be38578b3cf1badcba4dae86419d4a0c1ec21f4a7510a08018e90974f0757aab8b51dc0fc068193d040cbd9706eeec02360da646b11cc5f1a544ecf24ce87c7165a0cb9bdb6990db03320ecf2f65fb6dfd1f3d32b2ae10723707cf5f30ea387f677aea100649c72e795b5f7d652e0e2fd0ae19eaf96f1b6453d056e01c97aa5c271b5e5f303fa4013f686cfbf64a1c1fe4263786b835e46a98699b8d5262520c4947987748ab21a48aef3", 0xfd1, 0x6, 0x0)
mq_timedreceive(r3, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)

1.446552747s ago: executing program 5 (id=3314):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'netdevsim0\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000300000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffd62}, 0x94)

1.395845338s ago: executing program 5 (id=3315):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r3=>0x0})
bind$can_raw(r2, &(0x7f0000000000)={0x1d, r3}, 0x10)
bind$can_raw(r2, &(0x7f0000000080), 0x10)

1.331307319s ago: executing program 2 (id=3318):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x3, 0xa, 0x3, 0x41}, 0x50)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'sit0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x3c, 0x68, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x4}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x4}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @LWTUNNEL_IP6_TC={0x5}}, @NHA_ID={0x8, 0x6, 0xf2}, @NHA_OIF={0x8, 0x5, r2}]}, 0x3c}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
faccessat2(r4, &(0x7f0000000040)='\x00', 0x1, 0x1300)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000380)={r0, &(0x7f0000000300), 0x0}, 0x20)

1.148345652s ago: executing program 6 (id=3320):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000000)={@none, 0x9, 0xd, 0xfff4, 0xb6, 0x5, "241407d72a4848fd77896dc23728eb65d740162e548a35ab14099f48c0690e8e3531722295a0813f4eef885cfd3dbe73f9e9901445adf4534a6204d701b09b6b1b1f25c79d2094b46dfb2fca5fe85d91dbeb6510f06e9ebfe3873d6a53067ad2dddaede9dff83c52f344f2e2ff05b2a95c77f80ac45d36ca95ff83d57ecd8dd9"})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080f00000a"], 0x48)
r2 = syz_open_procfs(0x0, &(0x7f0000019100)='net/fib_trie\x00')
getsockopt$WPAN_SECURITY(r2, 0x0, 0x1, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
read$char_usb(r2, &(0x7f0000000740)=""/253, 0xfd)
mq_open(&(0x7f0000000000)='\x10', 0x80, 0x69, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x10000, 0x1}, 0x8002, 0x0, 0x1003, 0x2, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0xa54a9d76e5e2e84, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x8000001f)
r4 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r4, 0x0, 0x0, 0x1001f0)
copy_file_range(r4, 0x0, r4, &(0x7f00000000c0)=0xc615, 0x101, 0x0)
dup(0xffffffffffffffff)
syz_read_part_table(0x60d, &(0x7f0000002200)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
r5 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r5, &(0x7f0000003000)=@file={0x1, './file1\x00'}, 0x6e)

1.095603163s ago: executing program 2 (id=3321):
r0 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
move_mount(r0, 0x0, 0xffffffffffffffff, 0x0, 0x46)
openat(0xffffffffffffff9c, 0x0, 0x141042, 0x17c)
r1 = syz_open_dev$sg(0x0, 0x7, 0x2702c4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES16=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100"], 0x18, 0x40048c1}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000dc0)=@mangle={'mangle\x00', 0x1f, 0x6, 0x420, 0x248, 0x180, 0x180, 0x180, 0x3d0, 0x3d0, 0x3d0, 0x3d0, 0x3d0, 0x3d0, 0x6, 0x0, {[{{@ip={@local, @rand_addr=0x64010100, 0x0, 0x0, 'veth1_to_bridge\x00', 'ipvlan0\x00', {}, {0xff}, 0x67, 0x2, 0x6d}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0xec}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0xffffff00, 0xffffffff, 'vlan0\x00', 'veth1_to_hsr\x00', {0xff}, {0xff}, 0x1, 0x1, 0x2}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x9, 0xe, @private=0xa010102, 0x4e21}}}, {{@ip={@remote, @empty, 0xffffffff, 0xffffff00, 'nr0\x00', 'veth1_to_batadv\x00', {0xff}, {0xff}, 0x0, 0x0, 0x34}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@ah={{0x30}, {[0x0, 0x8], 0x1}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x34}, @multicast2, 0x0, 0xffffff00, 'ipvlan0\x00', 'ip_vti0\x00', {0xff}, {}, 0x84, 0x0, 0x30}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@addrtype={{0x30}, {0xa02, 0x80, 0x1, 0x1}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x480)
recvmmsg(r3, &(0x7f0000001140), 0x700, 0x2, 0x0)

1.094980443s ago: executing program 5 (id=3322):
socket$inet_udp(0x2, 0x2, 0x0)
ioprio_get$pid(0x3, 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="54010000180001002bbd7000000000001d010300150004000100008000010000a67494fcd3a42289070000001e0106000201", @ANYRESHEX=r1], 0x154}}, 0x0)
r2 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000280)=ANY=[@ANYRES8=0x0, @ANYRESDEC=r1, @ANYRESDEC=r1, @ANYRES64], 0x1, 0x2e3, &(0x7f0000000640)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$TCFLSH(r3, 0x540b, 0x1)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x4, 0x0, 0x0, 0x4000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000001c0)='cpu~00\t&&')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r5}, 0x18)
syz_open_procfs(0xffffffffffffffff, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a00)=ANY=[@ANYRES64, @ANYRES32=r0, @ANYBLOB="d6a0622d846adb6701a31edf97b9b39f57f4bef585404461696ecf722aaa53587f759d98401e5b4b85b787cf656e3c37f7b4b1707d50bb850ccc708aee4346294306e15c1821ffd73b3f5c2d4134df963a944cb18690c9869600fd7ff339d999b3e903dca4913d9ffe03bf6d07de9c1cedfd1ea17bddfc97e831ee2cea5a6b25b40930950ebcfd135f6dd724d9069059cbc2218137dd068502769cb254bd63e1d52e6e3bf3f7097fc84b4ac26840e9a91ccaa27b389253a7461239019c8f9da35b9fe7113fe548865a1f8756399f355279036b784882445cf20500f9bde7b901678587654c062a1d", @ANYRES32, @ANYRES8=r2, @ANYRESDEC=r8, @ANYRES8=r9, @ANYRESOCT=r6], 0x1c}, 0x1, 0x0, 0x0, 0x4008011}, 0x8000)
ftruncate(r4, 0x2007ffc)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001780)={{r4}, 0x0, 0x0}, 0x20)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x300000000000000, 0x0, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)

926.914626ms ago: executing program 6 (id=3324):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
unshare(0x62040200)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x0, "8a79348df01ec98d81ff6c3105a71c1daa8b630468dd140406c407004000a422", 0x0, 0x1, 0x85}, 0x3c)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x1c, 0xb, 0x6, 0x101, 0x0, 0x0, {0x6, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0200}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1b, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYRES8], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
capset(&(0x7f0000000140)={0x19980330}, &(0x7f0000000100)={0x0, 0x4, 0x6, 0x0, 0x80010, 0xfffffffd})
r6 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil)
shmctl$SHM_LOCK(r6, 0xb)
shmctl$SHM_UNLOCK(r6, 0xc)
sendmsg$xdp(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
close_range(r4, 0xffffffffffffffff, 0x0)

804.597427ms ago: executing program 5 (id=3325):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'netdevsim0\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000300000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffd62}, 0x94)

745.604338ms ago: executing program 5 (id=3326):
r0 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "5a8730b3fdc7879b8e759d7a0403df3d56b700d68062b5ed4130f3bfc766c100c8a8b123d2001f4035250c91b66286724347981e4f1af20a1171efd0ceedadac", 0x1f}, 0x48, 0xfffffffffffffffd)
keyctl$invalidate(0x15, r0)
keyctl$get_security(0x11, r0, 0x0, 0x0)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r2 = add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r1)
keyctl$KEYCTL_MOVE(0x1e, r0, r1, 0xffffffffffffffff, 0x1)
add_key$keyring(&(0x7f0000000280), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, r2)
pipe2$watch_queue(&(0x7f0000000180), 0x80)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x5)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r6 = socket$inet(0x2, 0x2, 0x0)
r7 = syz_open_dev$evdev(&(0x7f0000000140), 0x1, 0x800)
ioctl$EVIOCGEFFECTS(r7, 0x80044584, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
socket(0x10, 0x3, 0x0)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x2000c12, &(0x7f00000001c0)=ANY=[], 0x4, 0xa1c, &(0x7f0000001500)="$eJzs3UtsXfWdB/Dv8SMxBiUBMgyDgNyESTDgcWxnSCZiwST2TWLGj5HtSESzIAxxRpl4hpa0EqBKBKntqqiVWnXR7lBX7QaJTdlU7Npdu+qiEmLVPeoqVReuzr3Xjh/3+trGjxA+n+j4nsfv/P+/8/znXh/ff/hqWTi4YmphoTbUdC/NbL587fTlX+58wtzLzo9+/uFHH5TD+7ezL515sfh10pOkknQleTzpHhmdnppoU9DN5GqST5Miyf7UXzfkaoof5qG705+m+HlZb0v7Nloy7SzwtbbX5x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyLipHRwcGhYl/GJi+/WqlLKmuMjE5PFVlYWLtkcZ26T2q9fheftK03KcohPT2LXX0/fjjJRE9t/LEklWN5sr7kyVqH5OnJuw8+duilR7s6Ftdvlc2Xsn/jxd56592br8/Pz73VOmThvfo2bE9u95iL1cmxmamxiXMXq5WxmanK2dOnB09eujBTuTA2Xp25MjNbnaiMTFfPzU5NV/pGnqsMnT17qlIduDJ1efLi6MB4dXHmmX8ZHhw8XXll4D+r56ZnpiZPvjIwM3JpbHx8bPJiLaZcXMacKU/E/xibrcxWz01UKtdvzM+dWpVT5+qdXQYNtduSMmi4XdDw4PDw0NDw8ND7jd6zl2acfvHsi2cGB7sGV8maiB06abm3PND6MO/EbRy2pKPe/ud/xzOWyVzOq6k0/TeS0UxnKhMtljcstv/HT1bXrXd5+99o5buWLX6i/HEsTzcme1q0/y1y2b1/t/JO3s3NvJ75zGcub+15Rrv772KqmcxYZjKVsUzkXG1OpTGnkrM5ndMZzGu5lCOZSSUXMpbxVDOTK5nJbKq1M2ok06nmXGYzlelU0peRPJdKhnI2Z3MqlVQzkCuZyuVM5mJGc65WyvXcqO33U+vkuBQ0tJGg4XWCVjfm5bm+ufa/er/+T5AN2/6bOGzRQqP939c+tG9kNxICAAAAtt0//S4HDj/y28+SIk/VPpe/MDZefXmv0wIAAAC2Ue1xvSfLl+5y7Kme2vv/wb1OCwAAANhGRe1v7IokvTlSH1v8SygfAgAAAMB9ovb7/6dTHLk7w/t/AAAAuM+0/479thFF/+LX/1au1V+vNSLqU0XvhbHx6sDI1PhLQzlR+5aBJE+tLa0zKbprf37wfI7Wo4721l9775ZY1tlTRg0NvDSU53OssSF9z5Qvz/Q1iRyuRz5bj3x2eWRnVkSeKiMB4H53bJ32eKPt//Ppr0f0P1Fr8rueaNIGD2pZAeBesdTHzl8bXZo1af8bEU+3av//dZ33/2XEI7l+pP5IwUDeyJuZz7X0p/HEwZFmpS72RlB/DKG/zacBvY1HFv5wpiP9az4P6Fna1uWxcxlOf9NPBJaVWyzmcKoe17kzxwAAdtuxddvhjbX//W3e/y+2ud/7zCOFAHAvWOrBfhMj720meO6tW3u9jQDASlppAAAAAAAAAAAAAAAAAAAAAAAAAAAA2H4b+gL/359I5ufnki10FrDlkZ7NZLj+SEd2Kec9H+lMsle1v5xNr1Ue4y9R6a8eaKz+573f8/fdyB7fmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgVRdLZbH5Hsj/JYJKTu5/Vzrm91wlsl8q+La1W3MmdvJ0D254PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDXXOP7/ztSf32wPitdHcnxJFeT/Nde57id7ux1AjujaB/yf/XAu9//35F0Z6FIV/2wp+geGZ2emiiLKvaXyz//8KMPyqF92Wt7VSgLKGtY0blEo4Zlc7pXrvVwba3e0blbN7/15jcqo+drJ+b52QvjoxMXp//9buBjxcdJJfVh0WK+3zn+mx8tm93oKKH4uNzS5lbXe6FW7+jaev+x2dot6t2AG/Nzw2VNs9VXZ7/9/zfeXrbokRxNnulL+lbW9D/l0KKmo6v350rFF8X3iwP5aa7Wjn+5N4qFojxEB2vb/8D1G/NzA2+8OX9tKaf3VuR0KEeSXEt6Np7TkdbnZu2s6+guax2sBZU/Drcpb13LShxqsV8frp0yvZvahkqb66vNfm9kdKppRj/+5qM5sekjfaJNjU0VXxR/Ki7lj/nusv4/OsrjfzxNr84mRdQil50py5etuLw66pG1LR9evuC11WW2vCrZioX96y7+Qf47/7Z0/DuW3f8bx2p37kfLamx+XSSbvy5+cXBNi3JXbbccXtUiNe4+rdZp5Hm4HtUiz3/IC/UyN3FHeaFdi71D1//Pir78Jbf1/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANz7iqSz2fyO5HiSQ0kOltOVZGF1zO0t1NfRW2wlzW1zO/nbwsKaTbnPFC0PTnEnd/J2Dux2RgAAAAAAAADsjPOjn3/40QflUPt9fGf+uaOxpJJ0JTlU/KR7ZHR6aqJNQd3J1cVf6fdsLoer5Y+H7k5/Wk493malvX18AAC+0v4eAAD//96vcOY=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x82041, 0x146)
syz_clone3(&(0x7f0000000600)={0x4040680, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, 0x0, &(0x7f00000005c0)}, 0x58)

719.711929ms ago: executing program 6 (id=3327):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg0\x00', 0x2})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000380)=ANY=[@ANYBLOB="01000004"])

584.139411ms ago: executing program 6 (id=3330):
gettid()
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x2000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b700000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x6e2e5000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket(0x25, 0x1, 0x0)
sendmsg$inet6(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000340)="c6", 0x1}], 0x1}, 0x800)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000300)={0x3e8, @tick=0x5, 0xfe, {0x1}, 0x8})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd885000000040000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lstat(0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22, 0x5ccc6e75, @rand_addr, 0x3}, 0x1c)
listen(r3, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
mount$9p_tcp(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000004e22'])
close_range(r3, r3, 0x0)

554.067071ms ago: executing program 4 (id=3331):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'ip_vti0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x4, 0x0, @empty, @rand_addr=0x3}}}})

