last executing test programs:

2m42.610160244s ago: executing program 32 (id=449):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x6e, &(0x7f0000000040)={@link_local, @local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @empty}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x0, 0xffff]}, {0x8, 0x88be, 0x0, {{}, 0x1, {0x3600}}}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x0, 0xffff}}}}}}}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r7}, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e00"}}}]}, 0x48}}, 0x0)
r9 = syz_io_uring_setup(0x521d, &(0x7f00000001c0)={0x0, 0x1ca3, 0x0, 0x0, 0x296}, &(0x7f00000002c0), &(0x7f0000000340))
io_uring_register$IORING_REGISTER_FILES(r9, 0x2, &(0x7f0000000380)=[r1, r5, r4, r2, r3, r7, r6], 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x1, &(0x7f0000000100)=@raw=[@jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
io_setup(0x3ff, &(0x7f0000000500)=<r10=>0x0)
io_destroy(r10)
io_getevents(r10, 0x9, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
r11 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r11, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0x3)
r12 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r13=>0x0})
sendmsg$nl_route_sched(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r13, {}, {}, {0xfff3}}}, 0x24}, 0x1, 0x1000000000000}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)

2m30.905289685s ago: executing program 33 (id=748):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x44080)

1m56.407301048s ago: executing program 34 (id=1562):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000600)={'filter\x00', 0x5, 0x4, 0x3f0, 0x220, 0x110, 0x220, 0x110, 0x308, 0x308, 0x4, 0x0, {[{{@arp={@private=0xa010102, @multicast2, 0xff, 0xff, 0x9, 0x4, {@empty, {[0xff, 0x0, 0xff, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0x0, 0x0, 0x0, 0xff]}}, 0xfc6, 0x7f, 0xe9b, 0x4, 0x8, 0xe, 'veth1_to_team\x00', 'syz_tun\x00', {0xff}, {0xff}, 0x0, 0x284}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private, @empty}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @local, @empty}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffb}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)

1m36.27015536s ago: executing program 35 (id=1956):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x3, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x9, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xb}, 0x102c2a, 0x3, 0xfffffffc, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r4}, 0x18)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r6=>0x0})
bind$can_raw(r5, &(0x7f00000001c0)={0x1d, r6}, 0x10)
recvmmsg(r0, &(0x7f0000000e40)=[{{0x0, 0x0, 0x0}, 0x200}], 0x1, 0x40000022, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r5, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)
sendmsg$can_raw(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x3, 0x0, 0x0, "093eaadd00001003"}, 0x10}, 0x1, 0x0, 0x0, 0x44811}, 0xc010)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000880)=@newqdisc={0x50, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x20, 0x2, {{0x10, 0x2d, 0x1, 0x1, 0x400, 0x8}, [@TCA_NETEM_DELAY_DIST={0x4}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40001d4}, 0x4c8d0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r8, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
sendto$inet6(r8, 0x0, 0x0, 0x10, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r8, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000004c0)="cc", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000b80)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f93076aea55ed9cf12512ce3ac3df331695024bd1e53369a87caf6894fce811a64dad3154026", 0x38d}], 0x1}}], 0x2, 0x4048884)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r9, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty, 0x7}, 0x1c)
sendto$inet6(r9, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f0000000000)='vegas\x00', 0x6)
r10 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="89000000120081ae08060cdc030000fe7f030005000000000001ffca1b1f0000000024c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00150c00014003080c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)

1m32.194421994s ago: executing program 36 (id=2028):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)='B', 0x1}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000540))
ptrace$cont(0x20, r2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='kmem_cache_free\x00', r1}, 0x18)
nanosleep(&(0x7f0000000240)={0x0, 0x989680}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000080)=[{0x0, 0x2, 0x4, 0x4}, {0xe, 0x5, 0x8, 0x3}, {0x514, 0x57, 0x7, 0x4}]}, 0x10)

1m30.965538002s ago: executing program 37 (id=2052):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r3, 0x0, 0x6a}, 0x18)
r4 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x20400)
ioctl$EVIOCGSND(r4, 0x8040451a, 0x0)
ioctl$EVIOCGSND(r4, 0x8040451a, &(0x7f00000001c0)=""/107)
r5 = io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xabd0, 0x400, 0x2, 0x349})
r6 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5400000012000100000000000000000021d6bed56b07111803000000014e2200000000000000000000000000000000000000000201000000", @ANYRES32=0x0, @ANYBLOB="0100000003000000000000"], 0x54}}, 0x20004010)
r7 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r7, 0x11b, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x30)
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f0000000540)=[{0x0}], 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00'})
getrlimit(0x1, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[r5], 0x1)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r9 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11ff0)
ioctl$BLKTRACESETUP(r9, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x4, 0x80400, 0x2004, 0x7fc})

1m26.043729079s ago: executing program 38 (id=2139):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000640)='kmem_cache_free\x00', r1}, 0x18)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r1, 0x0, 0x3d, 0x34, &(0x7f0000000300)="fc93083a5f68508d9c8d7f4e889185e17639df783197fa977ca0c256c8b202641f84717c4ad1be9565370335e2505f011f51138e6a954bc0f1c7982b38", &(0x7f00000000c0)=""/52, 0x0, 0x0, 0x11, 0x3d, &(0x7f0000000140)="9d62f95dc7e93795000000000000000000", &(0x7f00000003c0)="c2faa1f165b87818f7ae7c45d2aa76f5674c5a677b9ef24b7fc6caa4d3fb8512a8aca6bd5cc0348f012f7ec70a3888743d3aff1eee035e3386395b3b37", 0x0, 0x0, 0x6}, 0x50)
syz_clone3(0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000010080)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYRES16=r2, @ANYRES32=r1], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x10)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x2043, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="140000000000000001000000010000", @ANYRES32=r4, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x10)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r4, 0x0, r6, 0x0, 0xa86, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

1m20.591732633s ago: executing program 1 (id=2230):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
shmat(r0, &(0x7f0000ffa000/0x3000)=nil, 0x4000)
syz_clone3(&(0x7f0000001340)={0x200000, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1m20.399705156s ago: executing program 1 (id=2234):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
copy_file_range(r1, 0x0, r1, &(0x7f00000000c0)=0xc615, 0x101, 0x0)

1m20.355447256s ago: executing program 39 (id=2234):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
copy_file_range(r1, 0x0, r1, &(0x7f00000000c0)=0xc615, 0x101, 0x0)

1m17.834382416s ago: executing program 40 (id=2261):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)

1m17.61046094s ago: executing program 41 (id=2265):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x2, &(0x7f0000000100)=[{0x50, 0xff, 0x0, 0x4}, {0x6, 0x60}]}) (fail_nth: 1)