479.418802ms ago: executing program 6 (id=3332):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @empty}], 0x1c)
sendto$inet6(r0, &(0x7f0000000500)="a4", 0x1, 0x4000041, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000540)=ANY=[], 0xed)

325.034224ms ago: executing program 4 (id=3333):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009c0000000b"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='sys_enter\x00'}, 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newqdisc={0x5c, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}, {0xd, 0xc}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x7f, 0x4}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x5, 0x12, 0x400, 0x1, 0x200}}, {0x4}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44004}, 0x0)

274.210225ms ago: executing program 4 (id=3334):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000005c0)='kfree_skb\x00', r0}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000580)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, 0x0}, 0x0)

185.385337ms ago: executing program 2 (id=3335):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r3=>0x0})
bind$can_raw(r2, &(0x7f0000000000)={0x1d, r3}, 0x10)
bind$can_raw(r2, &(0x7f0000000080), 0x10)

185.132047ms ago: executing program 4 (id=3336):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x22, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x240007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, &(0x7f00000003c0)="a8cf4658948be5672314f6800eb2fb5e1570dc5d3c53465450d7787fd1ee42ddaed361dbc344c8980e9509069fbbfc485a75e1934c78a361ce3b81dea5e6ea54278465dae07687ad1c6f6901522cda88f8d1d4c73eeaaa79a091489b7d91a8c34a1c9db441db7f84ef5b036d5bbb92700fb6aa7c90b505f84eec4e02bc0b7c53a86f26f2790654502ee91930461b42c327e390c89563821bf71b848e0c12c9804f13b1eeb12130d197d19b3cd8f991f710614603c7799e2a66f215dbfc0a5eea9807f0f870", 0xc5, 0x1, 0x0, 0x0)
r3 = dup(r0)
sendmmsg$inet(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000680)="537eb9f8", 0x4}], 0x1}}], 0x1, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, '.\x00'}, 0x6e)

158.604277ms ago: executing program 4 (id=3337):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff61, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kfree\x00', r0}, 0x18)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
close_range(r1, 0xffffffffffffffff, 0x0) (fail_nth: 1)

121.656767ms ago: executing program 2 (id=3338):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

121.149347ms ago: executing program 2 (id=3339):
socket$inet_udp(0x2, 0x2, 0x0)
ioprio_get$pid(0x3, 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="54010000180001002bbd7000000000001d010300150004000100008000010000a67494fcd3a42289070000001e0106000201", @ANYRESHEX=r1], 0x154}}, 0x0)
r2 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000280)=ANY=[@ANYRES8=0x0, @ANYRESDEC=r1, @ANYRESDEC=r1, @ANYRES64], 0x1, 0x2e3, &(0x7f0000000640)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$TCFLSH(r3, 0x540b, 0x1)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x4, 0x0, 0x0, 0x4000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f00000001c0)='cpu~00\t&&')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r5}, 0x18)
syz_open_procfs(0xffffffffffffffff, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a00)=ANY=[@ANYRES64, @ANYRES32=r0, @ANYBLOB="d6a0622d846adb6701a31edf97b9b39f57f4bef585404461696ecf722aaa53587f759d98401e5b4b85b787cf656e3c37f7b4b1707d50bb850ccc708aee4346294306e15c1821ffd73b3f5c2d4134df963a944cb18690c9869600fd7ff339d999b3e903dca4913d9ffe03bf6d07de9c1cedfd1ea17bddfc97e831ee2cea5a6b25b40930950ebcfd135f6dd724d9069059cbc2218137dd068502769cb254bd63e1d52e6e3bf3f7097fc84b4ac26840e9a91ccaa27b389253a7461239019c8f9da35b9fe7113fe548865a1f8756399f355279036b784882445cf20500f9bde7b901678587654c062a1d", @ANYRES32, @ANYRES8=r2, @ANYRESDEC=r8, @ANYRES8=r9, @ANYRESOCT=r6], 0x1c}, 0x1, 0x0, 0x0, 0x4008011}, 0x8000)
ftruncate(r4, 0x2007ffc)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001780)={{r4}, 0x0, 0x0}, 0x20)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x300000000000000, 0x0, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)

55.302379ms ago: executing program 6 (id=3340):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x1000000, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x10, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0xfff}]}}]}, 0x40}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000004c0)='kfree\x00', r3}, 0xe)
r8 = socket$inet(0x2, 0x3, 0xd)
getsockopt$inet_mreqsrc(r8, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r9}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0xbc}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r10 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xffeffffffffffffa]}, 0x8, 0x0)
io_setup(0x206, &(0x7f0000000200)=<r11=>0x0)
io_submit(r11, 0x47f, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r10, &(0x7f00000003c0)="951aa14bd6f68579cac67c83bf8d4500e5cea1bb1596d4ee6645fa16fa7cacb9214070a622a2c57b89075f59b85c7b5b2c41edc9d2cd5a2c95ed1c2cf72425be9c1a2df1b60a309bc3228d7e85b300f0d7a042a40166b9208e9d2e423c32ad8e47adedf5dc425c6bcb031fb2230835d41afc23476eae602bad3246417e5ac757", 0x80}])
io_destroy(r11)
r12 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r12, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000001a0001000000000000000a0080"], 0x38}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x20050800)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})

0s ago: executing program 4 (id=3341):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000b000000000082a8e273e7e2c06c39000000000000ff8524bd216a6862084ad89e880fed32"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x28000000, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
ioctl$USBDEVFS_REAPURB(r1, 0x4008550c, &(0x7f0000000700))
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
bind$unix(r2, &(0x7f0000000180)=@file={0x1}, 0x6e)
listen(r2, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
lsetxattr$security_selinux(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280), &(0x7f0000000380)='system_u:object_r:crond_var_run_t:s0\x00', 0x25, 0x0)
connect$unix(r4, &(0x7f0000000000)=@file={0x1}, 0x6e)
connect$unix(r4, &(0x7f0000000080)=@file={0x1}, 0x6e)
close(r2)

kernel console output (not intermixed with test programs):

loop4): Remounting filesystem read-only
[  163.460190][T11054] EXT4-fs (loop4): 1 truncate cleaned up
[  163.466161][   T51] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  163.476764][   T51] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  163.487550][   T51] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[  163.499396][T11054] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  163.525487][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.581041][T11071] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  163.581041][T11071]    program syz.1.2858 not setting count and/or reply_len properly
[  163.584002][T11073] FAULT_INJECTION: forcing a failure.
[  163.584002][T11073] name failslab, interval 1, probability 0, space 0, times 0
[  163.610487][T11073] CPU: 1 UID: 0 PID: 11073 Comm: syz.4.2859 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  163.610515][T11073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  163.610527][T11073] Call Trace:
[  163.610534][T11073]  <TASK>
[  163.610542][T11073]  __dump_stack+0x1d/0x30
[  163.610632][T11073]  dump_stack_lvl+0xe8/0x140
[  163.610648][T11073]  dump_stack+0x15/0x1b
[  163.610662][T11073]  should_fail_ex+0x265/0x280
[  163.610688][T11073]  should_failslab+0x8c/0xb0
[  163.610710][T11073]  kmem_cache_alloc_noprof+0x50/0x310
[  163.610740][T11073]  ? skb_clone+0x151/0x1f0
[  163.610760][T11073]  skb_clone+0x151/0x1f0
[  163.610778][T11073]  __netlink_deliver_tap+0x2c9/0x500
[  163.610880][T11073]  netlink_unicast+0x64c/0x670
[  163.610910][T11073]  netlink_sendmsg+0x58b/0x6b0
[  163.610931][T11073]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.610949][T11073]  __sock_sendmsg+0x142/0x180
[  163.611032][T11073]  ____sys_sendmsg+0x31e/0x4e0
[  163.611066][T11073]  ___sys_sendmsg+0x17b/0x1d0
[  163.611104][T11073]  __x64_sys_sendmsg+0xd4/0x160
[  163.611211][T11073]  x64_sys_call+0x2999/0x2fb0
[  163.611258][T11073]  do_syscall_64+0xd2/0x200
[  163.611276][T11073]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  163.611303][T11073]  ? clear_bhb_loop+0x40/0x90
[  163.611322][T11073]  ? clear_bhb_loop+0x40/0x90
[  163.611348][T11073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.611365][T11073] RIP: 0033:0x7f4d4ab6e929
[  163.611379][T11073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.611395][T11073] RSP: 002b:00007f4d491d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.611419][T11073] RAX: ffffffffffffffda RBX: 00007f4d4ad95fa0 RCX: 00007f4d4ab6e929
[  163.611432][T11073] RDX: 00000000200400d4 RSI: 0000200000000140 RDI: 0000000000000004
[  163.611450][T11073] RBP: 00007f4d491d7090 R08: 0000000000000000 R09: 0000000000000000
[  163.611463][T11073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.611475][T11073] R13: 0000000000000000 R14: 00007f4d4ad95fa0 R15: 00007ffe1a1eca78
[  163.611494][T11073]  </TASK>
[  163.963555][T11075] loop1: detected capacity change from 0 to 256
[  163.970591][T11075] vfat: Unknown parameter '�jp�ŝ���A�^ԯ��'Ӄ���t���'
[  164.024037][T11085] loop1: detected capacity change from 0 to 512
[  164.042966][T11085] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  164.060878][T11086] __nla_validate_parse: 8 callbacks suppressed
[  164.060944][T11086] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2864'.
[  164.089319][T11083] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2864'.
[  164.098869][T11080] loop5: detected capacity change from 0 to 1764
[  164.107589][T11080] iso9660: Corrupted directory entry in block 2 of inode 1920
[  164.116100][T11085] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.149025][T11085] ext4 filesystem being mounted at /573/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  164.162500][T11085] EXT4-fs warning (device loop1): verify_group_input:137: Cannot add at group 25 (only 1 groups)
[  164.190506][T11096] loop2: detected capacity change from 0 to 512
[  164.197223][T11096] ext4: Unknown parameter 'fsmagic'
[  164.206903][T11096] loop2: detected capacity change from 0 to 512
[  164.213540][T11096] SELinux: security_context_str_to_sid (system_uappraise,uid=00000000000000000000,,errors=continue) failed with errno=-22
[  164.244189][T11061] 9pnet_fd: p9_fd_create_tcp (11061): problem connecting socket to 127.0.0.1
[  164.338683][T11105] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2871'.
[  164.349039][T11105] loop0: detected capacity change from 0 to 128
[  164.414556][T11108] loop4: detected capacity change from 0 to 256
[  164.429405][T11108] vfat: Unknown parameter '�jp�ŝ���A�^ԯ��'Ӄ���t���'
[  164.486720][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.533505][T11116] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2876'.
[  164.544510][T11116] loop2: detected capacity change from 0 to 128
[  164.558604][T11105] bio_check_eod: 16 callbacks suppressed
[  164.558618][T11105] syz.0.2871: attempt to access beyond end of device
[  164.558618][T11105] loop0: rw=0, sector=97, nr_sectors = 120 limit=128
[  164.594312][   T51] kworker/u8:3: attempt to access beyond end of device
[  164.594312][   T51] loop0: rw=1, sector=217, nr_sectors = 824 limit=128
[  164.651634][T11122] syz.2.2876: attempt to access beyond end of device
[  164.651634][T11122] loop2: rw=0, sector=97, nr_sectors = 120 limit=128
[  164.681852][T11124] ALSA: seq fatal error: cannot create timer (-19)
[  164.741492][T11128] netem: change failed
[  164.753113][  T297] kworker/u8:4: attempt to access beyond end of device
[  164.753113][  T297] loop2: rw=1, sector=217, nr_sectors = 824 limit=128
[  164.819872][T11141] loop2: detected capacity change from 0 to 512
[  164.843758][   T51] bond0: (slave netdevsim1): Releasing backup interface
[  164.858698][T11149] loop0: detected capacity change from 0 to 256
[  164.876013][T11149] vfat: Unknown parameter '�jp�ŝ���A�^ԯ��'Ӄ���t���'
[  164.877512][T11132] lo speed is unknown, defaulting to 1000
[  164.891445][T11141] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  164.949794][T11141] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  164.961361][T11141] System zones: 0-2, 18-18, 34-34
[  164.967310][T11141] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.077487][T11141] ext4 filesystem being mounted at /547/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.205217][   T51] bond0 (unregistering): Released all slaves
[  165.218515][T11162] loop5: detected capacity change from 0 to 1764
[  165.227637][T11162] iso9660: Corrupted directory entry in block 2 of inode 1920
[  165.250919][T11173] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2895'.
[  165.271277][T11167] FAULT_INJECTION: forcing a failure.
[  165.271277][T11167] name failslab, interval 1, probability 0, space 0, times 0
[  165.283960][T11167] CPU: 0 UID: 0 PID: 11167 Comm: syz.1.2894 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  165.284000][T11167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  165.284012][T11167] Call Trace:
[  165.284016][T11167]  <TASK>
[  165.284021][T11167]  __dump_stack+0x1d/0x30
[  165.284034][T11167]  dump_stack_lvl+0xe8/0x140
[  165.284045][T11167]  dump_stack+0x15/0x1b
[  165.284101][T11167]  should_fail_ex+0x265/0x280
[  165.284119][T11167]  should_failslab+0x8c/0xb0
[  165.284132][T11167]  __kmalloc_node_noprof+0xa9/0x410
[  165.284153][T11167]  ? qdisc_alloc+0x65/0x440
[  165.284170][T11167]  qdisc_alloc+0x65/0x440
[  165.284318][T11167]  qdisc_create_dflt+0x7f/0x2d0
[  165.284396][T11167]  mq_init+0x1b6/0x380
[  165.284406][T11167]  ? __rcu_read_unlock+0x4f/0x70
[  165.284420][T11167]  qdisc_create_dflt+0xec/0x2d0
[  165.284436][T11167]  ? dev_activate+0xbb/0x9e0
[  165.284471][T11167]  dev_activate+0xde/0x9e0
[  165.284487][T11167]  ? _raw_spin_unlock_bh+0x36/0x40
[  165.284501][T11167]  __dev_open+0x472/0x530
[  165.284515][T11167]  __dev_change_flags+0x163/0x400
[  165.284540][T11167]  netif_change_flags+0x5a/0xd0
[  165.284555][T11167]  dev_change_flags+0xce/0x180
[  165.284648][T11167]  dev_ifsioc+0x44b/0xaa0
[  165.284659][T11167]  dev_ioctl+0x70a/0x960
[  165.284670][T11167]  sock_do_ioctl+0x197/0x220
[  165.284684][T11167]  sock_ioctl+0x41b/0x610
[  165.284750][T11167]  ? __pfx_sock_ioctl+0x10/0x10
[  165.284761][T11167]  __se_sys_ioctl+0xce/0x140
[  165.284777][T11167]  __x64_sys_ioctl+0x43/0x50
[  165.284835][T11167]  x64_sys_call+0x19a8/0x2fb0
[  165.284920][T11167]  do_syscall_64+0xd2/0x200
[  165.284929][T11167]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  165.284989][T11167]  ? clear_bhb_loop+0x40/0x90
[  165.285001][T11167]  ? clear_bhb_loop+0x40/0x90
[  165.285017][T11167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.285029][T11167] RIP: 0033:0x7f92ecfce929
[  165.285038][T11167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.285084][T11167] RSP: 002b:00007f92eb637038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.285095][T11167] RAX: ffffffffffffffda RBX: 00007f92ed1f5fa0 RCX: 00007f92ecfce929
[  165.285102][T11167] RDX: 0000200000002280 RSI: 0000000000008914 RDI: 0000000000000006
[  165.285109][T11167] RBP: 00007f92eb637090 R08: 0000000000000000 R09: 0000000000000000
[  165.285117][T11167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.285124][T11167] R13: 0000000000000000 R14: 00007f92ed1f5fa0 R15: 00007ffe9b7b5ff8
[  165.285144][T11167]  </TASK>
[  165.285162][T11167] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  165.549006][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.606146][   T51] hsr_slave_0: left promiscuous mode
[  165.611924][   T51] hsr_slave_1: left promiscuous mode
[  165.678042][T11184] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  165.686363][T11184] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  165.708579][T11132] chnl_net:caif_netlink_parms(): no params data found
[  165.766986][T11186] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  165.767407][T11132] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.775226][T11186] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  165.782326][T11132] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.827906][T11132] bridge_slave_0: entered allmulticast mode
[  165.835531][T11132] bridge_slave_0: entered promiscuous mode
[  165.844264][T11132] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.851434][T11132] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.862578][T11132] bridge_slave_1: entered allmulticast mode
[  165.869340][T11132] bridge_slave_1: entered promiscuous mode
[  165.894170][T11132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  165.904646][T11199] loop5: detected capacity change from 0 to 8192
[  165.904648][T11132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  165.930959][T11132] team0: Port device team_slave_0 added
[  165.937593][T11132] team0: Port device team_slave_1 added
[  165.971640][T11132] batman_adv: batadv0: Adding interface: batadv_slave_0
[  165.978697][T11132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.004711][T11132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.008829][T11206] loop5: detected capacity change from 0 to 512
[  166.016615][T11132] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.029008][T11132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.055098][T11132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.067434][T11206] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  166.086785][T11132] hsr_slave_0: entered promiscuous mode
[  166.092834][T11132] hsr_slave_1: entered promiscuous mode
[  166.101905][T11206] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  166.110801][T11206] System zones: 0-2, 18-18, 34-34
[  166.116938][T11206] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.129677][T11206] ext4 filesystem being mounted at /517/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.150350][T11213] FAULT_INJECTION: forcing a failure.
[  166.150350][T11213] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  166.163694][T11213] CPU: 0 UID: 0 PID: 11213 Comm: syz.2.2908 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  166.163715][T11213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  166.163723][T11213] Call Trace:
[  166.163727][T11213]  <TASK>
[  166.163736][T11213]  __dump_stack+0x1d/0x30
[  166.163750][T11213]  dump_stack_lvl+0xe8/0x140
[  166.163761][T11213]  dump_stack+0x15/0x1b
[  166.163770][T11213]  should_fail_ex+0x265/0x280
[  166.163845][T11213]  should_fail_alloc_page+0xf2/0x100
[  166.163924][T11213]  __alloc_frozen_pages_noprof+0xff/0x360
[  166.163944][T11213]  alloc_pages_mpol+0xb3/0x250
[  166.164014][T11213]  vma_alloc_folio_noprof+0x1aa/0x300
[  166.164032][T11213]  handle_mm_fault+0xec2/0x2be0
[  166.164071][T11213]  ? __rcu_read_lock+0x37/0x50
[  166.164088][T11213]  __get_user_pages+0x1036/0x1fb0
[  166.164139][T11213]  __mm_populate+0x243/0x3a0
[  166.164236][T11213]  do_mlock+0x47f/0x520
[  166.164251][T11213]  ? __bpf_trace_sys_enter+0x10/0x30
[  166.164267][T11213]  ? trace_sys_enter+0xd0/0x110
[  166.164280][T11213]  __x64_sys_mlock+0x36/0x50
[  166.164293][T11213]  x64_sys_call+0x28f4/0x2fb0
[  166.164362][T11213]  do_syscall_64+0xd2/0x200
[  166.164373][T11213]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  166.164386][T11213]  ? clear_bhb_loop+0x40/0x90
[  166.164445][T11213]  ? clear_bhb_loop+0x40/0x90
[  166.164457][T11213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.164469][T11213] RIP: 0033:0x7f2fc11be929
[  166.164478][T11213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.164494][T11213] RSP: 002b:00007f2fbf827038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  166.164548][T11213] RAX: ffffffffffffffda RBX: 00007f2fc13e5fa0 RCX: 00007f2fc11be929
[  166.164555][T11213] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000000000
[  166.164562][T11213] RBP: 00007f2fbf827090 R08: 0000000000000000 R09: 0000000000000000
[  166.164569][T11213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.164576][T11213] R13: 0000000000000000 R14: 00007f2fc13e5fa0 R15: 00007ffdf98331b8
[  166.164587][T11213]  </TASK>
[  166.421495][T11215] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2910'.
[  166.434387][T11217] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  166.434387][T11217]    program syz.2.2911 not setting count and/or reply_len properly
[  166.464754][T11215] loop0: detected capacity change from 0 to 128
[  166.478732][ T4961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.496096][T11219] loop1: detected capacity change from 0 to 1024
[  166.502999][T11219] EXT4-fs: inline encryption not supported
[  166.504066][T11221] loop2: detected capacity change from 0 to 2048
[  166.508808][T11219] EXT4-fs: Ignoring removed i_version option
[  166.525305][T11219] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  166.539993][T11221]  loop2: p1 < > p4
[  166.544955][T11221] loop2: p4 size 8388608 extends beyond EOD, truncated
[  166.546048][T11219] EXT4-fs error (device loop1): ext4_map_blocks:816: inode #3: block 1: comm syz.1.2913: lblock 1 mapped to illegal pblock 1 (length 1)
[  166.578788][T11219] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2913: Failed to acquire dquot type 0
[  166.600798][T11225] syz.0.2910: attempt to access beyond end of device
[  166.600798][T11225] loop0: rw=0, sector=97, nr_sectors = 120 limit=128
[  166.609990][T11227] loop5: detected capacity change from 0 to 1024
[  166.614523][T11219] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.2913: Freeing blocks not in datazone - block = 0, count = 4096
[  166.622330][T11227] EXT4-fs: inline encryption not supported
[  166.639711][T11227] EXT4-fs: Ignoring removed i_version option
[  166.656637][ T6002] kworker/u8:8: attempt to access beyond end of device
[  166.656637][ T6002] loop0: rw=1, sector=217, nr_sectors = 824 limit=128
[  166.669717][T11132] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  166.671779][T11227] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  166.677501][T11219] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.2913: Invalid inode bitmap blk 0 in block_group 0
[  166.700779][  T297] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  166.702449][T11132] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  166.721895][T11229] FAULT_INJECTION: forcing a failure.
[  166.721895][T11229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.735040][T11229] CPU: 0 UID: 0 PID: 11229 Comm: syz.2.2916 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  166.735065][T11229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  166.735075][T11229] Call Trace:
[  166.735081][T11229]  <TASK>
[  166.735145][T11229]  __dump_stack+0x1d/0x30
[  166.735164][T11229]  dump_stack_lvl+0xe8/0x140
[  166.735189][  T297] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0
[  166.735182][T11229]  dump_stack+0x15/0x1b
[  166.735236][T11229]  should_fail_ex+0x265/0x280
[  166.735267][T11229]  should_fail+0xb/0x20
[  166.735329][T11229]  should_fail_usercopy+0x1a/0x20
[  166.735358][T11229]  _copy_to_user+0x20/0xa0
[  166.735381][T11229]  simple_read_from_buffer+0xb5/0x130
[  166.735428][T11229]  proc_fail_nth_read+0x100/0x140
[  166.735461][T11229]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  166.735491][T11229]  vfs_read+0x1a0/0x6f0
[  166.735549][T11229]  ? __rcu_read_unlock+0x4f/0x70
[  166.735569][T11229]  ? __rcu_read_unlock+0x4f/0x70
[  166.735650][T11229]  ? __fget_files+0x184/0x1c0
[  166.735673][T11229]  ksys_read+0xda/0x1a0
[  166.735746][T11229]  __x64_sys_read+0x40/0x50
[  166.735775][T11229]  x64_sys_call+0x2d77/0x2fb0
[  166.735796][T11229]  do_syscall_64+0xd2/0x200
[  166.735874][T11229]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  166.735899][T11229]  ? clear_bhb_loop+0x40/0x90
[  166.735989][T11229]  ? clear_bhb_loop+0x40/0x90
[  166.736031][T11229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.736052][T11229] RIP: 0033:0x7f2fc11bd33c
[  166.736066][T11229] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  166.736083][T11229] RSP: 002b:00007f2fbf827030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  166.736102][T11229] RAX: ffffffffffffffda RBX: 00007f2fc13e5fa0 RCX: 00007f2fc11bd33c
[  166.736114][T11229] RDX: 000000000000000f RSI: 00007f2fbf8270a0 RDI: 0000000000000006
[  166.736176][T11229] RBP: 00007f2fbf827090 R08: 0000000000000000 R09: 0000000000000000
[  166.736189][T11229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.736201][T11229] R13: 0000000000000000 R14: 00007f2fc13e5fa0 R15: 00007ffdf98331b8
[  166.736219][T11229]  </TASK>
[  166.736434][T11219] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  166.749986][T11227] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #3: block 1: comm syz.5.2915: lblock 1 mapped to illegal pblock 1 (length 1)