1m16.832259921s ago: executing program 42 (id=2271):
prctl$PR_GET_FPEXC(0xb, &(0x7f0000000000))
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x1239, &(0x7f0000001900)="$eJzs3M9rHFUcAPDvJhvzo6aJWrX2oI968TQ0OXgSNEgKkj1INUIriFu7wSXjbsgsgYjaevIq+F+IR8/iP+DFf8FjLx57EEac2SSbJk2NyK7Fz+cy37z3/ea94cHCG+bN/Te+/Wx7q8i22oOYajRiaiciPUiRYioOvLxRX2/e2lhrtdZvpHR97f2V11NKF1/56cMvfrj68+DCBz/G5dn4Zfmj+7+vRsS9v/I/7RapW6Ref5Da6Xa/P2jfzjvT0S22s5TezTvtopO6vaKzO9qftvL+zs5+avfuLC7s7HaKIrV7+2m7s58G/dQcTqmXsixLiwvBI82caPn44cbN7x+UZRlRljPxVJRlWc7HQlyIp2MxLlaL+Ew8G8/FpXg+XogX43K8VGWN8S4AAAAAAAAAAAAAAAAAAADgf+Cs8/9Lsez8PwAAAAAAAAAAAAAAAAAAAIzBezdvbay1Wus3UpqLyL/Z29zbrK91/9pWdCOPTlyLpfgjqtP/tTq+/k5r/VqqLMfX+d1h/d29zenj9SvV5wSG9c2q76B+pa5Px+tnY2G0fjWW4tLp46+eUj/zXcRrr47UZ7EUv34S/cjjTjX2Uf1XKym9fa+eUxyOf6XKO9KIxuifzfGsDwAAAPwbsnTocP/+1sj+PctO9tf747r+HM8HHtrfN+OKPfTEFfufb7fzvLN7PJg70fK4oBERfzv5UUFj+Ijl1JyYi/jH/3mswdR5q6aHq3F28sF3Nyd/g09aMP/fmMYTFUzsJ4kxOlr04+2/XT0M58c/KwAAAAAAAAAAAB7nHC8GluVZOdE47f3fZtRvls2OjvlmfJlN7o4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgWAAAAABAmL91Gh0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBSAAAA///nPLi4")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000002c0)='./file0\x00', 0xc80, &(0x7f0000020100)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5a00bd6df44035f5c3a05bdd656928a62bbd950bee0b89f893a8669794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321825f3abb0c167e129cf1fa0e7854103f4bf2d3a01949"], 0x1, 0x27c, &(0x7f0000000300)="$eJzs3U9PE10Ux/EfhQd4QGgVRcEYT3SjmwnUV9AQSIxNNEiNfxKTIUy16dCSToOpMcLOra+DuHRnYnwDvAcX7ti4ZGGsaactU6hRjGHUfj+bOeRwOvf23DS3SW+7d//1ejEfOHm3qsSAaUja1r6UUkKDCg20rolmPKyobV2fyn68dPfBw1uZbHZx2Wwps3IjbWaTl98/e/Hmyofq+L23k+9GtJt6vPc5/Wl3endm7+vK00JghcBK5aq5tlouV91V37O1QlB0zO74nht4VigFXqUrn/fLGxs1c0trE2MbFS8IzC3VrOjVrFq2aqVm7hO3UDLHcWxiTPiR3M7yspuJexT4LRLfS1QqGXdB0qw00p3J7ZzAuAAAwB+G/X8/Y//fDxr7/0c93yCw/wcAAAAAAAAAAAAAAAAAAAAA4G+wX68n6/V6sn39T2qe8Km3/v5f0pikcUmnJE1ImpSUlJSSdFrSGUlTks5KOidpWtJ5SRckzUQeK+654ij639/of3+j//0tcnB3VFp/tZnbzIXXMJ/JqyBfnuaU1JdmL1vCeOlmdnHOmlK6uL7Vqt/azA12188r2Vgwvernw3rrrh9prLvhTn1aycYC61Wfjta3DznmRnXtauT+TvjdJ2X5WmuuyYP6l/NmC7ezh+4/2/y/f51jHT375zjR/Kikdj6sP8b6OPT8Dml2KN65Qwpqz4uu73sVAgICgk4Q9ysTTsJB0+MeCQAAAAAAAAAAAAAAAADgOH7tE4LtnxH9uaqYpwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBHfAgAA//8yf1eI")
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007f8af8ff00000000aba200000000000000000000b70400000000000085000000e22dae1157000000950000000000000000bc3b6982ff7a8fc1418bfbc5d2860d8e4b478c3fb01c5c3ede1256e044a6ebc9051e621c29a9cbf3597bf2d726fed639717e55d07a1bb53dbf333ec9ddf7b2bf705e3a3cda76bc424f1be466ce07b87aa6ebe4737ca55c1dec1d00000000d2e16dbbb990ac03503d9dcf366a142110739aaccb22ad168a4c7e78ded9cb332a96c9013c8a1ed6c2dba528d271b70a71eea8d9a60b78026e0be0199b54eac4ebab280668cdce5f4df0b68bd405322586b9a932f3779782b597d6fc3316542e70677ed373fd56159ae5b9999cc81afd2843f469e914247eaa6f09e4422eee5931fdb5fc173af5294a0e2eae498fcb1493b3b826def9b3938e29e1837fb01ccb1f4ac31c8ad17ae69e5af4e96781b5ec2a360db3ca9df60b320109ba3c4fee6a2fd8b34b6fc09a9d42"], 0x0, 0x3, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0b45000)
timer_delete(0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[], 0x50)
r1 = memfd_secret(0x0)
lsm_list_modules(&(0x7f0000000000)=[0x0], 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
readv(0xffffffffffffffff, &(0x7f00000017c0)=[{0x0}], 0x1)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_virt_wifi\x00', 0x2000000}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f00000002c0)={0x1, 'ipvlan1\x00', 0x100}, 0x18)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x4)
socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$VT_DISALLOCATE(r3, 0x5608)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000001f0000540000000e0001"], 0x34}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ffc40bffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400210000000404000001000000b7050000220000006a0a00fe00000000850000000a000000b7000000592000009500000000000000a3028cb5af6c8f5d76781dcb7729f0170720596bb3b4d821d976f5843061cc2e3afbae82d7932d192321fa3b3042f100"/172], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1m15.726081628s ago: executing program 43 (id=2280):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000080)={[{0x2b, 'cpu'}]}, 0x5)
write$cgroup_subtree(r8, &(0x7f0000000a00)=ANY=[@ANYBLOB='-cpu'], 0x5)
r9 = openat$cgroup_type(r6, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_type(r9, &(0x7f0000000080), 0x9)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdcb, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m14.214210412s ago: executing program 44 (id=2288):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000001d00010027bd7000fcdbdf2502000000", @ANYRES32, @ANYBLOB="0200d0070a0001"], 0x28}, 0x1, 0x0, 0x0, 0x20040100}, 0x800)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
timer_create(0x3, 0x0, &(0x7f0000044000)=<r2=>0x0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_settime(r2, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x77359400}}, 0x0)
r3 = inotify_init1(0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r4 = inotify_init()
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netfilter\x00')
fchdir(r5)
mount_setattr(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x8000, &(0x7f0000000200)={0x89, 0x300073, 0x80000, {r5}}, 0x20)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r6, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r7 = socket$inet6(0xa, 0x3, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000c00)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, {0xe298, 0x200000000, 0x40000000007, 0x20000a0de, 0x40000000000004, 0x2, 0x200200003, 0x400}, {0x40000000000005, 0x0, 0x0, 0x5}, 0x4, 0x0, 0x1}, {{@in6=@loopback, 0x20, 0x6c}, 0x2, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x20003502, 0x2, 0x8, 0x75, 0x9075, 0x94b}}, 0xe8)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
inotify_add_watch(r4, &(0x7f0000000040)='./file0\x00', 0xd0000121)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="000000000000000018862c36c65769235d64aa6b3a8b0029f111a292e7726d98ed3d"], &(0x7f00000003c0)='syzkaller\x00', 0x10000, 0xd8, &(0x7f0000000540)=""/216, 0x40f00, 0x54, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x3, 0x2}, 0x8, 0x10, &(0x7f00000006c0)={0x1, 0x10, 0x899a, 0x6}, 0x10, 0x0, 0x0, 0xa, &(0x7f0000000700)=[r5], &(0x7f0000000900)=[{0x2, 0x2, 0x3, 0x2}, {0x3, 0x4, 0xa, 0x2}, {0x2, 0x2, 0x4, 0x9}, {0x1, 0x2, 0x10}, {0x2, 0x2, 0x4}, {0x5, 0x5, 0xc, 0x8}, {0x1, 0x1, 0x8, 0x2}, {0x4, 0x5, 0x10, 0xc}, {0x4, 0x3, 0x1, 0x5}, {0x4, 0x2, 0xa, 0x3}], 0x10, 0x5, @void, @value}, 0x94)
r8 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockname$packet(r9, &(0x7f00000004c0)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14)
sendmsg$nl_route_sched(r8, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000008c0)=@newtaction={0x14, 0x30, 0x1, 0x0, 0x8, {0x0, 0x0, 0x6a00}}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000300)={'ip6gre0\x00', &(0x7f0000000280)={'ip6gre0\x00', r10, 0x29, 0xf1, 0x2a, 0x9, 0x63, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, 0x8, 0x28, 0x2, 0x8}})
inotify_add_watch(r3, &(0x7f00000000c0)='.\x00', 0xa4000061)
syz_open_dev$tty1(0xc, 0x4, 0x2)
socket$packet(0x11, 0x3, 0x300)
open(&(0x7f0000000000)='./file0\x00', 0x100000, 0xa0)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

1m9.964797238s ago: executing program 1 (id=2289):
syz_emit_ethernet(0xbe, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty}, {0x0, 0x17c1, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "0b86c107cddd39d10e870794ae120f860174b07efe05336d54f519ebba5a2b26", "5e5992c2209db5127a4a84d3d6e03d081a4118a2bbd22f0ca038289c45b30eca6703476382c29175c40096a9c60c3cce", "6a9f3a451dd7eb4523e02c2a4a00f81073727f3ac9f91e284b975a32", {"8f865412904b133eebafc6eb170fb006", "21144ab13a642475fc21552dce5cda9c"}}}}}}}, 0x0)
socket$kcm(0x2d, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1508, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
unshare(0x40060740)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
pipe2(&(0x7f0000000000), 0x80)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x10000}, 0x0, 0x10000, 0x0, 0x1, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000008000400", @ANYRES32=r2, @ANYBLOB="06001500070000000c001680080001"], 0x38}}, 0x10)

1m9.79208262s ago: executing program 1 (id=2306):
syz_open_dev$usbfs(&(0x7f0000000040), 0x200, 0x802)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_connect(0x6, 0x24, 0x0, 0x0)
ioctl$EVIOCRMFF(r0, 0x40085503, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000380)={0x80, 0x6, 0xf00, 0xe0, 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b208850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000002180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_9p2000}]}})
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x89901)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r5, 0x89f8, &(0x7f0000000080)={'sit0\x00', 0x0})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)="a0a55a19036fdce75798c0c0b08787fa984ab23d0cdac53a6da569bb1ec289f7e8d0250f8e6b21580600d81b4cbb20b8750633953ba421176b4c7fb190f607eeb27f1199f0b643f2e9edf269c94d99f0e649c5459dd1940a81825acf3ea293004d707f705b4c8e6797a5c43573d5fb40769fff64f3f79ff1b2dbca283aae", 0x7e)
bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r3, 0xc0189371, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r2}, './file0\x00'})
sendto$inet6(r6, &(0x7f0000000000)='g', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000080)='htcp\x00', 0x5)
shutdown(r6, 0x1)

1m9.536411274s ago: executing program 5 (id=2310):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
kexec_load(0x100000, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

1m9.448274796s ago: executing program 5 (id=2311):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000000), 0x8)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000880), 0x0, 0x0, 0x0, 0x900}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bond0\x00'})
socketpair(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89b0, &(0x7f0000000080))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
setrlimit(0x9, &(0x7f0000000000))
io_setup(0x2004, &(0x7f0000000680))
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x2}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
r4 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r4, &(0x7f0000000180)="e502", 0x2)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1m9.434452526s ago: executing program 5 (id=2313):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce81020332f5fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)

1m9.358709477s ago: executing program 5 (id=2314):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

1m9.270829738s ago: executing program 5 (id=2316):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES16=0x0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000200)='kmem_cache_free\x00', r0, 0x0, 0x45}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xfffffffa, 0x1, 0x9)

1m8.900143394s ago: executing program 1 (id=2319):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r2 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0xb7c, 0x0, 0x1, 0xa2}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000001b80)=""/4096, 0x1000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x29c780})
io_uring_enter(r2, 0x3518, 0xaddf, 0x2, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000580)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b946855c9fc52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9440c1961e80477166f3f847e855cdddc941d996d61ea0ce23b37e9d21c849d1e1e53087a3b109012e3a3ecbd219265048bf5c72b7ba2806b73323301b4bc94d0e4afde44867d71049a7c89bc615e215571ac910d80a58b5169576ff9906c34d2342806960b6bcb00000000000000000000000000113ee640b9ed1e04a0bfb125204d30990361bf45ef45277a167cd2c2e6ce9138143aa5ea7ee6f7c6d8b00437e070b004c5aa90766538b4fe45a16f14b270904d36eaa87508ac6d46639b3971ac6a88dc531fcc5ffc6b76b334795d88156336a9a452a9022485bb572dacb7aa25f748bc75918a16d9d5ae21004cd799ac4951beb2c6c9b5baf60081b86cc2e31c49f4ea055fb3639036c95c69b1ae60e685d486dbd1d5e7d0daacd73acfc80b9c9c92", @ANYRES16=r3, @ANYBLOB="227a57938f288746748879d000bada377b207c42c6e567dcdc7444dfc52bf9a0c1e1af9bb0d108c11e5cc1bfe25890929a49111c2e9b03726de7e51b5b092afb1aa9447f1290cff04911aae004761b1a44b6305304e05ddae2dbdced1d9b46d0b60e4f10322120cca858330d1cec4d80596dbb8dec7c54c4371e86e2350530fc444140b157d8e3893a7ea55a3a09ec4d5db19a80616035e5923f6eb8c61bca9d30a8dcb9707a87", @ANYRESDEC=r1, @ANYRES8=r2, @ANYRESOCT=r0], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x4a, &(0x7f00000016c0)=ANY=[@ANYBLOB="fdffffffffffffffd57b4f2f25086b555c6517c03efff38bf2b20b751754c4b93368b715dacb5d024d467be868dd3f089d4716382c5519e0f06d17f328c0a456f19656769c8a4940e7ad2ea91ab6a751d1da1a4d91fe6a11bcf83cb834923a943f88a141fd40730013e3fb1aaf11221ef782f292a1d7d2bae2962da62153eb855f6c14872053021df7bc8852"], 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$GTP_CMD_DELPDP(r5, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x40000)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x41, 0x0)
ioctl$TCSETAF(r6, 0x5408, &(0x7f0000000900)={0x4e00, 0x7, 0x0, 0xbdff, 0x8, "fdffffffffffffff"})
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000080)=@ethtool_wolinfo={0x11, 0x0, 0x2, "0a08cf30c194"}})
write$binfmt_aout(r6, &(0x7f00000003c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0xfffffffd, 0x90, 0xc, "00bf46f8bbde7047bcd4a280000400"})
r8 = syz_open_pts(r6, 0x0)
r9 = dup3(r8, r6, 0x0)
ioctl$TIOCSTI(r9, 0x5412, &(0x7f0000000000)=0x17)
syz_usb_connect(0x0, 0x62, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000fb5d7d086d04c308166b0102030109025000010000000009041f0000ff0100000a24010400050201020724070500000508240805040004960d24060101030200010006000609240305050306058109240306010304050507240405"], 0x0)
r10 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r10, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r10, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300), &(0x7f0000000580))
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kfree\x00', r11}, 0x18)

1m8.582453109s ago: executing program 5 (id=2324):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r0}, &(0x7f0000000600), &(0x7f0000000800)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffee0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r4}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@cgroup, 0xffffffffffffffff, 0x1a, 0x0, 0x0, @void, @value=0x0}, 0x20)
syz_emit_ethernet(0xfdef, &(0x7f0000001b80)=ANY=[], 0x0)

1m8.582148279s ago: executing program 45 (id=2324):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r0}, &(0x7f0000000600), &(0x7f0000000800)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffee0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r4=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r4}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@cgroup, 0xffffffffffffffff, 0x1a, 0x0, 0x0, @void, @value=0x0}, 0x20)
syz_emit_ethernet(0xfdef, &(0x7f0000001b80)=ANY=[], 0x0)