[  166.759670][T11132] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  166.771468][T11227] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2915: Failed to acquire dquot type 0
[  166.803957][T11219] EXT4-fs (loop1): 1 orphan inode deleted
[  166.810229][T11227] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.2915: Freeing blocks not in datazone - block = 0, count = 4096
[  166.815547][T11219] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.823033][T11227] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.2915: Invalid inode bitmap blk 0 in block_group 0
[  166.827092][T11232] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2917'.
[  166.832094][T11227] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  166.836971][T11132] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  166.855130][T11232] loop0: detected capacity change from 0 to 128
[  166.860646][  T297] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  166.868977][T11227] EXT4-fs (loop5): 1 orphan inode deleted
[  166.913829][  T297] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0
[  166.921875][T11227] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.118055][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.120855][T11227] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm syz.5.2915: lblock 1 mapped to illegal pblock 1 (length 1)
[  167.141525][T11227] __quota_error: 352 callbacks suppressed
[  167.141537][T11227] Quota error (device loop5): find_tree_dqentry: Can't read quota tree block 1
[  167.156298][T11227] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 60928
[  167.166254][T11227] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2915: Failed to acquire dquot type 0
[  167.262808][T11132] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.272281][ T4961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.281058][T11132] 8021q: adding VLAN 0 to HW filter on device team0
[  167.289980][   T29] audit: type=1326 audit(1750974012.166:12997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11256 comm="syz.2.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc11be929 code=0x7ffc0000
[  167.313628][   T29] audit: type=1326 audit(1750974012.166:12998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11256 comm="syz.2.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc11be929 code=0x7ffc0000
[  167.348654][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.355744][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.364421][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.364514][   T29] audit: type=1326 audit(1750974012.217:12999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11256 comm="syz.2.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f2fc11be929 code=0x7ffc0000
[  167.371476][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.402257][   T29] audit: type=1326 audit(1750974012.217:13000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11256 comm="syz.2.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc11be929 code=0x7ffc0000
[  167.425965][   T29] audit: type=1326 audit(1750974012.217:13001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11256 comm="syz.2.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc11be929 code=0x7ffc0000
[  167.449607][   T29] audit: type=1326 audit(1750974012.217:13002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11256 comm="syz.2.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f2fc11be929 code=0x7ffc0000
[  167.473188][   T29] audit: type=1326 audit(1750974012.217:13003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11256 comm="syz.2.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc11be929 code=0x7ffc0000
[  167.496841][   T29] audit: type=1326 audit(1750974012.217:13004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11256 comm="syz.2.2925" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2fc11be929 code=0x7ffc0000
[  167.528099][T11257] siw: device registration error -23
[  167.542471][T11257] RDS: rds_bind could not find a transport for ::ffff:172.30.0.3, load rds_tcp or rds_rdma?
[  167.558765][T11257] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2925'.
[  167.563601][T11265] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2927'.
[  167.606166][T11265] loop5: detected capacity change from 0 to 128
[  167.606269][T11132] 8021q: adding VLAN 0 to HW filter on device batadv0
[  167.748978][T11265] syz.5.2927: attempt to access beyond end of device
[  167.748978][T11265] loop5: rw=0, sector=97, nr_sectors = 120 limit=128
[  167.805224][T11132] veth0_vlan: entered promiscuous mode
[  167.815535][T11132] veth1_vlan: entered promiscuous mode
[  167.837545][T11132] veth0_macvtap: entered promiscuous mode
[  167.855838][   T51] kworker/u8:3: attempt to access beyond end of device
[  167.855838][   T51] loop5: rw=1, sector=217, nr_sectors = 824 limit=128
[  167.874749][T11132] veth1_macvtap: entered promiscuous mode
[  167.903634][T11132] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.929185][T11132] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.968412][T11132] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.977298][T11132] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.986027][T11132] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.994905][T11132] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.040695][T11298] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2935'.
[  168.071981][T11255] 9pnet_fd: p9_fd_create_tcp (11255): problem connecting socket to 127.0.0.1
[  168.078737][T11304] loop4: detected capacity change from 0 to 512
[  168.141710][T11307] loop0: detected capacity change from 0 to 8192
[  168.164794][T11304] ext4: Unknown parameter 'fsmagic'
[  168.188243][T11304] loop4: detected capacity change from 0 to 512
[  168.199906][T11304] SELinux: security_context_str_to_sid (system_uappraise,uid=00000000000000000000,,errors=continue) failed with errno=-22
[  168.233872][T11305] loop2: detected capacity change from 0 to 128
[  168.284859][T11313] loop5: detected capacity change from 0 to 256
[  168.292017][T11313] vfat: Unknown parameter '�jp�ŝ���A�^ԯ��'Ӄ���t���'
[  168.363907][T11324] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  168.363907][T11324]    program syz.0.2943 not setting count and/or reply_len properly
[  168.391555][T11328] loop1: detected capacity change from 0 to 512
[  168.420759][T11327] syz.2.2936: attempt to access beyond end of device
[  168.420759][T11327] loop2: rw=0, sector=97, nr_sectors = 120 limit=128
[  168.433940][T11328] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  168.450240][T11339] loop0: detected capacity change from 0 to 256
[  168.466922][T11328] EXT4-fs (loop1): 1 truncate cleaned up
[  168.475522][T11328] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.509277][T11328] random: crng reseeded on system resumption
[  168.556740][ T6002] kworker/u8:8: attempt to access beyond end of device
[  168.556740][ T6002] loop2: rw=1, sector=217, nr_sectors = 824 limit=128
[  168.686619][T11362] loop2: detected capacity change from 0 to 128
[  168.696215][T11360] loop5: detected capacity change from 0 to 256
[  168.720563][T11360] vfat: Unknown parameter '�jp�ŝ���A�^ԯ��'Ӄ���t���'
[  168.731618][T11362] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  168.837003][T11362] ext4 filesystem being mounted at /569/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  168.908079][T11373] FAULT_INJECTION: forcing a failure.
[  168.908079][T11373] name failslab, interval 1, probability 0, space 0, times 0
[  168.920946][T11373] CPU: 0 UID: 0 PID: 11373 Comm: syz.4.2961 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  168.920971][T11373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  168.920983][T11373] Call Trace:
[  168.920989][T11373]  <TASK>
[  168.920997][T11373]  __dump_stack+0x1d/0x30
[  168.921019][T11373]  dump_stack_lvl+0xe8/0x140
[  168.921043][T11373]  dump_stack+0x15/0x1b
[  168.921057][T11373]  should_fail_ex+0x265/0x280
[  168.921081][T11373]  ? v9fs_mount+0x51/0x590
[  168.921159][T11373]  should_failslab+0x8c/0xb0
[  168.921182][T11373]  __kmalloc_cache_noprof+0x4c/0x320
[  168.921278][T11373]  v9fs_mount+0x51/0x590
[  168.921306][T11373]  ? __pfx_v9fs_mount+0x10/0x10
[  168.921334][T11373]  legacy_get_tree+0x78/0xd0
[  168.921427][T11373]  vfs_get_tree+0x54/0x1d0
[  168.921452][T11373]  do_new_mount+0x207/0x680
[  168.921540][T11373]  path_mount+0x4a4/0xb20
[  168.921629][T11373]  ? user_path_at+0x109/0x130
[  168.921653][T11373]  __se_sys_mount+0x28f/0x2e0
[  168.921667][T11373]  ? fput+0x8f/0xc0
[  168.921693][T11373]  __x64_sys_mount+0x67/0x80
[  168.921767][T11373]  x64_sys_call+0xd36/0x2fb0
[  168.921788][T11373]  do_syscall_64+0xd2/0x200
[  168.921803][T11373]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  168.921896][T11373]  ? clear_bhb_loop+0x40/0x90
[  168.921914][T11373]  ? clear_bhb_loop+0x40/0x90
[  168.921932][T11373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.921954][T11373] RIP: 0033:0x7f187a55e929
[  168.921976][T11373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.921993][T11373] RSP: 002b:00007f1878bc7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  168.922010][T11373] RAX: ffffffffffffffda RBX: 00007f187a785fa0 RCX: 00007f187a55e929
[  168.922021][T11373] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[  168.922031][T11373] RBP: 00007f1878bc7090 R08: 0000200000000240 R09: 0000000000000000
[  168.922042][T11373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.922052][T11373] R13: 0000000000000000 R14: 00007f187a785fa0 R15: 00007ffdaf9deb08
[  168.922120][T11373]  </TASK>
[  168.927854][T11365] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.165010][T11362] __nla_validate_parse: 12 callbacks suppressed
[  169.165028][T11362] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2956'.
[  169.187648][T11384] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2964'.
[  169.197336][T11384] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2964'.
[  169.214714][T11384] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2964'.
[  169.229273][T11384] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2964'.
[  169.298511][T11384] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2964'.
[  169.309815][ T1458] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  169.320267][ T1458] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.327518][T11384] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2964'.
[  169.469153][ T1458] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  169.479603][ T1458] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.495405][T11411] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  169.495405][T11411]    program syz.4.2973 not setting count and/or reply_len properly
[  169.527959][T11411] x_tables: ip6_tables: mh match: only valid for protocol 135
[  169.544901][T11401] lo speed is unknown, defaulting to 1000
[  169.558680][ T1458] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  169.569021][ T1458] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.620464][ T1458] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  169.630894][ T1458] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.643695][ T3308] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  169.666271][T11419] FAULT_INJECTION: forcing a failure.
[  169.666271][T11419] name failslab, interval 1, probability 0, space 0, times 0
[  169.679107][T11419] CPU: 1 UID: 0 PID: 11419 Comm: syz.2.2976 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  169.679151][T11419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  169.679162][T11419] Call Trace:
[  169.679168][T11419]  <TASK>
[  169.679247][T11419]  __dump_stack+0x1d/0x30
[  169.679267][T11419]  dump_stack_lvl+0xe8/0x140
[  169.679285][T11419]  dump_stack+0x15/0x1b
[  169.679299][T11419]  should_fail_ex+0x265/0x280
[  169.679381][T11419]  should_failslab+0x8c/0xb0
[  169.679401][T11419]  __kmalloc_noprof+0xa5/0x3e0
[  169.679470][T11419]  ? start_sync_thread+0x44c/0x1650
[  169.679494][T11419]  ? netdev_name_node_lookup+0xa4/0xd0
[  169.679565][T11419]  start_sync_thread+0x44c/0x1650
[  169.679587][T11419]  ? selinux_capable+0x1f9/0x270
[  169.679616][T11419]  ? should_fail_ex+0xdb/0x280
[  169.679707][T11419]  ? sized_strscpy+0x157/0x1a0
[  169.679781][T11419]  do_ip_vs_set_ctl+0x2c6/0x8c0
[  169.679815][T11419]  ? do_ip_setsockopt+0x1af3/0x2240
[  169.679841][T11419]  nf_setsockopt+0x196/0x1b0
[  169.679870][T11419]  ip_setsockopt+0x102/0x110
[  169.679939][T11419]  tcp_setsockopt+0x98/0xb0
[  169.679968][T11419]  sock_common_setsockopt+0x66/0x80
[  169.679990][T11419]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  169.680017][T11419]  smc_setsockopt+0x180/0x750
[  169.680039][T11419]  ? __pfx_smc_setsockopt+0x10/0x10
[  169.680118][T11419]  __sys_setsockopt+0x181/0x200
[  169.680149][T11419]  __x64_sys_setsockopt+0x64/0x80
[  169.680241][T11419]  x64_sys_call+0x2bd5/0x2fb0
[  169.680261][T11419]  do_syscall_64+0xd2/0x200
[  169.680275][T11419]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  169.680296][T11419]  ? clear_bhb_loop+0x40/0x90
[  169.680314][T11419]  ? clear_bhb_loop+0x40/0x90
[  169.680356][T11419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.680375][T11419] RIP: 0033:0x7f2fc11be929
[  169.680390][T11419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.680404][T11419] RSP: 002b:00007f2fbf827038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  169.680420][T11419] RAX: ffffffffffffffda RBX: 00007f2fc13e5fa0 RCX: 00007f2fc11be929
[  169.680492][T11419] RDX: 000000000000048b RSI: 0000000000000000 RDI: 0000000000000006
[  169.680502][T11419] RBP: 00007f2fbf827090 R08: 0000000000000018 R09: 0000000000000000
[  169.680547][T11419] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.680560][T11419] R13: 0000000000000000 R14: 00007f2fc13e5fa0 R15: 00007ffdf98331b8
[  169.680579][T11419]  </TASK>
[  170.042870][T11339] syz.0.2947 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  170.057161][T11339] CPU: 0 UID: 0 PID: 11339 Comm: syz.0.2947 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  170.057190][T11339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  170.057203][T11339] Call Trace:
[  170.057210][T11339]  <TASK>
[  170.057218][T11339]  __dump_stack+0x1d/0x30
[  170.057237][T11339]  dump_stack_lvl+0xe8/0x140
[  170.057323][T11339]  dump_stack+0x15/0x1b
[  170.057342][T11339]  dump_header+0x81/0x220
[  170.057375][T11339]  oom_kill_process+0x334/0x3f0
[  170.057459][T11339]  out_of_memory+0x979/0xb80
[  170.057487][T11339]  try_charge_memcg+0x5e6/0x9e0
[  170.057517][T11339]  obj_cgroup_charge_pages+0xa6/0x150
[  170.057544][T11339]  __memcg_kmem_charge_page+0x9f/0x170
[  170.057621][T11339]  __alloc_frozen_pages_noprof+0x188/0x360
[  170.057658][T11339]  alloc_pages_mpol+0xb3/0x250
[  170.057691][T11339]  alloc_pages_noprof+0x90/0x130
[  170.057767][T11339]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  170.057848][T11339]  __kvmalloc_node_noprof+0x30f/0x4e0
[  170.057871][T11339]  ? ip_set_alloc+0x1f/0x30
[  170.057894][T11339]  ? ip_set_alloc+0x1f/0x30
[  170.058041][T11339]  ip_set_alloc+0x1f/0x30
[  170.058063][T11339]  hash_netiface_create+0x282/0x740
[  170.058094][T11339]  ? __pfx_hash_netiface_create+0x10/0x10
[  170.058122][T11339]  ip_set_create+0x3c9/0x960
[  170.058174][T11339]  ? __nla_parse+0x40/0x60
[  170.058192][T11339]  nfnetlink_rcv_msg+0x4c3/0x590
[  170.058230][T11339]  ? selinux_capable+0x1f9/0x270
[  170.058276][T11339]  netlink_rcv_skb+0x120/0x220
[  170.058304][T11339]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  170.058333][T11339]  nfnetlink_rcv+0x16b/0x1690
[  170.058356][T11339]  ? __kfree_skb+0x109/0x150
[  170.058438][T11339]  ? nlmon_xmit+0x4f/0x60
[  170.058458][T11339]  ? consume_skb+0x49/0x150
[  170.058483][T11339]  ? nlmon_xmit+0x4f/0x60
[  170.058549][T11339]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  170.058584][T11339]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  170.058633][T11339]  ? __dev_queue_xmit+0x182/0x1fb0
[  170.058672][T11339]  ? ref_tracker_free+0x37d/0x3e0
[  170.058703][T11339]  ? __netlink_deliver_tap+0x4dc/0x500
[  170.058738][T11339]  netlink_unicast+0x59e/0x670
[  170.058884][T11339]  netlink_sendmsg+0x58b/0x6b0
[  170.058951][T11339]  ? __pfx_netlink_sendmsg+0x10/0x10
[  170.059004][T11339]  __sock_sendmsg+0x142/0x180
[  170.059026][T11339]  ____sys_sendmsg+0x31e/0x4e0
[  170.059132][T11339]  ___sys_sendmsg+0x17b/0x1d0
[  170.059227][T11339]  __x64_sys_sendmsg+0xd4/0x160
[  170.059296][T11339]  x64_sys_call+0x2999/0x2fb0
[  170.059314][T11339]  do_syscall_64+0xd2/0x200
[  170.059331][T11339]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  170.059359][T11339]  ? clear_bhb_loop+0x40/0x90
[  170.059407][T11339]  ? clear_bhb_loop+0x40/0x90
[  170.059478][T11339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.059577][T11339] RIP: 0033:0x7f0c152fe929
[  170.059591][T11339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.059632][T11339] RSP: 002b:00007f0c13967038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  170.059653][T11339] RAX: ffffffffffffffda RBX: 00007f0c15525fa0 RCX: 00007f0c152fe929
[  170.059668][T11339] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000007
[  170.059680][T11339] RBP: 00007f0c15380b39 R08: 0000000000000000 R09: 0000000000000000
[  170.059691][T11339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  170.059701][T11339] R13: 0000000000000000 R14: 00007f0c15525fa0 R15: 00007ffc34145508
[  170.059718][T11339]  </TASK>
[  170.059726][T11339] memory: usage 307200kB, limit 307200kB, failcnt 2742
[  170.087410][T11424] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  170.087410][T11424]    program syz.2.2977 not setting count and/or reply_len properly
[  170.088982][T11339] memory+swap: usage 307712kB, limit 9007199254740988kB, failcnt 0
[  170.154333][T11401] chnl_net:caif_netlink_parms(): no params data found
[  170.159331][T11339] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  170.186694][T11427] loop2: detected capacity change from 0 to 128
[  170.188200][T11339] Memory cgroup stats for 
[  170.194398][T11427] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  170.197501][T11339] /syz0
[  170.202575][T11427] ext4 filesystem being mounted at /572/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.207250][T11339] :
[  170.487677][T11427] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2978'.
[  170.500140][T11339] cache 0
[  170.503145][T11339] rss 0
[  170.505900][T11339] shmem 0
[  170.508853][T11339] mapped_file 0
[  170.512385][T11339] dirty 0
[  170.515345][T11339] writeback 0