1m7.042311713s ago: executing program 1 (id=2342):
stat(&(0x7f0000001c80)='./file1\x00', &(0x7f0000001c00))
syz_mount_image$ext4(&(0x7f0000000280)='ext3\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)={[{@init_itable}, {@sb={'sb', 0x3d, 0x4}}]}, 0xfd, 0x287, &(0x7f0000000a00)="$eJzs3T9oM2UcB/Df5Y81bZCqiyD+AZGihVI3waUuCgUpRURQoSLiJK1QW90aJxcHnVUKgksRN6ujuBQXRXCq2qEughYHi4MOkeQS33vbe982f5p7ST4fCHmS5+5+T+D5PjkCdwlgYs1GxFJElCNiPiKqEZFkN3gwfcx2Xu7WDtYims1n/0za26WvU939ZiKiERGPR1S6fdv7Lx7/ffj03Htb1Yc/3X+hNqrPl3VyfPTM6ccr736x/Nj29z/+vpLEUtQ7fdnPMUxJznuVJOKuqyh2i0gqRY+Ay1h9+/OfWrm/OyIeaue/GqVOZN/fvO2bajz60Y32/eCPH+4d5ViB4Ws2q63vwEYTmDiliKhHUpqKiLRdKi0spOfwP5enS69vbL45/9rG1vqrRa9UwLDUIzl66qupL2c6+V/o5P+3cpp/YHzVI46eW937pdU+LRc9GuDKZH9tvy99auV//uWdR0L+YeLIP0yuS+d/Y3RjAkbjTP7futYzV+CogJ70ee7u/B8m1yD5v/2KxgT0q7dU+v6HMVbtNhq53fIP4yo/81nyD2Pqk7yrTq8n/zAGhvD7PwAwWZpTRV+BDBSl6PUHAAAAAAAAAAAAAAAAAAA4b7d2sNZ9jKRgJeLbDyNOnkzb5+uX2/9H3L2v8fRfSWuz/yXpbgN56YEBD9CDWs57nw3t6uu8o1/sjl+HVT9zu9kefHf/8OpnvZNp32yO7KxHNFobL1Yq5+df0pl//bvzgv7qKwMW6NHZuwI+8fxo65/1716x9ZcPI75urT+LeetPKe5pP+evP/U+53zWG/8MeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG5r8AAAD//zDfb2U=")
r0 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x9f)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x48)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000740)={r3, 0x20, &(0x7f0000000700)={&(0x7f0000000800)=""/231, 0xe7, <r4=>0x0, &(0x7f00000004c0)=""/170, 0xaa}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=0x0, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x17)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=r1], 0x0, 0xdad1, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5, 0x0, 0x4}, 0x18)
r6 = syz_io_uring_setup(0x1539, &(0x7f0000000040)={0x0, 0xed32, 0x2, 0xfffffffe, 0xad}, &(0x7f0000000440), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r6, 0x2, &(0x7f0000000180), 0xfe)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x202402, &(0x7f0000000000)={[{@dax_inode}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@orlov}, {@init_itable}, {@usrjquota, 0x2e}], [], 0x2c}, 0x0, 0x465, &(0x7f00000009c0)="$eJzs28tvG8UfAPDvrvPo85f8Snn0AQQKIuKRNGmBHriAQOKCVAkO5RjStCpNG9QEiVYVDQiVI+pfAByR+As4wQUBJxBXuKNKFeqFwgEtWnvtGj/S2HHqFn8+0iYz+/DM17tjz854AxhYE/mfJGJHRPwSEWMRUWrcYaLy78b1i/N/Xr84n0SWvf57kh8Wf1y/OF/dNSn+by8yk2lE+lES+1qUu3z+wum5xcWFc0V+euXMO9PL5y88c+rM3MmFkwtnZ48cOXxo5vnnZp/tSZw787rufX9p/55X37zy2vyxK299/2Ve3x3F9vo4KsY3XOZETNTek0aPb/jV7yw769LJUB8rQkfytp6fruFy+x+LUtw8eWPxyod9rRywqbIsy0ab1tZ6AKsZ8B+WRL9rAPRH9Ys+v/+tLrex+9F3116s3ADlcd8olsqWoUiLfYYb7m97aSIijq3+9Wm+RMtxCACA3vo67/883ar/l8Z9dfv9r5gbGo+I/0fEroi4JyJ2R8S9EeV974+IBzosf6Ih39z/+WlrV4GtU97/e6GY2/p3/6/a+4vxUpHbWY5/ODlxanHhYPGeTMbwaJ6fWaOMb17++ZN22+r7f/mSl1/tC0bESER6dahhgO743MrcBsOuufZBeQzwUnP8SW0mIImIPRGxt4vX3xIRp578Yn+77beIf209mGfKPo94onL+V6Mh/qpk7fnJ6S2xuHBwunpVNPvhx8tH25W/ofh7ID//21pe/7X4x5P6+drlzsu4/OvHbe9pbh1/6+t/JHmjnB4p1r03t7JybiZiJFltXj9bZIZu5qv75/FPHmjd/ndF/P1Zcei+iMgv4gcj4qGIeLio+yMR8WhEHFgj/u9eeuzt7uPfXHn8xzs6/9VE0rSmXaJ0+tuv2pV/6/iPXh0aPVxOTRZr1vP5t556dXc1AwAAwN0nLf8GPkmnauk0nZqq/IZ/d2xLF5eWV546sfTu2eOV38qPx3BaHekaqxsPnSnGhqv52Yb8ofK4cZZl2dZyfmp+aXGz5tSB9dnepv3nfiv1u3bAputoHq3dE23AXcnzmjC4tH8YXNo/DC7tHwZXq/Z/KeJGH6oC3Ga+/2Fwaf8wuLR/GFzaPwykNs/GJ7HO5+fbHV7R5eEDlSjdGdXoOBHpHVGN7hLphl+n1Lv6jHbQUi7F7Xqj+vzBBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0CP/BAAA//8xr+fd")
setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000300)={{}, {0x1, 0x4}, [], {}, [], {0x10, 0x6}}, 0x24, 0x0)
listxattr(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)=""/20, 0x14)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f0000000000)={0x0, 0x0, 0xa5})
symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000001c0)={'#! ', './file0', [{0x20, '\x00'}, {0x20, '.!.-.&'}, {0x20, 'init_itable'}, {}, {0x20, '{*.$/'}, {0x20, '-\xef'}, {0x20, 'ext3\x00'}, {0x20, 'ext3\x00'}], 0xa, "ebad1645e3db5b021631d78d192a7337a24505b9d9b9c832b7cb7bc79087bfaea9e3130e360469418aa1820d6156a2d903f615d9b46a8138b7286933"}, 0x72)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r9, 0x11e, 0x82, 0x0, &(0x7f0000000340))
setrlimit(0x9, &(0x7f0000000400)={0xfffffffffffffffe})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
rename(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1m7.041901342s ago: executing program 46 (id=2342):
stat(&(0x7f0000001c80)='./file1\x00', &(0x7f0000001c00))
syz_mount_image$ext4(&(0x7f0000000280)='ext3\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)={[{@init_itable}, {@sb={'sb', 0x3d, 0x4}}]}, 0xfd, 0x287, &(0x7f0000000a00)="$eJzs3T9oM2UcB/Df5Y81bZCqiyD+AZGihVI3waUuCgUpRURQoSLiJK1QW90aJxcHnVUKgksRN6ujuBQXRXCq2qEughYHi4MOkeQS33vbe982f5p7ST4fCHmS5+5+T+D5PjkCdwlgYs1GxFJElCNiPiKqEZFkN3gwfcx2Xu7WDtYims1n/0za26WvU939ZiKiERGPR1S6fdv7Lx7/ffj03Htb1Yc/3X+hNqrPl3VyfPTM6ccr736x/Nj29z/+vpLEUtQ7fdnPMUxJznuVJOKuqyh2i0gqRY+Ay1h9+/OfWrm/OyIeaue/GqVOZN/fvO2bajz60Y32/eCPH+4d5ViB4Ws2q63vwEYTmDiliKhHUpqKiLRdKi0spOfwP5enS69vbL45/9rG1vqrRa9UwLDUIzl66qupL2c6+V/o5P+3cpp/YHzVI46eW937pdU+LRc9GuDKZH9tvy99auV//uWdR0L+YeLIP0yuS+d/Y3RjAkbjTP7futYzV+CogJ70ee7u/B8m1yD5v/2KxgT0q7dU+v6HMVbtNhq53fIP4yo/81nyD2Pqk7yrTq8n/zAGhvD7PwAwWZpTRV+BDBSl6PUHAAAAAAAAAAAAAAAAAAA4b7d2sNZ9jKRgJeLbDyNOnkzb5+uX2/9H3L2v8fRfSWuz/yXpbgN56YEBD9CDWs57nw3t6uu8o1/sjl+HVT9zu9kefHf/8OpnvZNp32yO7KxHNFobL1Yq5+df0pl//bvzgv7qKwMW6NHZuwI+8fxo65/1716x9ZcPI75urT+LeetPKe5pP+evP/U+53zWG/8MeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG5r8AAAD//zDfb2U=")
r0 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x9f)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x48)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000740)={r3, 0x20, &(0x7f0000000700)={&(0x7f0000000800)=""/231, 0xe7, <r4=>0x0, &(0x7f00000004c0)=""/170, 0xaa}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=0x0, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x17)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=r1], 0x0, 0xdad1, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5, 0x0, 0x4}, 0x18)
r6 = syz_io_uring_setup(0x1539, &(0x7f0000000040)={0x0, 0xed32, 0x2, 0xfffffffe, 0xad}, &(0x7f0000000440), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r6, 0x2, &(0x7f0000000180), 0xfe)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x202402, &(0x7f0000000000)={[{@dax_inode}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@orlov}, {@init_itable}, {@usrjquota, 0x2e}], [], 0x2c}, 0x0, 0x465, &(0x7f00000009c0)="$eJzs28tvG8UfAPDvrvPo85f8Snn0AQQKIuKRNGmBHriAQOKCVAkO5RjStCpNG9QEiVYVDQiVI+pfAByR+As4wQUBJxBXuKNKFeqFwgEtWnvtGj/S2HHqFn8+0iYz+/DM17tjz854AxhYE/mfJGJHRPwSEWMRUWrcYaLy78b1i/N/Xr84n0SWvf57kh8Wf1y/OF/dNSn+by8yk2lE+lES+1qUu3z+wum5xcWFc0V+euXMO9PL5y88c+rM3MmFkwtnZ48cOXxo5vnnZp/tSZw787rufX9p/55X37zy2vyxK299/2Ve3x3F9vo4KsY3XOZETNTek0aPb/jV7yw769LJUB8rQkfytp6fruFy+x+LUtw8eWPxyod9rRywqbIsy0ab1tZ6AKsZ8B+WRL9rAPRH9Ys+v/+tLrex+9F3116s3ADlcd8olsqWoUiLfYYb7m97aSIijq3+9Wm+RMtxCACA3vo67/883ar/l8Z9dfv9r5gbGo+I/0fEroi4JyJ2R8S9EeV974+IBzosf6Ih39z/+WlrV4GtU97/e6GY2/p3/6/a+4vxUpHbWY5/ODlxanHhYPGeTMbwaJ6fWaOMb17++ZN22+r7f/mSl1/tC0bESER6dahhgO743MrcBsOuufZBeQzwUnP8SW0mIImIPRGxt4vX3xIRp578Yn+77beIf209mGfKPo94onL+V6Mh/qpk7fnJ6S2xuHBwunpVNPvhx8tH25W/ofh7ID//21pe/7X4x5P6+drlzsu4/OvHbe9pbh1/6+t/JHmjnB4p1r03t7JybiZiJFltXj9bZIZu5qv75/FPHmjd/ndF/P1Zcei+iMgv4gcj4qGIeLio+yMR8WhEHFgj/u9eeuzt7uPfXHn8xzs6/9VE0rSmXaJ0+tuv2pV/6/iPXh0aPVxOTRZr1vP5t556dXc1AwAAwN0nLf8GPkmnauk0nZqq/IZ/d2xLF5eWV546sfTu2eOV38qPx3BaHekaqxsPnSnGhqv52Yb8ofK4cZZl2dZyfmp+aXGz5tSB9dnepv3nfiv1u3bAputoHq3dE23AXcnzmjC4tH8YXNo/DC7tHwZXq/Z/KeJGH6oC3Ga+/2Fwaf8wuLR/GFzaPwykNs/GJ7HO5+fbHV7R5eEDlSjdGdXoOBHpHVGN7hLphl+n1Lv6jHbQUi7F7Xqj+vzBBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0CP/BAAA//8xr+fd")
setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000300)={{}, {0x1, 0x4}, [], {}, [], {0x10, 0x6}}, 0x24, 0x0)
listxattr(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)=""/20, 0x14)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r8, 0x1, &(0x7f0000000000)={0x0, 0x0, 0xa5})
symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000001c0)={'#! ', './file0', [{0x20, '\x00'}, {0x20, '.!.-.&'}, {0x20, 'init_itable'}, {}, {0x20, '{*.$/'}, {0x20, '-\xef'}, {0x20, 'ext3\x00'}, {0x20, 'ext3\x00'}], 0xa, "ebad1645e3db5b021631d78d192a7337a24505b9d9b9c832b7cb7bc79087bfaea9e3130e360469418aa1820d6156a2d903f615d9b46a8138b7286933"}, 0x72)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r9, 0x11e, 0x82, 0x0, &(0x7f0000000340))
setrlimit(0x9, &(0x7f0000000400)={0xfffffffffffffffe})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
rename(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1m6.038488168s ago: executing program 7 (id=2351):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r3=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r2, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r3}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840) (fail_nth: 6)

1m5.9263282s ago: executing program 7 (id=2353):
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000c40)='./file0\x00', 0x808080, &(0x7f0000000c80)={[{@discard}, {@bh}, {@noblock_validity}]}, 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==")
request_key(0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002680)=ANY=[@ANYBLOB="140000001000010000000000000007000000000a60000000060a0b0400000000000000000200000034000480200001800e000100636f6e6e6c696d69740000000c000280080001400000000010000180090001006c617374000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2, 0x0, 0x800000000}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
open(&(0x7f0000000200)='./file0\x00', 0x123140, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
close_range(r7, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r9=>0x0})
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800c0001006d6163766c616e0095e5028008000500", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9], 0x44}}, 0x0)
close(r1)

1m5.382095178s ago: executing program 7 (id=2356):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000000)={[{@oldalloc}, {@acl}]}, 0xff, 0x257, &(0x7f0000000500)="$eJzs3U9oFFccB/DfzO42TbKUtL0USv9AKaUNhPRW6CW9tBAoIZRSaAsppfSiJEJM8JZ48uJBj6KSk5cg3oweJZfgRRE8Rc0hXgQNHgweVFjZnQTyTxOzmx1xPh+YzEzy5v3eMPN9ExaGDaCweiJiICJKEdEbEZWISDY2+DJbetZ2ZzoXRiJqtd8eJ4122X5m/bjuiJiOiB8iYj5N4lA5YnLur+Wni798c3Ki8vWFuT8723qSa1aWl35dPT904vLg95M3bz8cSmIgqpvOq/WSHX5XTiI+Oohib4mknPcI2IvhY5fu1HP/cUR81ch/JdLILt6p8ffmK/HduVcde/rRrU/bOVag9Wq1Sv0ZOF0DCieNiGokaV9EZNtp2teX/Q9/t9SVHh4bP9r7/9jE6H95z1RAq1Qjln6+2nGle0v+H5Sy/APvqOxDqaXfh2fv1TdWS3kPCGiLz7JV/fnf+8/UtyH/UDjyD8Ul/1Bc8g/FJf9QXPIPxSX/UFzyD8Ul/1Bc+87/mRcHNyigLTbmHwAollrHvt4abv2LyEDb5T3/AAAAAAAAAAAAAAAAAAAA2810LoysL63psbxri+tnI1Z+yppur19qfB9xxPuNn11Pkk09Jnuq8Hp/f9FkB026mPPb1x/cz7f+jc/zrT81GjF9PCL6y+Xt91+ydv/t34e7/L3yb5MF3lCyZf/HP9pbf6vns/nWH1yMuFaff/p3mn/S+KSx3nn+qdavX5P1jzxrsgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa5mUAAAD//7FLbdg=")
r0 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x138)
write$9p(r0, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff5295e8cd6f55ce071b304aa0a588b3b7a2efa2f167dd9c1b8b016268d37d9a30983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402c76caf85d4569a75dde2f64", 0x300)

1m5.26624222s ago: executing program 7 (id=2360):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

1m5.213332711s ago: executing program 9 (id=2361):
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
socket(0x10, 0x80002, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="943e352e6cbaebfbf79659d3c21a62a01109af37f8e6b5c089f53f9deae991484f91966a8fba47719f059bce61513b3a442ee0bf07f9b260966b89ff88dcfbee29f10fc5a139964651e67724ca9c2fb32e155b69b2dc7195654d92e745b995cfda9e80f18d61f0106269bd94973fc4a104292a88d8dc2b3d078b4a73e97454d977f92e362186b3d4ce0b", 0x8a}, {&(0x7f0000000040)}], 0x2}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="5c00000014006b03c84e21008bf32c19021800f80200000044000200ac14140e05251e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d493f9b7717ba6d0bdd76b6f60c1504bb9189d9193e9bd1c1b7800000000000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=@ipv4_delrule={0x1c, 0x21, 0x1}, 0x1c}}, 0x44044)

1m5.187033981s ago: executing program 7 (id=2362):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000340)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@max_batch_time={'max_batch_time', 0x3d, 0x9}}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x5, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b00)=@newtfilter={0x190, 0x2c, 0xd27, 0x70bd25, 0x7ffd, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x160, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x114, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x3c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffc1e, 0x1, 0xc00}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x40006}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x19d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xe7}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x46}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x0, 0x3, 0xe}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x17}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x22}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x0, 0x2, 0x93}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x81}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x2e}]}}]}, 0x190}, 0x1, 0x0, 0x0, 0x80}, 0x800)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0x0, 0x56, 0x0, 0x3, 0x0, 0x0, @void, @value}, 0x28)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r7, 0x84, 0x1b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x20d, @dev={0xfe, 0x80, '\x00', 0x40}, 0x6}], 0x1)
socket(0x400000000010, 0x3, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r8 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r9 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
ioctl$LOOP_CHANGE_FD(r8, 0x4c00, r9)