[  170.518651][T11339] workingset_refault_anon 916
[  170.523311][T11339] workingset_refault_file 1575
[  170.528158][T11339] swap 524288
[  170.531468][T11339] swapcached 4096
[  170.535086][T11339] pgpgin 176260
[  170.538540][T11339] pgpgout 176259
[  170.542110][T11339] pgfault 180164
[  170.545651][T11339] pgmajfault 598
[  170.549202][T11339] inactive_anon 4096
[  170.553078][T11339] active_anon 0
[  170.556581][T11339] inactive_file 0
[  170.560205][T11339] active_file 0
[  170.563651][T11339] unevictable 0
[  170.567121][T11339] hierarchical_memory_limit 314572800
[  170.572532][T11339] hierarchical_memsw_limit 9223372036854771712
[  170.578745][T11339] total_cache 0
[  170.582221][T11339] total_rss 0
[  170.585539][T11339] total_shmem 0
[  170.588988][T11339] total_mapped_file 0
[  170.592960][T11339] total_dirty 0
[  170.596430][T11339] total_writeback 0
[  170.600223][T11339] total_workingset_refault_anon 916
[  170.605464][T11339] total_workingset_refault_file 1575
[  170.610789][T11339] total_swap 524288
[  170.614687][T11339] total_swapcached 4096
[  170.618830][T11339] total_pgpgin 176260
[  170.622809][T11339] total_pgpgout 176259
[  170.626945][T11339] total_pgfault 180164
[  170.631007][T11339] total_pgmajfault 598
[  170.635150][T11339] total_inactive_anon 4096
[  170.639555][T11339] total_active_anon 0
[  170.643517][T11339] total_inactive_file 0
[  170.647742][T11339] total_active_file 0
[  170.651790][T11339] total_unevictable 0
[  170.655775][T11339] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.2947,pid=11335,uid=0
[  170.670640][T11339] Memory cgroup out of memory: Killed process 11335 (syz.0.2947) total-vm:95932kB, anon-rss:1064kB, file-rss:22308kB, shmem-rss:68kB, UID:0 pgtables:152kB oom_score_adj:1000
[  170.713338][T11431] EXT4-fs (loop2): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.872739][T11401] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.879891][T11401] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.986218][T11401] bridge_slave_0: entered allmulticast mode
[  171.000653][T11401] bridge_slave_0: entered promiscuous mode
[  171.009688][T11401] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.016802][T11401] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.024010][T11401] bridge_slave_1: entered allmulticast mode
[  171.030597][T11401] bridge_slave_1: entered promiscuous mode
[  171.063470][T11401] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  171.080014][ T1458] bridge_slave_1: left allmulticast mode
[  171.085872][ T1458] bridge_slave_1: left promiscuous mode
[  171.091562][ T1458] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.118474][ T3308] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  171.175094][ T1458] bridge_slave_0: left allmulticast mode
[  171.180768][ T1458] bridge_slave_0: left promiscuous mode
[  171.186586][ T1458] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.260305][T11450] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  171.260305][T11450]    program syz.2.2983 not setting count and/or reply_len properly
[  171.311632][T11454] x_tables: ip6_tables: mh match: only valid for protocol 135
[  171.337090][T11456] loop4: detected capacity change from 0 to 512
[  171.347241][T11456] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  171.368397][T11456] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  171.376518][T11456] System zones: 0-2, 18-18, 34-34
[  171.385553][ T1458] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  171.395572][ T1458] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  171.418927][ T1458] bond0 (unregistering): Released all slaves
[  171.428292][T11456] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.444725][T11456] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.456591][T11401] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  171.505867][T11401] team0: Port device team_slave_0 added
[  171.527988][T11401] team0: Port device team_slave_1 added
[  171.604804][T11401] batman_adv: batadv0: Adding interface: batadv_slave_0
[  171.611779][T11401] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.637808][T11401] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.648724][T11471] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  171.648724][T11471]    program syz.2.2990 not setting count and/or reply_len properly
[  171.666507][T11132] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.666685][T11471] x_tables: ip6_tables: mh match: only valid for protocol 135
[  171.695439][T11401] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.702595][T11401] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.728616][T11401] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.755249][ T1458] hsr_slave_1: left promiscuous mode
[  171.762233][ T1458] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.769740][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.779067][ T1458] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.781263][T11476] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2991'.
[  171.786510][ T1458] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.797540][T11476] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2991'.
[  171.820176][ T1458] veth1_macvtap: left promiscuous mode
[  171.827560][ T1458] veth0_macvtap: left promiscuous mode
[  171.833221][ T1458] veth1_vlan: left allmulticast mode
[  171.838551][ T1458] veth1_vlan: left promiscuous mode
[  171.844034][ T1458] veth0_vlan: left promiscuous mode
[  171.900683][T11484] loop2: detected capacity change from 0 to 8192
[  171.931413][ T1458] team0 (unregistering): Port device team_slave_1 removed
[  171.941452][ T1458] team0 (unregistering): Port device team_slave_0 removed
[  171.950322][   T31] smc: removing ib device syz!
[  171.992476][ T3385] lo speed is unknown, defaulting to 1000
[  171.996094][T11472] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  171.998300][ T3385] infiniband syz0: ib_query_port failed (-19)
[  172.006404][T11472] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  172.045052][T11401] hsr_slave_0: entered promiscuous mode
[  172.057242][T11401] hsr_slave_1: entered promiscuous mode
[  172.071139][T11401] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  172.101895][T11401] Cannot create hsr debugfs directory
[  172.115885][T11492] loop5: detected capacity change from 0 to 128
[  172.193004][T11492] syz.5.2998: attempt to access beyond end of device
[  172.193004][T11492] loop5: rw=0, sector=97, nr_sectors = 120 limit=128
[  172.234110][T11499] loop2: detected capacity change from 0 to 128
[  172.244355][ T3450] kworker/u8:7: attempt to access beyond end of device
[  172.244355][ T3450] loop5: rw=1, sector=217, nr_sectors = 824 limit=128
[  172.282746][T11401] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  172.300701][T11401] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  172.314714][T11401] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  172.323830][T11401] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  172.372200][T11505] syz.2.3001: attempt to access beyond end of device
[  172.372200][T11505] loop2: rw=0, sector=97, nr_sectors = 120 limit=128
[  172.409619][T11401] 8021q: adding VLAN 0 to HW filter on device bond0
[  172.422262][T11401] 8021q: adding VLAN 0 to HW filter on device team0
[  172.432751][T11513] loop5: detected capacity change from 0 to 8192
[  172.444204][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.451307][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.464777][ T1458] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.471868][ T1458] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.479475][ T3450] kworker/u8:7: attempt to access beyond end of device
[  172.479475][ T3450] loop2: rw=1, sector=217, nr_sectors = 824 limit=128
[  172.501950][T11401] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  172.590209][   T29] kauditd_printk_skb: 411 callbacks suppressed
[  172.590225][   T29] audit: type=1400 audit(1750974017.591:13416): avc:  denied  { listen } for  pid=11524 comm="syz.4.3011" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  172.602674][T11401] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.646845][T11525] loop4: detected capacity change from 0 to 128
[  172.662778][T11525] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  172.686893][T11525] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  172.708693][   T29] audit: type=1400 audit(1750974017.703:13417): avc:  denied  { create } for  pid=11524 comm="syz.4.3011" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  172.740012][   T29] audit: type=1400 audit(1750974017.744:13418): avc:  denied  { accept } for  pid=11524 comm="syz.4.3011" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  172.777489][T11132] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  172.788440][T11547] loop5: detected capacity change from 0 to 256
[  172.795539][T11547] FAT-fs (loop5): count of clusters too big (178174)
[  172.802361][T11547] FAT-fs (loop5): Can't find a valid FAT filesystem
[  172.853789][T11401] veth0_vlan: entered promiscuous mode
[  172.862544][T11401] veth1_vlan: entered promiscuous mode
[  172.877511][   T29] audit: type=1400 audit(1750974017.877:13419): avc:  denied  { getopt } for  pid=11557 comm="syz.4.3017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  172.909025][T11401] veth0_macvtap: entered promiscuous mode
[  172.917067][T11401] veth1_macvtap: entered promiscuous mode
[  172.925629][T11553] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  172.933861][T11553] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  172.952122][T11401] batman_adv: batadv0: Interface activated: batadv_slave_0
[  172.964534][T11401] batman_adv: batadv0: Interface activated: batadv_slave_1
[  172.974374][T11401] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  172.978427][T11562] loop4: detected capacity change from 0 to 8192
[  172.983188][T11401] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  172.998139][T11401] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.006865][T11401] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.071783][T11570] loop5: detected capacity change from 0 to 128
[  173.080037][   T29] audit: type=1326 audit(1750974018.091:13420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.6.2968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  173.105801][   T29] audit: type=1326 audit(1750974018.091:13421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.6.2968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  173.129515][   T29] audit: type=1326 audit(1750974018.101:13422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.6.2968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  173.153207][   T29] audit: type=1326 audit(1750974018.101:13423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.6.2968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  173.176965][   T29] audit: type=1326 audit(1750974018.101:13424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.6.2968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  173.200694][   T29] audit: type=1326 audit(1750974018.101:13425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11569 comm="syz.6.2968" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  173.202824][T11574] syz.5.3021: attempt to access beyond end of device
[  173.202824][T11574] loop5: rw=0, sector=97, nr_sectors = 120 limit=128
[  173.251623][T11571] loop6: detected capacity change from 0 to 256
[  173.259340][T11571] FAT-fs (loop6): bogus sectors per cluster 255
[  173.265730][T11571] FAT-fs (loop6): Can't find a valid FAT filesystem
[  173.326828][   T51] kworker/u8:3: attempt to access beyond end of device
[  173.326828][   T51] loop5: rw=1, sector=217, nr_sectors = 824 limit=128
[  173.354035][T11585] loop6: detected capacity change from 0 to 256
[  173.361401][T11585] FAT-fs (loop6): count of clusters too big (178174)
[  173.368241][T11585] FAT-fs (loop6): Can't find a valid FAT filesystem
[  173.421452][T11593] loop0: detected capacity change from 0 to 128
[  173.427468][T11591] loop4: detected capacity change from 0 to 2048
[  173.458394][T11591] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.510561][T11593] syz.0.3030: attempt to access beyond end of device
[  173.510561][T11593] loop0: rw=0, sector=97, nr_sectors = 120 limit=128
[  173.535031][ T3450] kworker/u8:7: attempt to access beyond end of device
[  173.535031][ T3450] loop0: rw=1, sector=217, nr_sectors = 824 limit=128
[  173.589146][T11614] loop6: detected capacity change from 0 to 128
[  173.599432][T11132] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  173.615788][T11132] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  173.640467][T11614] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  173.662149][T11132] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.695231][T11614] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  173.748870][T11622] x_tables: ip6_tables: mh match: only valid for protocol 135
[  173.876992][T11634] loop2: detected capacity change from 0 to 256
[  174.018337][T11401] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  174.402607][T11659] loop0: detected capacity change from 0 to 256
[  174.719708][T11669] x_tables: ip6_tables: mh match: only valid for protocol 135
[  174.767776][T11671] loop4: detected capacity change from 0 to 128
[  174.795001][T11671] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  174.802884][T11671] FAT-fs (loop4): Filesystem has been set read-only
[  174.809721][T11671] syz.4.3052: attempt to access beyond end of device
[  174.809721][T11671] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  174.824811][T11671] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  174.832729][T11671] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  174.841062][T11671] syz.4.3052: attempt to access beyond end of device
[  174.841062][T11671] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  174.874997][T11674] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  174.874997][T11674]    program syz.2.3053 not setting count and/or reply_len properly
[  174.903586][T11674] x_tables: ip6_tables: mh match: only valid for protocol 135
[  175.170378][T11682] loop5: detected capacity change from 0 to 2048
[  175.225073][T11682]  loop5: p1 < > p4
[  175.236349][T11682] loop5: p4 size 8388608 extends beyond EOD, truncated
[  175.390060][T11688] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  175.390060][T11688]    program syz.5.3059 not setting count and/or reply_len properly
[  175.430040][T11688] x_tables: ip6_tables: mh match: only valid for protocol 135
[  175.517883][T11692] __nla_validate_parse: 27 callbacks suppressed
[  175.517901][T11692] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3061'.
[  175.574894][T11692] loop5: detected capacity change from 0 to 128
[  175.692974][T11694] loop5: detected capacity change from 0 to 2048
[  175.709602][T11694] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.748372][T11702] loop6: detected capacity change from 0 to 1024
[  175.755378][T11702] EXT4-fs: inline encryption not supported
[  175.761306][T11702] EXT4-fs: Ignoring removed i_version option
[  175.768348][T11702] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  175.783354][T11702] EXT4-fs error (device loop6): ext4_map_blocks:816: inode #3: block 1: comm syz.6.3064: lblock 1 mapped to illegal pblock 1 (length 1)
[  175.797582][T11702] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.3064: Failed to acquire dquot type 0
[  175.813012][T11706] FAULT_INJECTION: forcing a failure.
[  175.813012][T11706] name failslab, interval 1, probability 0, space 0, times 0
[  175.815060][T11702] EXT4-fs error (device loop6): ext4_free_blocks:6587: comm syz.6.3064: Freeing blocks not in datazone - block = 0, count = 4096
[  175.825669][T11706] CPU: 0 UID: 0 PID: 11706 Comm: syz.0.3066 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  175.825703][T11706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  175.825716][T11706] Call Trace:
[  175.825723][T11706]  <TASK>
[  175.825732][T11706]  __dump_stack+0x1d/0x30
[  175.825807][T11706]  dump_stack_lvl+0xe8/0x140
[  175.825877][T11706]  dump_stack+0x15/0x1b
[  175.825893][T11706]  should_fail_ex+0x265/0x280
[  175.825970][T11706]  should_failslab+0x8c/0xb0
[  175.825992][T11706]  kmem_cache_alloc_node_noprof+0x57/0x320
[  175.826066][T11706]  ? __alloc_skb+0x101/0x320
[  175.826096][T11706]  __alloc_skb+0x101/0x320
[  175.826167][T11706]  netlink_alloc_large_skb+0xba/0xf0
[  175.826197][T11706]  netlink_sendmsg+0x3cf/0x6b0
[  175.826218][T11706]  ? __pfx_netlink_sendmsg+0x10/0x10
[  175.826237][T11706]  __sock_sendmsg+0x142/0x180
[  175.826310][T11706]  ____sys_sendmsg+0x31e/0x4e0
[  175.826343][T11706]  ___sys_sendmsg+0x17b/0x1d0
[  175.826396][T11706]  __x64_sys_sendmsg+0xd4/0x160
[  175.826484][T11706]  x64_sys_call+0x2999/0x2fb0
[  175.826505][T11706]  do_syscall_64+0xd2/0x200
[  175.826523][T11706]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  175.826549][T11706]  ? clear_bhb_loop+0x40/0x90
[  175.826570][T11706]  ? clear_bhb_loop+0x40/0x90
[  175.826627][T11706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.826648][T11706] RIP: 0033:0x7f0c152fe929
[  175.826664][T11706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.826681][T11706] RSP: 002b:00007f0c13967038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  175.826718][T11706] RAX: ffffffffffffffda RBX: 00007f0c15525fa0 RCX: 00007f0c152fe929
[  175.826730][T11706] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  175.826742][T11706] RBP: 00007f0c13967090 R08: 0000000000000000 R09: 0000000000000000
[  175.826755][T11706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.826767][T11706] R13: 0000000000000000 R14: 00007f0c15525fa0 R15: 00007ffc34145508
[  175.826802][T11706]  </TASK>
[  175.922575][T11713] loop4: detected capacity change from 0 to 128
[  175.953371][T11702] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.3064: Invalid inode bitmap blk 0 in block_group 0
[  175.994331][   T31] EXT4-fs error (device loop6): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  176.005545][T11702] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem
[  176.020146][   T31] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 0
[  176.026599][T11702] EXT4-fs (loop6): 1 orphan inode deleted
[  176.105433][T11702] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.115874][ T4961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.127391][T11712] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3069'.