1m4.981604045s ago: executing program 7 (id=2364):
r0 = timerfd_create(0x0, 0x0)
ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x541c, &(0x7f0000000300))
r1 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x1008002, &(0x7f00000003c0)={[{@errors_remount}, {@sysvgroups}, {@resuid}, {@jqfmt_vfsold}, {@data_ordered}, {@resuid={'resuid', 0x3d, 0xee00}}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x0, 0x5ee, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkysHoyYMXT4aEqOFo4prZzpRuO9sfS7sLnc8nWfrmvRnem06/OzNv35sNoLQG038qEXsjYjqJ6E/mF8s6IyscXFjv3j+fnE5fSVSrb/yVRJLl5esn2c++bOOeiPjlpyT2dKysd2buyvnxqanJy9ny8OyF6eGZuSsHz10YPzt5dvLi6Eujx44eOXps5FBT+3W1IO/k9fc/7P9s7O3vvvk3Gfn+97Ekjser2YpL92OzDMZg7XeSrCzqO7bZlbVJR/Z3svQQJ51Fa3a1rlGsW3780qPzVPRHR9w/eP3x6WttbRywpapJRHW5HXkhsL0lwhxKKr8OyO/tl98HV1p+RQK0yt0TCx0AK+O/c6FvMHpqfQM77yWxtFsniYjmeubq7YqI27fGrp+5NXY9tqgfDig2fy0ini6K/6QW/wPREwO1+K/UxX96XXAq+5nmv95k/cu7isU/tM5C/PesGv/RIP7fWRL/7zZZ/+D95Hu9dfHf2+wuAQAAAAAAQGndPBERLxZ9/l9ZHP8TBeN/+iLi+CbUP7hseeXn/5U7m1ANUODuiYhXCsf/VvLRvwMdWeqx2niAruTMuanJQxHxeEQciK4d6fLIKnUc/HzP143KBrPxf/krrf92NhYwa8edzh3120yMz44/6H4DEXevRTxTOP43WTz/J7XhvvNLpwvU3g+m11nHnudvnGpUtnb8A1ul+m3E/sLz//2nViSrP59juHY9MJxfFaz07Mdf/NCo/mbjv/ARE8CGpOf/navH/0Cy9Hk9Mxuv4/BcZ7VBUXez1//dyZu1R850Z3kfjc/OXh6J6E5OdqS5dfmjG28zbEd5POTxksb/gedW7/9LCvr/eiNiftn/nfxdP6c49+R/fX80ao/rf2ifNP4nNnT+33hi9MbAj43qX9/5/0jtXH8gy9H/Bwu+ysO0uz6/IBw7i4pa3V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A4qEbErksrQYrpSGRqK6IuIJ2JnZerSzOwLZy59cHEiLat9/38l/6bf/oXlJP/+/4Ely6PLlg9HxO6I+LKjt7Y8dPrS1ES7dx4AAAAAAAAAAAAAAAAAAAAeEn0N5v+n/uxod+uALdfZ7gYAbVMQ/7+2ox1A6zn/Q3mJfygv8Q/lJf6hvMQ/lJf4h/IS/1Be4h8AAAAAALaV3ftu/pZExPzLvbVXqjsr62pry4CtVml3A4C28YgfKC9Df6C83OMDyRrlPQ03WmvL1UyffoCNAQAAAAAAAAAAAKB09u81/x/Kyvx/KC/z/6G88vn/+9rcDqD13OMDscZM/sL5/2tuBQAAAAAAAAAAAABsppm5K+fHp6YmLz8KiZ+3tIq32r+DrU5Uq9Wr6V/Bw9KeRzyRD4V/WNqzLJHP9VvfVu17TwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr9HwAA//87QSCw")
lsetxattr$system_posix_acl(&(0x7f0000003340)='./file0\x00', &(0x7f0000003380)='system.posix_acl_access\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="020000000100020000000000040000000000000008000700", @ANYRES32=0x0, @ANYBLOB="100005000000000020"], 0x2c, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYRESHEX=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
lsetxattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)=@known='system.sockprotoname\x00', &(0x7f00000002c0)=':%\xcc\x00', 0x4, 0x1)
nanosleep(&(0x7f0000000180)={0x77359400}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
mknod(&(0x7f0000000000)='./bus\x00', 0x1000, 0x0)
getpid()
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0b00000008000000020000001400000005000000", @ANYRES32, @ANYRES64=r1, @ANYRES16=r0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = timerfd_create(0x8, 0x0)
read(r7, &(0x7f00000000c0)=""/252, 0xfc)
timerfd_settime(r7, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
open(&(0x7f00000002c0)='./bus\x00', 0x42203, 0x13d)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r3, 0x0, 0x178}, 0x18)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x40ead000)

1m4.964663705s ago: executing program 47 (id=2364):
r0 = timerfd_create(0x0, 0x0)
ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x541c, &(0x7f0000000300))
r1 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x1008002, &(0x7f00000003c0)={[{@errors_remount}, {@sysvgroups}, {@resuid}, {@jqfmt_vfsold}, {@data_ordered}, {@resuid={'resuid', 0x3d, 0xee00}}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x0, 0x5ee, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkysHoyYMXT4aEqOFo4prZzpRuO9sfS7sLnc8nWfrmvRnem06/OzNv35sNoLQG038qEXsjYjqJ6E/mF8s6IyscXFjv3j+fnE5fSVSrb/yVRJLl5esn2c++bOOeiPjlpyT2dKysd2buyvnxqanJy9ny8OyF6eGZuSsHz10YPzt5dvLi6Eujx44eOXps5FBT+3W1IO/k9fc/7P9s7O3vvvk3Gfn+97Ekjser2YpL92OzDMZg7XeSrCzqO7bZlbVJR/Z3svQQJ51Fa3a1rlGsW3780qPzVPRHR9w/eP3x6WttbRywpapJRHW5HXkhsL0lwhxKKr8OyO/tl98HV1p+RQK0yt0TCx0AK+O/c6FvMHpqfQM77yWxtFsniYjmeubq7YqI27fGrp+5NXY9tqgfDig2fy0ini6K/6QW/wPREwO1+K/UxX96XXAq+5nmv95k/cu7isU/tM5C/PesGv/RIP7fWRL/7zZZ/+D95Hu9dfHf2+wuAQAAAAAAQGndPBERLxZ9/l9ZHP8TBeN/+iLi+CbUP7hseeXn/5U7m1ANUODuiYhXCsf/VvLRvwMdWeqx2niAruTMuanJQxHxeEQciK4d6fLIKnUc/HzP143KBrPxf/krrf92NhYwa8edzh3120yMz44/6H4DEXevRTxTOP43WTz/J7XhvvNLpwvU3g+m11nHnudvnGpUtnb8A1ul+m3E/sLz//2nViSrP59juHY9MJxfFaz07Mdf/NCo/mbjv/ARE8CGpOf/navH/0Cy9Hk9Mxuv4/BcZ7VBUXez1//dyZu1R850Z3kfjc/OXh6J6E5OdqS5dfmjG28zbEd5POTxksb/gedW7/9LCvr/eiNiftn/nfxdP6c49+R/fX80ao/rf2ifNP4nNnT+33hi9MbAj43qX9/5/0jtXH8gy9H/Bwu+ysO0uz6/IBw7i4pa3V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A4qEbErksrQYrpSGRqK6IuIJ2JnZerSzOwLZy59cHEiLat9/38l/6bf/oXlJP/+/4Ely6PLlg9HxO6I+LKjt7Y8dPrS1ES7dx4AAAAAAAAAAAAAAAAAAAAeEn0N5v+n/uxod+uALdfZ7gYAbVMQ/7+2ox1A6zn/Q3mJfygv8Q/lJf6hvMQ/lJf4h/IS/1Be4h8AAAAAALaV3ftu/pZExPzLvbVXqjsr62pry4CtVml3A4C28YgfKC9Df6C83OMDyRrlPQ03WmvL1UyffoCNAQAAAAAAAAAAAKB09u81/x/Kyvx/KC/z/6G88vn/+9rcDqD13OMDscZM/sL5/2tuBQAAAAAAAAAAAABsppm5K+fHp6YmLz8KiZ+3tIq32r+DrU5Uq9Wr6V/Bw9KeRzyRD4V/WNqzLJHP9VvfVu17TwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr9HwAA//87QSCw")
lsetxattr$system_posix_acl(&(0x7f0000003340)='./file0\x00', &(0x7f0000003380)='system.posix_acl_access\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="020000000100020000000000040000000000000008000700", @ANYRES32=0x0, @ANYBLOB="100005000000000020"], 0x2c, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYRESHEX=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
lsetxattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)=@known='system.sockprotoname\x00', &(0x7f00000002c0)=':%\xcc\x00', 0x4, 0x1)
nanosleep(&(0x7f0000000180)={0x77359400}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
mknod(&(0x7f0000000000)='./bus\x00', 0x1000, 0x0)
getpid()
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0b00000008000000020000001400000005000000", @ANYRES32, @ANYRES64=r1, @ANYRES16=r0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = timerfd_create(0x8, 0x0)
read(r7, &(0x7f00000000c0)=""/252, 0xfc)
timerfd_settime(r7, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
open(&(0x7f00000002c0)='./bus\x00', 0x42203, 0x13d)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r3, 0x0, 0x178}, 0x18)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x40ead000)