[  176.150405][T11702] EXT4-fs error (device loop6): ext4_map_blocks:780: inode #3: block 1: comm syz.6.3064: lblock 1 mapped to illegal pblock 1 (length 1)
[  176.171622][T11702] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.3064: Failed to acquire dquot type 0
[  176.188377][T11723] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3072'.
[  176.200327][T11723] loop2: detected capacity change from 0 to 128
[  176.227573][T11725] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3074'.
[  176.237407][T11401] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.259733][T11725] loop5: detected capacity change from 0 to 128
[  176.268074][T11728] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  176.276318][T11728] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  176.285739][T11728] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3073'.
[  176.302945][T11727] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3075'.
[  176.372112][T11733] loop2: detected capacity change from 0 to 8192
[  176.557554][T11758] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3086'.
[  176.577409][T11758] loop4: detected capacity change from 0 to 128
[  176.613698][T11765] loop6: detected capacity change from 0 to 2048
[  176.627373][T11749] loop5: detected capacity change from 0 to 512
[  176.645014][T11765] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.652828][T11749] EXT4-fs: Ignoring removed mblk_io_submit option
[  176.694205][T11749] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  176.705734][   T31] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  176.716121][   T31] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.726455][   T31] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  176.729250][T11749] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.760394][T11749] ext4 filesystem being mounted at /562/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.766863][T11401] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  176.802863][T11401] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  176.827485][T11401] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.837667][   T31] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  176.847949][   T31] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.858299][   T31] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  176.875875][T11780] netlink: 209852 bytes leftover after parsing attributes in process `syz.6.3089'.
[  176.885753][T11780] netlink: zone id is out of range
[  176.887444][ T4961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.891131][T11780] netlink: zone id is out of range
[  176.905104][T11780] netlink: zone id is out of range
[  176.910804][T11780] netlink: del zone limit has 8 unknown bytes
[  176.920811][T11752] chnl_net:caif_netlink_parms(): no params data found
[  176.942194][T11781] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3091'.
[  176.951317][T11781] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3091'.
[  176.965672][T11785] loop6: detected capacity change from 0 to 8192
[  176.992631][   T31] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  177.003039][   T31] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.013403][   T31] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  177.106937][T11797] loop6: detected capacity change from 0 to 2048
[  177.137892][   T31] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  177.148290][   T31] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.154663][T11801] loop5: detected capacity change from 0 to 128
[  177.158593][   T31] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  177.182060][T11805] loop0: detected capacity change from 0 to 1024
[  177.186977][T11797] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.201059][T11805] EXT4-fs: inline encryption not supported
[  177.206965][T11805] EXT4-fs: Ignoring removed i_version option
[  177.213413][T11805] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  177.226333][T11805] EXT4-fs error (device loop0): ext4_map_blocks:816: inode #3: block 1: comm syz.0.3099: lblock 1 mapped to illegal pblock 1 (length 1)
[  177.230237][T11801] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  177.240484][T11805] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3099: Failed to acquire dquot type 0
[  177.240654][T11805] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.3099: Freeing blocks not in datazone - block = 0, count = 4096
[  177.240816][T11805] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.3099: Invalid inode bitmap blk 0 in block_group 0
[  177.240879][T11805] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[  177.240967][T11805] EXT4-fs (loop0): 1 orphan inode deleted
[  177.241425][T11805] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.249671][T11800] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm syz.0.3099: lblock 1 mapped to illegal pblock 1 (length 1)
[  177.249888][T11800] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3099: Failed to acquire dquot type 0
[  177.359683][  T297] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  177.376463][  T297] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0
[  177.388627][T11801] ext4 filesystem being mounted at /564/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.402776][T11752] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.409880][T11752] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.419688][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.436483][T11752] bridge_slave_0: entered allmulticast mode
[  177.444902][T11752] bridge_slave_0: entered promiscuous mode
[  177.452142][T11752] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.459211][T11752] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.482388][T11752] bridge_slave_1: entered allmulticast mode
[  177.484126][T11401] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.489101][T11752] bridge_slave_1: entered promiscuous mode
[  177.521326][ T4961] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  177.541119][T11752] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.553582][T11752] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.572116][T11822] loop6: detected capacity change from 0 to 128
[  177.602135][T11752] team0: Port device team_slave_0 added
[  177.630319][T11752] team0: Port device team_slave_1 added
[  177.676357][T11834] loop0: detected capacity change from 0 to 512
[  177.682998][T11833] bio_check_eod: 24419 callbacks suppressed
[  177.683009][T11833] syz.6.3104: attempt to access beyond end of device
[  177.683009][T11833] loop6: rw=0, sector=97, nr_sectors = 120 limit=128
[  177.727665][T11834] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  177.751083][   T51] kworker/u8:3: attempt to access beyond end of device
[  177.751083][   T51] loop6: rw=1, sector=217, nr_sectors = 824 limit=128
[  177.768848][T11834] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  177.779217][   T31] bond0 (unregistering): Released all slaves
[  177.788693][   T31] bond1 (unregistering): Released all slaves
[  177.796499][T11834] System zones: 0-2, 18-18, 34-34
[  177.804416][   T31] bond2 (unregistering): Released all slaves
[  177.805816][T11834] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.814038][   T31] bond3 (unregistering): Released all slaves
[  177.831136][T11834] ext4 filesystem being mounted at /575/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.854988][   T29] kauditd_printk_skb: 282 callbacks suppressed
[  177.855002][   T29] audit: type=1326 audit(1750974022.949:13698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11840 comm="syz.6.3112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  177.896906][   T29] audit: type=1326 audit(1750974022.980:13699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11840 comm="syz.6.3112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  177.920754][   T29] audit: type=1326 audit(1750974022.980:13700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11840 comm="syz.6.3112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  177.944504][   T29] audit: type=1326 audit(1750974022.980:13701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11840 comm="syz.6.3112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  177.968131][   T29] audit: type=1326 audit(1750974022.980:13702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11840 comm="syz.6.3112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  177.991792][   T29] audit: type=1326 audit(1750974022.980:13703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11840 comm="syz.6.3112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  178.002946][T11752] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.022391][T11752] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.048364][T11752] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  178.061284][T11752] batman_adv: batadv0: Adding interface: batadv_slave_1
[  178.068379][T11752] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.094706][T11752] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  178.132882][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.142228][   T31] hsr_slave_0: left promiscuous mode
[  178.148008][   T31] hsr_slave_1: left promiscuous mode
[  178.160911][   T31] veth1_macvtap: left promiscuous mode
[  178.170253][   T31] veth0_macvtap: left promiscuous mode
[  178.175798][   T31] veth1_vlan: left promiscuous mode
[  178.181391][   T31] veth0_vlan: left promiscuous mode
[  178.195910][T11849] loop0: detected capacity change from 0 to 2048
[  178.244762][T11849] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.264533][T11849] 9pnet_fd: Insufficient options for proto=fd
[  178.285750][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.544633][T11861] loop5: detected capacity change from 0 to 1764
[  178.621115][T11752] hsr_slave_0: entered promiscuous mode
[  178.663243][T11752] hsr_slave_1: entered promiscuous mode
[  178.698954][T11752] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  178.729060][T11752] Cannot create hsr debugfs directory
[  178.736515][T11866] loop4: detected capacity change from 0 to 128
[  178.751420][T11868] Invalid ELF header magic: != ELF
[  178.766860][   T29] audit: type=1400 audit(1750974023.852:13704): avc:  denied  { module_load } for  pid=11867 comm="syz.0.3122" path="/sys/kernel/notes" dev="sysfs" ino=210 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  178.827591][T11868] loop0: detected capacity change from 0 to 512
[  178.884154][T11868] journal_path: Non-blockdev passed as './file0'
[  178.890583][T11868] EXT4-fs: error: could not find journal device path
[  178.942035][T11874] loop0: detected capacity change from 0 to 512
[  178.953509][T11866] syz.4.3121: attempt to access beyond end of device
[  178.953509][T11866] loop4: rw=2049, sector=145, nr_sectors = 72 limit=128
[  178.970290][T11874] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  178.993519][T11874] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  179.002247][T11874] System zones: 0-2, 18-18, 34-34
[  179.019159][  T297] kworker/u8:4: attempt to access beyond end of device
[  179.019159][  T297] loop4: rw=1, sector=217, nr_sectors = 824 limit=128
[  179.035035][T11874] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.048775][T11874] ext4 filesystem being mounted at /581/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.112552][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.143904][T11892] x_tables: ip6_tables: mh match: only valid for protocol 135
[  179.173955][T11890] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  179.182253][T11890] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  179.198603][T11898] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  179.198603][T11898]    program syz.6.3133 not setting count and/or reply_len properly
[  179.218007][T11898] x_tables: ip6_tables: mh match: only valid for protocol 135
[  179.244177][T11903] loop6: detected capacity change from 0 to 128
[  179.291596][T11910] loop5: detected capacity change from 0 to 512
[  179.306534][T11910] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  179.325999][T11903] syz.6.3135: attempt to access beyond end of device
[  179.325999][T11903] loop6: rw=0, sector=97, nr_sectors = 120 limit=128
[  179.327893][T11752] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  179.348230][T11752] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  179.355395][T11910] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  179.363521][T11910] System zones: 0-2, 18-18, 34-34
[  179.365340][T11752] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  179.376385][T11910] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.389625][T11910] ext4 filesystem being mounted at /576/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.389936][T11752] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  179.410306][ T1458] kworker/u8:6: attempt to access beyond end of device
[  179.410306][ T1458] loop6: rw=1, sector=217, nr_sectors = 824 limit=128
[  179.440264][ T4961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.471198][   T29] audit: type=1326 audit(1750974024.581:13705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11923 comm="syz.6.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  179.480054][T11752] 8021q: adding VLAN 0 to HW filter on device bond0
[  179.506218][T11924] loop6: detected capacity change from 0 to 256
[  179.507537][T11752] 8021q: adding VLAN 0 to HW filter on device team0
[  179.520306][T11924] vfat: Unknown parameter '
�jp�ŝ���A�^ԯ��'Ӄ���t���'
[  179.531921][T11926] loop5: detected capacity change from 0 to 256
[  179.532817][  T297] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.543359][T11926] vfat: Unknown parameter '�jp�ŝ���A�^ԯ��'Ӄ���t���'
[  179.545230][  T297] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.560513][   T29] audit: type=1326 audit(1750974024.611:13706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11923 comm="syz.6.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  179.584247][   T29] audit: type=1326 audit(1750974024.611:13707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11923 comm="syz.6.3142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb92cdce929 code=0x7ffc0000
[  179.590239][T11752] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  179.618199][T11752] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  179.633062][  T297] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.640183][  T297] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.684147][T11933] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  179.684147][T11933]    program syz.5.3144 not setting count and/or reply_len properly
[  179.687248][T11932] x_tables: ip6_tables: mh match: only valid for protocol 135
[  179.702535][T11933] x_tables: ip6_tables: mh match: only valid for protocol 135
[  179.734288][T11752] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.807334][T11752] veth0_vlan: entered promiscuous mode
[  179.822275][T11752] veth1_vlan: entered promiscuous mode
[  179.839447][T11752] veth0_macvtap: entered promiscuous mode
[  179.847807][T11752] veth1_macvtap: entered promiscuous mode
[  179.858946][T11752] batman_adv: batadv0: Interface activated: batadv_slave_0
[  179.872492][T11752] batman_adv: batadv0: Interface activated: batadv_slave_1
[  179.883569][T11949] loop6: detected capacity change from 0 to 8192
[  179.892146][T11752] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  179.900887][T11752] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  179.909655][T11752] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  179.918404][T11752] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  179.994901][T11955] loop2: detected capacity change from 0 to 256
[  180.002685][T11955] FAT-fs (loop2): count of clusters too big (178174)
[  180.009476][T11955] FAT-fs (loop2): Can't find a valid FAT filesystem
[  180.030624][T11960] FAULT_INJECTION: forcing a failure.
[  180.030624][T11960] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.043727][T11960] CPU: 1 UID: 0 PID: 11960 Comm: syz.6.3152 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  180.043798][T11960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  180.043809][T11960] Call Trace:
[  180.043814][T11960]  <TASK>
[  180.043822][T11960]  __dump_stack+0x1d/0x30
[  180.043842][T11960]  dump_stack_lvl+0xe8/0x140
[  180.043936][T11960]  dump_stack+0x15/0x1b
[  180.043953][T11960]  should_fail_ex+0x265/0x280
[  180.043981][T11960]  should_fail+0xb/0x20
[  180.044009][T11960]  should_fail_usercopy+0x1a/0x20
[  180.044067][T11960]  _copy_from_user+0x1c/0xb0
[  180.044088][T11960]  ip_tunnel_parm_from_user+0x4c/0x230
[  180.044159][T11960]  ip_tunnel_siocdevprivate+0x45/0xe0
[  180.044190][T11960]  dev_ifsioc+0x8f8/0xaa0
[  180.044211][T11960]  dev_ioctl+0x78d/0x960
[  180.044228][T11960]  sock_ioctl+0x593/0x610
[  180.044257][T11960]  ? __pfx_sock_ioctl+0x10/0x10
[  180.044276][T11960]  __se_sys_ioctl+0xce/0x140
[  180.044303][T11960]  __x64_sys_ioctl+0x43/0x50
[  180.044378][T11960]  x64_sys_call+0x19a8/0x2fb0
[  180.044465][T11960]  do_syscall_64+0xd2/0x200
[  180.044481][T11960]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  180.044504][T11960]  ? clear_bhb_loop+0x40/0x90
[  180.044572][T11960]  ? clear_bhb_loop+0x40/0x90
[  180.044654][T11960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.044680][T11960] RIP: 0033:0x7fb92cdce929
[  180.044693][T11960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.044754][T11960] RSP: 002b:00007fb92b437038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  180.044772][T11960] RAX: ffffffffffffffda RBX: 00007fb92cff5fa0 RCX: 00007fb92cdce929
[  180.044810][T11960] RDX: 0000200000001040 RSI: 00000000000089f1 RDI: 0000000000000005
[  180.044821][T11960] RBP: 00007fb92b437090 R08: 0000000000000000 R09: 0000000000000000
[  180.044833][T11960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.044845][T11960] R13: 0000000000000000 R14: 00007fb92cff5fa0 R15: 00007ffc68f7cf18
[  180.044861][T11960]  </TASK>
[  180.281946][T11966] x_tables: ip6_tables: mh match: only valid for protocol 135
[  180.291369][T11967] loop0: detected capacity change from 0 to 256
[  180.298040][T11967] vfat: Unknown parameter '�jp�ŝ���A�^ԯ��'Ӄ���t���'
[  180.354005][T11969] loop6: detected capacity change from 0 to 256
[  180.401661][T11969] FAT-fs (loop6): count of clusters too big (178174)
[  180.408494][T11969] FAT-fs (loop6): Can't find a valid FAT filesystem
[  180.457545][T11980] vhci_hcd: invalid port number 96
[  180.462705][T11980] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  180.512376][T11988] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  180.520671][T11988] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  180.547292][T11988] __nla_validate_parse: 5 callbacks suppressed
[  180.547306][T11988] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3160'.
[  180.861397][T12035] loop5: detected capacity change from 0 to 128
[  180.867373][T12033] FAULT_INJECTION: forcing a failure.
[  180.867373][T12033] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.880889][T12033] CPU: 1 UID: 0 PID: 12033 Comm: syz.4.3176 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  180.880991][T12033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  180.881002][T12033] Call Trace:
[  180.881007][T12033]  <TASK>
[  180.881015][T12033]  __dump_stack+0x1d/0x30
[  180.881035][T12033]  dump_stack_lvl+0xe8/0x140
[  180.881088][T12033]  dump_stack+0x15/0x1b
[  180.881176][T12033]  should_fail_ex+0x265/0x280
[  180.881205][T12033]  should_fail+0xb/0x20
[  180.881290][T12033]  should_fail_usercopy+0x1a/0x20
[  180.881322][T12033]  _copy_to_user+0x20/0xa0
[  180.881339][T12033]  simple_read_from_buffer+0xb5/0x130
[  180.881434][T12033]  proc_fail_nth_read+0x100/0x140
[  180.881467][T12033]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  180.881499][T12033]  vfs_read+0x1a0/0x6f0
[  180.881582][T12033]  ? __rcu_read_unlock+0x4f/0x70
[  180.881605][T12033]  ? __fget_files+0x184/0x1c0
[  180.881656][T12033]  ksys_read+0xda/0x1a0
[  180.881681][T12033]  __x64_sys_read+0x40/0x50
[  180.881763][T12033]  x64_sys_call+0x2d77/0x2fb0
[  180.881809][T12033]  do_syscall_64+0xd2/0x200
[  180.881827][T12033]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  180.881866][T12033]  ? clear_bhb_loop+0x40/0x90
[  180.881883][T12033]  ? clear_bhb_loop+0x40/0x90
[  180.881904][T12033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.881921][T12033] RIP: 0033:0x7f187a55d33c
[  180.881935][T12033] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  180.881973][T12033] RSP: 002b:00007f1878bc7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  180.881994][T12033] RAX: ffffffffffffffda RBX: 00007f187a785fa0 RCX: 00007f187a55d33c
[  180.882004][T12033] RDX: 000000000000000f RSI: 00007f1878bc70a0 RDI: 0000000000000003
[  180.882015][T12033] RBP: 00007f1878bc7090 R08: 0000000000000000 R09: 0000000000000000
[  180.882025][T12033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.882067][T12033] R13: 0000000000000000 R14: 00007f187a785fa0 R15: 00007ffdaf9deb08
[  180.882138][T12033]  </TASK>
[  181.103477][T12035] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  181.116738][T12035] ext4 filesystem being mounted at /582/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  181.201356][T12049] loop2: detected capacity change from 0 to 1024
[  181.221866][T12049] EXT4-fs: inline encryption not supported
[  181.227850][T12049] EXT4-fs: Ignoring removed i_version option
[  181.246704][T12049] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  181.273933][T12049] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #3: block 1: comm syz.2.3181: lblock 1 mapped to illegal pblock 1 (length 1)
[  181.305248][T12049] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3181: Failed to acquire dquot type 0
[  181.316933][T12049] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.3181: Freeing blocks not in datazone - block = 0, count = 4096
[  181.353010][T12049] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3181: Invalid inode bitmap blk 0 in block_group 0
[  181.383723][   T41] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  181.404592][T12049] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  181.423758][T12049] EXT4-fs (loop2): 1 orphan inode deleted
[  181.429545][   T41] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0
[  181.441397][T12049] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.461691][T12067] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3187'.
[  181.471722][T12067] loop6: detected capacity change from 0 to 128
[  181.479279][T12049] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm syz.2.3181: lblock 1 mapped to illegal pblock 1 (length 1)
[  181.506245][T12049] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3181: Failed to acquire dquot type 0
[  181.527070][ T4961] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  181.570345][T12067] syz.6.3187: attempt to access beyond end of device
[  181.570345][T12067] loop6: rw=0, sector=97, nr_sectors = 120 limit=128
[  181.599716][T11752] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.611708][   T51] kworker/u8:3: attempt to access beyond end of device
[  181.611708][   T51] loop6: rw=1, sector=217, nr_sectors = 824 limit=128
[  181.714760][T12079] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  181.714760][T12079]    program syz.0.3191 not setting count and/or reply_len properly
[  181.842504][T12088] loop5: detected capacity change from 0 to 8192
[  181.903762][T12089] loop6: detected capacity change from 0 to 1024
[  181.911998][T12074] x_tables: ip6_tables: mh match: only valid for protocol 135
[  181.931365][T12089] EXT4-fs: inline encryption not supported
[  181.937329][T12089] EXT4-fs: Ignoring removed i_version option
[  181.976782][T12089] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  182.018559][T12089] EXT4-fs error (device loop6): ext4_map_blocks:816: inode #3: block 1: comm syz.6.3194: lblock 1 mapped to illegal pblock 1 (length 1)
[  182.058927][T12089] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.3194: Failed to acquire dquot type 0
[  182.082290][T12096] loop0: detected capacity change from 0 to 128
[  182.091699][T12097] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3189'.
[  182.103873][T12097] loop2: detected capacity change from 0 to 128
[  182.116029][T12096] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  182.118408][T12089] EXT4-fs error (device loop6): ext4_free_blocks:6587: comm syz.6.3194: Freeing blocks not in datazone - block = 0, count = 4096
[  182.129442][T12096] ext4 filesystem being mounted at /591/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  182.178991][T12089] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.3194: Invalid inode bitmap blk 0 in block_group 0
[  182.234001][ T3450] EXT4-fs error (device loop6): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:7: lblock 1 mapped to illegal pblock 1 (length 1)
[  182.257371][T12089] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem
[  182.276525][T12089] EXT4-fs (loop6): 1 orphan inode deleted
[  182.282294][ T3450] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 0
[  182.295396][T12089] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.318061][T12100] syz.2.3189: attempt to access beyond end of device
[  182.318061][T12100] loop2: rw=2049, sector=145, nr_sectors = 72 limit=128
[  182.375682][ T3450] kworker/u8:7: attempt to access beyond end of device
[  182.375682][ T3450] loop2: rw=1, sector=217, nr_sectors = 824 limit=128
[  182.431846][T11401] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.490621][T12114] loop5: detected capacity change from 0 to 1024
[  182.499213][T12116] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3205'.
[  182.513239][T12114] EXT4-fs: inline encryption not supported
[  182.519138][T12114] EXT4-fs: Ignoring removed i_version option
[  182.527352][T12114] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  182.542316][T12114] EXT4-fs error (device loop5): ext4_map_blocks:816: inode #3: block 1: comm syz.5.3204: lblock 1 mapped to illegal pblock 1 (length 1)
[  182.559189][T12114] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3204: Failed to acquire dquot type 0
[  182.571194][T12114] EXT4-fs error (device loop5): ext4_free_blocks:6587: comm syz.5.3204: Freeing blocks not in datazone - block = 0, count = 4096
[  182.585770][T12114] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.3204: Invalid inode bitmap blk 0 in block_group 0
[  182.598675][   T41] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  182.604321][T12114] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[  182.622177][   T41] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0
[  182.622679][T12121] 9pnet: Could not find request transport: 0xffffffffffffffff
[  182.636339][T12114] EXT4-fs (loop5): 1 orphan inode deleted
[  182.647616][T12114] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.685118][ T4961] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.728803][ T3312] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  182.803726][T12138] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3213'.
[  182.814234][T12138] loop5: detected capacity change from 0 to 128
[  182.828807][T12143] x_tables: ip6_tables: mh match: only valid for protocol 135
[  182.882794][T12138] syz.5.3213: attempt to access beyond end of device
[  182.882794][T12138] loop5: rw=0, sector=97, nr_sectors = 120 limit=128
[  182.909997][   T51] kworker/u8:3: attempt to access beyond end of device
[  182.909997][   T51] loop5: rw=1, sector=217, nr_sectors = 824 limit=128
[  182.939792][   T29] kauditd_printk_skb: 290 callbacks suppressed
[  182.939808][   T29] audit: type=1400 audit(1750974028.133:13987): avc:  denied  { read } for  pid=12146 comm="syz.2.3218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  182.991189][T12153] loop2: detected capacity change from 0 to 128
[  183.000296][T12155] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3221'.
[  183.000572][T12153] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  183.021668][T12155] loop5: detected capacity change from 0 to 128
[  183.022025][T12153] ext4 filesystem being mounted at /20/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  183.127547][T12155] syz.5.3221: attempt to access beyond end of device
[  183.127547][T12155] loop5: rw=0, sector=97, nr_sectors = 120 limit=128
[  183.168058][ T1458] kworker/u8:6: attempt to access beyond end of device
[  183.168058][ T1458] loop5: rw=1, sector=217, nr_sectors = 824 limit=128
[  183.334472][T11752] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  183.394061][T12181] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  183.394061][T12181]    program syz.2.3228 not setting count and/or reply_len properly
[  183.443237][T12183] loop5: detected capacity change from 0 to 512
[  183.468866][   T29] audit: type=1326 audit(1750974028.668:13988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  183.470535][T12183] EXT4-fs: Ignoring removed i_version option
[  183.492633][   T29] audit: type=1326 audit(1750974028.668:13989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  183.522396][   T29] audit: type=1326 audit(1750974028.668:13990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9657e3d290 code=0x7ffc0000
[  183.546220][   T29] audit: type=1326 audit(1750974028.668:13991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f9657e40157 code=0x7ffc0000
[  183.569927][   T29] audit: type=1326 audit(1750974028.668:13992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  183.593518][   T29] audit: type=1326 audit(1750974028.668:13993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f9657e40157 code=0x7ffc0000
[  183.593925][T12130] 9pnet_fd: p9_fd_create_tcp (12130): problem connecting socket to 127.0.0.1
[  183.617288][   T29] audit: type=1326 audit(1750974028.668:13994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9657e3d58a code=0x7ffc0000
[  183.645798][T12187] loop2: detected capacity change from 0 to 2048
[  183.649467][   T29] audit: type=1326 audit(1750974028.668:13995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  183.679491][   T29] audit: type=1326 audit(1750974028.668:13996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12186 comm="syz.2.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  183.707424][T12183] EXT4-fs (loop5): orphan cleanup on readonly fs
[  183.715218][T12183] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3232: bg 0: block 131: padding at end of block bitmap is not set
[  183.739368][T12183] EXT4-fs (loop5): Remounting filesystem read-only
[  183.750346][T12183] EXT4-fs (loop5): 1 truncate cleaned up
[  183.752255][T12187]  loop2: p1 < > p4
[  183.761951][T12187] loop2: p4 size 8388608 extends beyond EOD, truncated
[  183.854048][T12197] loop4: detected capacity change from 0 to 128
[  183.877529][T12197] ext4 filesystem being mounted at /73/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  184.041581][T12218] loop6: detected capacity change from 0 to 164
[  184.056963][   T51] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.070984][T12218] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  184.104735][T12218] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3243'.
[  184.113764][T12218] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3243'.
[  184.155386][   T51] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.166805][T12218] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  184.195569][T12223] loop2: detected capacity change from 0 to 1024
[  184.202139][T12218] rock: directory entry would overflow storage
[  184.208395][T12218] rock: sig=0x4f50, size=4, remaining=3
[  184.214074][T12218] iso9660: Corrupted directory entry in block 4 of inode 1792
[  184.214884][T12223] EXT4-fs: inline encryption not supported
[  184.227407][T12223] EXT4-fs: Ignoring removed i_version option
[  184.243929][   T51] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.250095][T12223] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  184.301050][T12223] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #3: block 1: comm syz.2.3246: lblock 1 mapped to illegal pblock 1 (length 1)
[  184.319226][   T51] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.326560][T12223] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3246: Failed to acquire dquot type 0
[  184.357312][T12223] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.3246: Freeing blocks not in datazone - block = 0, count = 4096
[  184.375911][T12200] chnl_net:caif_netlink_parms(): no params data found
[  184.390853][T12223] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.3246: Invalid inode bitmap blk 0 in block_group 0
[  184.406053][  T297] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  184.410653][T12223] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  184.430305][  T297] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0
[  184.430559][T12223] EXT4-fs (loop2): 1 orphan inode deleted
[  184.498703][T12200] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.505803][T12200] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.514428][T12200] bridge_slave_0: entered allmulticast mode
[  184.521039][T12200] bridge_slave_0: entered promiscuous mode
[  184.526996][T12233] loop0: detected capacity change from 0 to 8192
[  184.653028][   T51] bond0 (unregistering): Released all slaves
[  184.662093][T12200] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.669207][T12200] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.676471][T12200] bridge_slave_1: entered allmulticast mode
[  184.683361][T12200] bridge_slave_1: entered promiscuous mode
[  184.705191][T12200] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  184.715750][T12200] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  184.733404][   T51] hsr_slave_0: left promiscuous mode
[  184.739987][   T51] hsr_slave_1: left promiscuous mode
[  184.757732][   T51] veth1_macvtap: left promiscuous mode
[  184.763278][   T51] veth0_macvtap: left promiscuous mode
[  184.771028][   T51] veth1_vlan: left promiscuous mode
[  184.788339][   T51] veth0_vlan: left promiscuous mode
[  184.820883][T12259] loop6: detected capacity change from 0 to 2048
[  184.878438][T12259]  loop6: p1 < > p4
[  184.884320][T12259] loop6: p4 size 8388608 extends beyond EOD, truncated
[  184.927536][T12263] loop2: detected capacity change from 0 to 128
[  184.945409][T12262] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3258'.
[  184.955423][T12200] team0: Port device team_slave_0 added
[  184.967923][T12200] team0: Port device team_slave_1 added
[  184.974377][T12265] FAULT_INJECTION: forcing a failure.
[  184.974377][T12265] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.987514][T12265] CPU: 1 UID: 0 PID: 12265 Comm: syz.6.3259 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  184.987615][T12265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  184.987628][T12265] Call Trace:
[  184.987635][T12265]  <TASK>
[  184.987643][T12265]  __dump_stack+0x1d/0x30
[  184.987672][T12265]  dump_stack_lvl+0xe8/0x140
[  184.987692][T12265]  dump_stack+0x15/0x1b
[  184.987739][T12265]  should_fail_ex+0x265/0x280
[  184.987764][T12265]  should_fail+0xb/0x20
[  184.987789][T12265]  should_fail_usercopy+0x1a/0x20
[  184.987889][T12265]  _copy_from_user+0x1c/0xb0
[  184.987911][T12265]  sctp_setsockopt+0x154/0xe30
[  184.987939][T12265]  sock_common_setsockopt+0x66/0x80
[  184.988008][T12265]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  184.988042][T12265]  __sys_setsockopt+0x181/0x200
[  184.988069][T12265]  __x64_sys_setsockopt+0x64/0x80
[  184.988134][T12265]  x64_sys_call+0x2bd5/0x2fb0
[  184.988153][T12265]  do_syscall_64+0xd2/0x200
[  184.988226][T12265]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  184.988251][T12265]  ? clear_bhb_loop+0x40/0x90
[  184.988383][T12265]  ? clear_bhb_loop+0x40/0x90
[  184.988403][T12265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.988423][T12265] RIP: 0033:0x7fb92cdce929
[  184.988444][T12265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.988462][T12265] RSP: 002b:00007fb92b437038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  184.988556][T12265] RAX: ffffffffffffffda RBX: 00007fb92cff5fa0 RCX: 00007fb92cdce929
[  184.988583][T12265] RDX: 000000000000007c RSI: 0000000000000084 RDI: 0000000000000003
[  184.988595][T12265] RBP: 00007fb92b437090 R08: 0000000000000008 R09: 0000000000000000
[  184.988608][T12265] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  184.988621][T12265] R13: 0000000000000000 R14: 00007fb92cff5fa0 R15: 00007ffc68f7cf18
[  184.988641][T12265]  </TASK>
[  185.028173][T12262] syz.2.3258: attempt to access beyond end of device
[  185.028173][T12262] loop2: rw=0, sector=97, nr_sectors = 120 limit=128
[  185.079741][T12273] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  185.079741][T12273]    program syz.0.3262 not setting count and/or reply_len properly
[  185.141728][T12277] x_tables: ip6_tables: mh match: only valid for protocol 135
[  185.252955][T12200] batman_adv: batadv0: Adding interface: batadv_slave_0
[  185.259979][T12200] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.286010][T12200] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  185.297966][ T1458] kworker/u8:6: attempt to access beyond end of device