1m4.322479575s ago: executing program 9 (id=2366):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 64)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) (async)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) (async)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000300)=ANY=[@ANYBLOB="640000001900010000000000000000001d0109005000108049000000990d59906040c6226d83b3dd9fa584140a972beb7bb2e6afdd6ee1b52f5b7186508ea84b4900e0c13b47efb6b7077fd8998d20c90e01f5bae80da358cd54297825c2d1c678"], 0x64}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0) (async)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) (async)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r6 = socket(0x10, 0x803, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r8, {0xc}, {}, {0x5, 0xfff3}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x2c, 0x1, 0x0, 0x0, {{0x7, 0x9, 0xe1b2}, [@TCA_EM_IPT_HOOK={0x8, 0x1, 0x2}, @TCA_EM_IPT_MATCH_DATA={0x4}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0xa}]}}]}]}]}}]}, 0x70}}, 0x20008050) (async, rerun: 32)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100d0000000fbdbdf250100000018000180140002007665746831"], 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x94173000) (async, rerun: 64)
r9 = socket(0x10, 0x803, 0x0) (async)
r10 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000ac0)=@newqdisc={0x88, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r11, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0xe, [0x0, 0x6, 0x1, 0x3, 0x3, 0x8, 0xa, 0xa, 0xc, 0x10, 0x10, 0x10, 0x4, 0x7, 0x0, 0xe], 0x0, [0x9, 0xe, 0x8, 0x6, 0x7f, 0x3372, 0x491, 0x400, 0x1200, 0x3, 0x40, 0xfffd, 0x7, 0x0, 0x0, 0x3], [0x400, 0x2, 0x7, 0x3, 0xfffb, 0x3ff, 0x3, 0x4, 0xc05, 0x4, 0x3ff, 0x4, 0x26, 0x8, 0x9, 0x10]}}}}]}, 0x88}}, 0x0)

1m4.322029075s ago: executing program 9 (id=2367):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58"}, 0x28)
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000001c0)='n7', 0x2}, {&(0x7f0000001700)="e3", 0x1}], 0x2}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.self_freezing\x00', 0x275a, 0x0)
r5 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
r6 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0x3)
ftruncate(0xffffffffffffffff, 0xc17a)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r8, {}, {}, {0xfff3}}}, 0x24}, 0x1, 0x1000000000000}, 0x0)
fallocate(r5, 0x0, 0x0, 0x9)
setuid(0xee01)
fallocate(r4, 0x0, 0x0, 0x10fff9)
ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000040)={0xc, r5, 0x8, 0x0, 0x2})
fallocate(r2, 0x4, 0x695d, 0x7)

1m3.952403111s ago: executing program 9 (id=2370):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

1m3.937520661s ago: executing program 9 (id=2371):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000080)={0x1d, r1}, 0x10)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000000c0)=[{{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}, {{0x4, 0x0, 0x1, 0x1}, {0x4, 0x1, 0x1}}], 0x10)
close(r0)
r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000003c0), 0x1, 0x0)
r3 = bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x12, 0xc, &(0x7f0000000340)=ANY=[@ANYRESDEC=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = add_key(&(0x7f0000000300)='keyring\x00', &(0x7f0000000380)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, r4)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(0xffffffffffffffff, 0x0, 0x20000004)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000078000000090a010400000000000000000100fffd08000a40000000000900020073797a31000000000900010073797a300000000008000540000000253c0011800a0001006c696d69740000002c0002800c000240000000000000000308000440000000010c000140fffffffffffff7ff08"], 0xc0}, 0x1, 0x0, 0x0, 0x40c0}, 0xc4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0xffffffffffffffff, <r6=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000140)}, 0x20)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r6, &(0x7f00000001c0)={0xc0000010})

1m3.889982821s ago: executing program 9 (id=2372):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r1 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

1m3.866820592s ago: executing program 48 (id=2372):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r1 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

1m3.033106035s ago: executing program 0 (id=2375):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001080)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x48, 0x8, 0xfe, 0x80000009}]}) (fail_nth: 1)

1m2.629304381s ago: executing program 0 (id=2376):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x14, r2, 0x209, 0x0, 0x2000000}, 0x14}}, 0x0)

1m2.430742094s ago: executing program 0 (id=2377):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x22, &(0x7f0000000140), 0x4)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendto$packet(r3, &(0x7f0000000440)="5d546efddc250888e0f1266ec0f850d8c650a75f1fd1e0966fd0bd75e0883614bf7c6445b45deea58b25baf2c49eec45e35d51d36caff8163e4ff6baaa3b1306cb39bb5bac4196a74e0d9108860a71c1a3850e80dde2e660ff327ceb1ef265a9cb199451cc0ae8d55681940c3ecbc2b5a2d6ec7b801a51fe1716c0ef916a77184a100de42bc83d03cff834d54ad2b3147a1b4d6c7df7110889f8fe60072895b2e9d651f9ece4b5fe6360b150f7ca127b6f75adb902eb6e870c5d27a79f7c76ac81ce2d3b642da41f63af78d74cb73e25ef784b669b1f3eea41ba135008dfe7ed8e40437fd926719ef31f4cfa397cfc193dcd270043eac0b386c340bc32b4", 0xfe, 0x2008010, &(0x7f00000000c0)={0x11, 0x10, r1, 0x1, 0x5, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x14)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000200)='ext4_mballoc_prealloc\x00', r4, 0x0, 0x8}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107842, 0x0)
r5 = io_uring_setup(0x3d67, &(0x7f0000000000)={0x0, 0xef3f, 0x2, 0x3, 0x4000000})
io_uring_register$IORING_REGISTER_BUFFERS2(r5, 0x14, &(0x7f0000003480)={0x4, 0x0, 0x4, &(0x7f00000001c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x0}, 0x2)
r6 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
inotify_init1(0x800)
fcntl$setstatus(r6, 0x4, 0x2c00)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d40)=@newqdisc={0x3ac, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x378, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x0, 0x0, 0x0, 0x0, 0x2}}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x64, 0x2, 0x3, 0x17, 0xd, 0x8, 0x1}}, @TCA_CHOKE_MAX_P={0x8, 0x3, 0x1000002}, @TCA_CHOKE_PARMS={0x14}, @TCA_CHOKE_MAX_P={0x8}, @TCA_CHOKE_STAB={0x104, 0x2, "dc542b4e237011fb38ddb228806571a8633206e26df63a43bbc516382325dedd79c1cf0a26379dfaf72cb5ab9ab7efe16f312ee9ab598d1ac0d7903ac69c51f1b6842ebecf00dec5deff737b59f0c1f0b57cc6c2b7b8c5b2c527aafa57222f4bd2355ccab39fa20d4033b6b687491532080101805feb9c6fa8a56a77186efcb394ce1a1cd7f2130835e3bf9e3ac25d0a102a808be13beb51f37da6d10046f131834545ee5013f43e41e91eb18a12c28540ab4106286e0f7568f6a9cd0c0da51df08e42848096b25d455ebec9adfd6e493d8c9725bc2d49bbbae0a5375b359f91d9dad20ed109ffbc52469cffd2cf5df7773f7a4c72ae167485315c326281efc4"}, @TCA_CHOKE_MAX_P={0x8}, @TCA_CHOKE_STAB={0x104, 0x2, "a2a88faa7ec665a571a9ad3d1f9512e3c591df4a4554c6c2e2cc6cb4d9aee4579684743ad4888f1522a47ddaff3d4f9450d288e8559bc4f795aa0d1bc74d926038adb808cba6e90535b2eb8ba3e8ff927207d17a86b10d604e77a459df67e7f0c842d463ca5977b7e2eb55fbb9881d15633717817c735da52a1da7d64bb22e58550d8ee20883e41ec2f119a6a6364d68900c1cce4a3b3225a9ce9e1e00b444e9e7bcd10e1dec202ce7786aa7cf10d4dd6bbcee586d7903a6239ff90b49cd7fddb0c67ddab326cdb2d0fa48a783f691be9ebaa1243b21afd04a372650aa7eb46a2675cc67ae12d3b99c9acb4d9fb7c78081d269b443affd86eededd4867311221"}, @TCA_CHOKE_PARMS={0x14}, @TCA_CHOKE_STAB={0x104, 0x2, "554b956aa3fcfbc4a187baf0437163b5d33108db016465f92a93480d2c246d90f03741da6ee916f7c9917dbd81da67d6150151679559af8402b932745d19fbfbd679c133c4714565f91cd05790d990818bac85598b6a844cb2c2d277aaca9a88ee0e6a834ba02b4e549f11fb13e9fe33730c55997f2d3b7e6469210db81587fc522295f49a78f4e08ddfb01172b12a19b303a0c47fa3500cdc3e6725a79dcd3731c37083c3bbe73c43e7e2ea82c72986a1499c677c565ea1cfc874e7e978e4ebe8d338f0b37807d40333ee570133982998623ec809826f1009856a9d9d8e839c65d3ead78c6b3cb8f7beee8e59f19de93d06628a2cdfa4333d96882b96c36cc3"}]}}, @TCA_STAB={0x4}]}, 0x3ac}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="3c0000001000130d00"/20, @ANYBLOB="d63dc4935f5aaa232801dd1dc9079dd296331c5af2de62ef66562511f82828e2cf26c138a815", @ANYBLOB="d11101000000000008000500", @ANYRES32=r1, @ANYBLOB="140012800c0001006d6163766c616e"], 0x3c}, 0x1, 0x0, 0x0, 0x4004014}, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000540)={'bond0\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x2, [{0x301}, {0xfffffffd}]}})
eventfd(0x4)