[  185.297966][ T1458] loop2: rw=1, sector=217, nr_sectors = 824 limit=128
[  185.312351][T12200] batman_adv: batadv0: Adding interface: batadv_slave_1
[  185.319400][T12200] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.345353][T12200] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  185.366726][T12284] loop4: detected capacity change from 0 to 2048
[  185.420754][T12200] hsr_slave_0: entered promiscuous mode
[  185.432976][T12200] hsr_slave_1: entered promiscuous mode
[  185.439051][T12200] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  185.447763][T12200] Cannot create hsr debugfs directory
[  185.503050][T11132] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  185.522596][T11132] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  185.619863][T12321] veth1_to_bond: entered promiscuous mode
[  185.630944][T12324] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3275'.
[  185.656949][T12324] loop4: detected capacity change from 0 to 128
[  185.673695][T12326] loop0: detected capacity change from 0 to 256
[  185.680665][T12326] vfat: Unknown parameter '�jp�ŝ���A�^ԯ��'Ӄ���t���'
[  185.721055][T12320] veth1_to_bond: left promiscuous mode
[  185.735146][T12324] syz.4.3275: attempt to access beyond end of device
[  185.735146][T12324] loop4: rw=0, sector=97, nr_sectors = 120 limit=128
[  185.761297][   T31] kworker/u8:1: attempt to access beyond end of device
[  185.761297][   T31] loop4: rw=1, sector=217, nr_sectors = 824 limit=128
[  185.817583][T12336] loop4: detected capacity change from 0 to 2048
[  185.867902][T12200] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  185.877636][T12200] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  185.884784][T12341] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3277'.
[  185.899667][T12341] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  185.908561][T12341] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  185.917476][T12341] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  185.926411][T12341] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  185.935601][T12341] vxlan0: entered promiscuous mode
[  185.942952][T12200] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  185.951410][T12345] loop6: detected capacity change from 0 to 128
[  185.958315][T12343] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3282'.
[  185.968336][T12200] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  186.006794][T12200] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.018957][T12200] 8021q: adding VLAN 0 to HW filter on device team0
[  186.030856][  T297] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.037982][  T297] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.051918][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.059050][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.108503][T12345] syz.6.3282: attempt to access beyond end of device
[  186.108503][T12345] loop6: rw=0, sector=97, nr_sectors = 120 limit=128
[  186.148197][ T1458] kworker/u8:6: attempt to access beyond end of device
[  186.148197][ T1458] loop6: rw=1, sector=217, nr_sectors = 824 limit=128
[  186.282806][T12200] 8021q: adding VLAN 0 to HW filter on device batadv0
[  186.467443][T12396] loop6: detected capacity change from 0 to 1764
[  186.475932][T12396] iso9660: Corrupted directory entry in block 2 of inode 1920
[  186.665143][T12408] loop2: detected capacity change from 0 to 2048
[  186.704533][T12200] veth0_vlan: entered promiscuous mode
[  186.751620][T12200] veth1_vlan: entered promiscuous mode
[  186.801318][T12200] veth0_macvtap: entered promiscuous mode
[  186.815242][T12200] veth1_macvtap: entered promiscuous mode
[  186.832483][T12200] batman_adv: batadv0: Interface activated: batadv_slave_0
[  186.843590][T12200] batman_adv: batadv0: Interface activated: batadv_slave_1
[  186.853437][T12200] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  186.862327][T12200] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  186.871329][T12200] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  186.880272][T12200] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  186.906437][T12420] sg_write: data in/out 2012/14 bytes for SCSI command 0x6-- guessing data in;
[  186.906437][T12420]    program syz.0.3295 not setting count and/or reply_len properly
[  186.926446][T12420] x_tables: ip6_tables: mh match: only valid for protocol 135
[  187.076532][T12435] loop6: detected capacity change from 0 to 512
[  187.083875][T12435] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  187.115018][T12435] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  187.126227][T12435] System zones: 0-2, 18-18, 34-34
[  187.133028][T12435] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  187.326831][ T3450] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  187.337220][ T3450] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.353520][T12457] loop6: detected capacity change from 0 to 2048
[  187.367653][T12439] chnl_net:caif_netlink_parms(): no params data found
[  187.426123][ T3450] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  187.436587][ T3450] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.482704][T11401] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  187.505958][T12439] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.513247][T12439] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.522783][T11401] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  187.532592][T12439] bridge_slave_0: entered allmulticast mode
[  187.551519][T12439] bridge_slave_0: entered promiscuous mode
[  187.570824][ T3450] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  187.581245][ T3450] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.593171][T12439] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.600296][T12439] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.607736][T12439] bridge_slave_1: entered allmulticast mode
[  187.614186][T12439] bridge_slave_1: entered promiscuous mode
[  187.631490][T12470] netlink: 'syz.6.3308': attribute type 10 has an invalid length.
[  187.632946][T12439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.650257][T12439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.664199][T12470] team0 (unregistering): Port device team_slave_0 removed
[  187.672828][T12470] team0 (unregistering): Port device team_slave_1 removed
[  187.685724][ T3450] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  187.696114][ T3450] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.719114][T12439] team0: Port device team_slave_0 added
[  187.726274][T12439] team0: Port device team_slave_1 added
[  187.795037][T12474] loop6: detected capacity change from 0 to 2048
[  187.807888][T12439] batman_adv: batadv0: Adding interface: batadv_slave_0
[  187.814942][T12439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.841020][T12439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  187.856927][   T29] kauditd_printk_skb: 411 callbacks suppressed
[  187.856942][   T29] audit: type=1326 audit(1750974033.146:14405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12473 comm="syz.6.3310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb92cdcd58a code=0x7ffc0000
[  187.886623][   T29] audit: type=1326 audit(1750974033.146:14406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12473 comm="syz.6.3310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb92cdce52b code=0x7ffc0000
[  187.910133][   T29] audit: type=1326 audit(1750974033.146:14407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12473 comm="syz.6.3310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb92cdce52b code=0x7ffc0000
[  188.056363][   T29] audit: type=1326 audit(1750974033.393:14408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12478 comm="syz.2.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  188.080062][   T29] audit: type=1326 audit(1750974033.393:14409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12478 comm="syz.2.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  188.104412][   T29] audit: type=1326 audit(1750974033.413:14410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12478 comm="syz.2.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  188.107163][T12474]  loop6: p1 < > p4
[  188.129788][T12439] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.138905][T12439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.165043][T12439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.174539][   T29] audit: type=1326 audit(1750974033.496:14411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12478 comm="syz.2.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  188.187344][T12474] loop6: p4 size 8388608 extends beyond EOD, truncated
[  188.199218][   T29] audit: type=1326 audit(1750974033.506:14412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12478 comm="syz.2.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  188.229671][   T29] audit: type=1326 audit(1750974033.506:14413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12478 comm="syz.2.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  188.253307][   T29] audit: type=1326 audit(1750974033.506:14414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12478 comm="syz.2.3311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9657e3e929 code=0x7ffc0000
[  188.295658][T12476] loop4: detected capacity change from 0 to 1764
[  188.306826][T12476] iso9660: Corrupted directory entry in block 2 of inode 1920
[  188.387064][T12439] hsr_slave_0: entered promiscuous mode
[  188.393306][T12439] hsr_slave_1: entered promiscuous mode
[  188.402787][T12439] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  188.413921][T12439] Cannot create hsr debugfs directory
[  188.498275][ T3450] bridge_slave_1: left allmulticast mode
[  188.504020][ T3450] bridge_slave_1: left promiscuous mode
[  188.509678][ T3450] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.590487][ T3450] bridge_slave_0: left promiscuous mode
[  188.596214][ T3450] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.770439][ T3450] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  188.784209][ T3450] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  188.801144][ T3450] bond0 (unregistering): Released all slaves
[  188.829846][T12506] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  188.850239][T12506] loop4: detected capacity change from 0 to 512
[  188.861477][T12506] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3319: bg 0: block 393: padding at end of block bitmap is not set
[  188.877800][T12506] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  188.888407][T12506] EXT4-fs (loop4): 2 truncates cleaned up
[  188.911404][ T3450] hsr_slave_0: left promiscuous mode
[  188.916981][ T3450] hsr_slave_1: left promiscuous mode
[  188.922917][ T3450] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  188.923735][T12508] loop6: detected capacity change from 0 to 2048
[  188.930402][ T3450] batman_adv: batadv0: Removing interface: batadv_slave_0
[  188.944294][ T3450] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  188.951831][ T3450] batman_adv: batadv0: Removing interface: batadv_slave_1
[  188.961891][T12514] loop5: detected capacity change from 0 to 128
[  188.972881][ T3450] veth1_macvtap: left promiscuous mode
[  188.978194][T12508]  loop6: p1 < > p4
[  188.978440][ T3450] veth0_macvtap: left promiscuous mode
[  188.983057][T12508] loop6: p4 size 8388608 extends beyond EOD, truncated
[  188.987765][ T3450] veth1_vlan: left allmulticast mode
[  188.999989][ T3450] veth1_vlan: left promiscuous mode
[  189.005478][ T3450] veth0_vlan: left promiscuous mode
[  189.068103][T12518] syz.5.3322: attempt to access beyond end of device
[  189.068103][T12518] loop5: rw=0, sector=97, nr_sectors = 120 limit=128
[  189.083036][T12521] loop4: detected capacity change from 0 to 128
[  189.102535][ T3450] team0 (unregistering): Port device team_slave_1 removed
[  189.112322][ T3450] team0 (unregistering): Port device team_slave_0 removed
[  189.139491][T12511] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3322'.
[  189.152280][T12516] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3323'.
[  189.172755][   T31] kworker/u8:1: attempt to access beyond end of device
[  189.172755][   T31] loop5: rw=1, sector=217, nr_sectors = 824 limit=128
[  189.285289][T12516] syz.4.3323: attempt to access beyond end of device
[  189.285289][T12516] loop4: rw=0, sector=97, nr_sectors = 120 limit=128
[  189.314853][   T31] kworker/u8:1: attempt to access beyond end of device
[  189.314853][   T31] loop4: rw=1, sector=217, nr_sectors = 824 limit=128
[  189.372705][T12534] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.3329'.
[  189.530158][T12541] loop5: detected capacity change from 0 to 1764
[  189.538867][T12541] iso9660: Corrupted directory entry in block 2 of inode 1920
[  189.557311][ T3450] IPVS: stop unused estimator thread 0...
[  189.666737][T12439] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  189.702597][T12439] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  189.810270][T12439] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  189.833994][T12439] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  189.857985][T12556] FAULT_INJECTION: forcing a failure.
[  189.857985][T12556] name failslab, interval 1, probability 0, space 0, times 0
[  189.870639][T12556] CPU: 1 UID: 0 PID: 12556 Comm: syz.4.3337 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  189.870668][T12556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.870680][T12556] Call Trace:
[  189.870686][T12556]  <TASK>
[  189.870771][T12556]  __dump_stack+0x1d/0x30
[  189.870793][T12556]  dump_stack_lvl+0xe8/0x140
[  189.870880][T12556]  dump_stack+0x15/0x1b
[  189.870895][T12556]  should_fail_ex+0x265/0x280
[  189.870927][T12556]  ? sf_setstate+0x188/0x300
[  189.871054][T12556]  should_failslab+0x8c/0xb0
[  189.871074][T12556]  __kmalloc_cache_noprof+0x4c/0x320
[  189.871172][T12556]  sf_setstate+0x188/0x300
[  189.871197][T12556]  ip_mc_del_src+0x31b/0x480
[  189.871223][T12556]  ip_mc_drop_socket+0x145/0x1e0
[  189.871247][T12556]  inet_release+0x31/0xf0
[  189.871335][T12556]  sock_close+0x6b/0x150
[  189.871358][T12556]  ? __pfx_sock_close+0x10/0x10
[  189.871396][T12556]  __fput+0x298/0x650
[  189.871424][T12556]  ____fput+0x1c/0x30
[  189.871446][T12556]  task_work_run+0x12e/0x1a0
[  189.871474][T12556]  exit_to_user_mode_loop+0xe4/0x100
[  189.871545][T12556]  do_syscall_64+0x1d6/0x200
[  189.871564][T12556]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  189.871590][T12556]  ? clear_bhb_loop+0x40/0x90
[  189.871610][T12556]  ? clear_bhb_loop+0x40/0x90
[  189.871634][T12556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.871747][T12556] RIP: 0033:0x7f187a55e929
[  189.871843][T12556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.871859][T12556] RSP: 002b:00007f1878bc7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  189.871876][T12556] RAX: 0000000000000000 RBX: 00007f187a785fa0 RCX: 00007f187a55e929
[  189.871887][T12556] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000005
[  189.871898][T12556] RBP: 00007f1878bc7090 R08: 0000000000000000 R09: 0000000000000000
[  189.871914][T12556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.871946][T12556] R13: 0000000000000000 R14: 00007f187a785fa0 R15: 00007ffdaf9deb08
[  189.872024][T12556]  </TASK>
[  189.877104][T12563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3339'.
[  189.949818][T12569] loop2: detected capacity change from 0 to 128
[  190.063219][T12439] 8021q: adding VLAN 0 to HW filter on device bond0
[  190.100025][T12572] vhci_hcd: invalid port number 96
[  190.110693][T12572] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  190.117935][T12572] ==================================================================
[  190.126025][T12572] BUG: KCSAN: data-race in usbdev_ioctl / usbdev_ioctl
[  190.132890][T12572] 
[  190.135206][T12572] write to 0xffff888102467df8 of 4 bytes by task 12571 on cpu 0:
[  190.142915][T12572]  usbdev_ioctl+0x5ff/0x1710
[  190.147507][T12572]  __se_sys_ioctl+0xce/0x140
[  190.152096][T12572]  __x64_sys_ioctl+0x43/0x50
[  190.156687][T12572]  x64_sys_call+0x19a8/0x2fb0
[  190.161357][T12572]  do_syscall_64+0xd2/0x200
[  190.165852][T12572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.171734][T12572] 
[  190.174043][T12572] write to 0xffff888102467df8 of 4 bytes by task 12572 on cpu 1:
[  190.181753][T12572]  usbdev_ioctl+0x5ff/0x1710
[  190.186337][T12572]  __se_sys_ioctl+0xce/0x140
[  190.190920][T12572]  __x64_sys_ioctl+0x43/0x50
[  190.195505][T12572]  x64_sys_call+0x19a8/0x2fb0
[  190.200172][T12572]  do_syscall_64+0xd2/0x200
[  190.204665][T12572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.210548][T12572] 
[  190.212857][T12572] value changed: 0x23d51167 -> 0x1da462e1
[  190.218558][T12572] 
[  190.220867][T12572] Reported by Kernel Concurrency Sanitizer on:
[  190.227007][T12572] CPU: 1 UID: 0 PID: 12572 Comm: syz.4.3341 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(voluntary) 
[  190.239490][T12572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  190.249538][T12572] ==================================================================
[  190.268676][T12439] 8021q: adding VLAN 0 to HW filter on device team0
[  190.287529][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.294725][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.304390][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.311460][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.401335][T12439] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.432700][T12563] syz.2.3339: attempt to access beyond end of device
[  190.432700][T12563] loop2: rw=0, sector=97, nr_sectors = 120 limit=128
[  190.468061][  T297] kworker/u8:4: attempt to access beyond end of device
[  190.468061][  T297] loop2: rw=1, sector=217, nr_sectors = 824 limit=128
[  190.472438][T12439] veth0_vlan: entered promiscuous mode
[  190.493212][T12439] veth1_vlan: entered promiscuous mode
[  190.507395][T12439] veth0_macvtap: entered promiscuous mode
[  190.514634][T12439] veth1_macvtap: entered promiscuous mode
[  190.524827][T12439] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.535375][T12439] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.545290][T12439] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.554077][T12439] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.562878][T12439] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.571631][T12439] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0