1m2.209976107s ago: executing program 0 (id=2379):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

1m2.203164118s ago: executing program 0 (id=2380):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f00000002c0)="1ae96d0103010000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000000)=ANY=[], 0xffc9)
close_range(r0, 0xffffffffffffffff, 0x200000000000000)

1m1.859382753s ago: executing program 0 (id=2382):
unshare(0x22020600)
recvmsg$can_raw(0xffffffffffffffff, 0x0, 0x141)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00'], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x3)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000180)={@local, @random="416cee93a4a6", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x16, 0x4, 0x2, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0x4000}, @generic={0x22, 0xf, "3abc6903030000000000000000"}, @window={0x3, 0x3, 0xac}, @timestamp={0x8, 0xa, 0x200, 0x9}, @mss={0x2, 0x4}, @fastopen={0x22, 0xe, "54df942f7e09586180bbb068"}, @fastopen={0x22, 0x5, "8537c8"}, @exp_fastopen={0xfe, 0x4}]}}}}}}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000003000), r3)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f00000004c0)='./file2\x00', 0x4000, &(0x7f0000000500)=ANY=[], 0xfd, 0x1e7, &(0x7f0000000280)="$eJzs3UFr02AYB/Cndbapp11EEIWAF09D/QQVqSAGBKWCnhTUyyoDd6leVr+Fn8ZPo3fZqReNzLTLGie4apJNf79Lnubf9+3zFpL20rfPrrzefrGz++rTpQ+RJJ3oDmMY805sRjeWZnFEEgDAGTfP8/iSF1aT9221BADU7Nef/9FbHL+Wpz5+23ncZHcAQB0ePXl6/3aWjR6maRKxP5uOp+PiWOR372WjG+kPm+Wo/el0fO4wv5lWvzsc5OfjQkR8vpiNbhXj09W8F9evFeMPsjsPskrej416lw4AAAAAAAAAAAAAAAAAAAAAAK25GunSsfv7bG1V88EiLx4d2R+osn/PRlxebuBTbg+U7zWxKAAAAAAAAAAAAAAAAAAAADhjdt++234+mbx8Uxb9iFg9c5JiuJh4zeFNF904FW38eTFYvO9/feZOMe+s7QWepEhPRxuTNa+CXkTU1dg8z/P+8Rf+alHeI/qN35UAAAAAAAAAAAAAAAAAAOD/VP7o9+csaaMhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhB+f//axR7EfEbTz58sUGrSwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAf9j0AAP//JPUxLA==")
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r5, &(0x7f0000000240)='./file0\x00', 0x200)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fbdbdf25020000000a000900aaaaaaaaaa44000008000300", @ANYRES32=r6, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x20, 0x3, &(0x7f0000000080)=@raw=[@exit, @alu={0x4, 0x1, 0xb, 0x9, 0xe, 0x8, 0xfffffffffffffffc}, @alu={0x4, 0x0, 0x6, 0x8, 0x9, 0x4, 0x4}], &(0x7f00000000c0)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x3, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x4, 0xe, 0x8, 0x8}, 0x10, 0x0, r0, 0x6, 0x0, &(0x7f0000000400)=[{0x2, 0x1, 0x7, 0x7}, {0x1, 0x4, 0xe, 0xa}, {0x5, 0x2, 0xf, 0x5}, {0x0, 0x1, 0x7, 0x7}, {0xfbbc, 0x5, 0xc, 0xc}, {0x2, 0x1, 0x6, 0x3}], 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x803, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r10, 0x6, 0x13, 0x0, 0x0)
bind$inet(r10, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)

1m1.843984183s ago: executing program 49 (id=2382):
unshare(0x22020600)
recvmsg$can_raw(0xffffffffffffffff, 0x0, 0x141)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00'], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x3)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000180)={@local, @random="416cee93a4a6", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x0, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x16, 0x4, 0x2, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0x4000}, @generic={0x22, 0xf, "3abc6903030000000000000000"}, @window={0x3, 0x3, 0xac}, @timestamp={0x8, 0xa, 0x200, 0x9}, @mss={0x2, 0x4}, @fastopen={0x22, 0xe, "54df942f7e09586180bbb068"}, @fastopen={0x22, 0x5, "8537c8"}, @exp_fastopen={0xfe, 0x4}]}}}}}}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000003000), r3)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f00000004c0)='./file2\x00', 0x4000, &(0x7f0000000500)=ANY=[], 0xfd, 0x1e7, &(0x7f0000000280)="$eJzs3UFr02AYB/Cndbapp11EEIWAF09D/QQVqSAGBKWCnhTUyyoDd6leVr+Fn8ZPo3fZqReNzLTLGie4apJNf79Lnubf9+3zFpL20rfPrrzefrGz++rTpQ+RJJ3oDmMY805sRjeWZnFEEgDAGTfP8/iSF1aT9221BADU7Nef/9FbHL+Wpz5+23ncZHcAQB0ePXl6/3aWjR6maRKxP5uOp+PiWOR372WjG+kPm+Wo/el0fO4wv5lWvzsc5OfjQkR8vpiNbhXj09W8F9evFeMPsjsPskrej416lw4AAAAAAAAAAAAAAAAAAAAAAK25GunSsfv7bG1V88EiLx4d2R+osn/PRlxebuBTbg+U7zWxKAAAAAAAAAAAAAAAAAAAADhjdt++234+mbx8Uxb9iFg9c5JiuJh4zeFNF904FW38eTFYvO9/feZOMe+s7QWepEhPRxuTNa+CXkTU1dg8z/P+8Rf+alHeI/qN35UAAAAAAAAAAAAAAAAAAOD/VP7o9+csaaMhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhB+f//axR7EfEbTz58sUGrSwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAf9j0AAP//JPUxLA==")
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r5, &(0x7f0000000240)='./file0\x00', 0x200)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_TP_METER(r3, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fbdbdf25020000000a000900aaaaaaaaaa44000008000300", @ANYRES32=r6, @ANYBLOB='\b\x00\v'], 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x20, 0x3, &(0x7f0000000080)=@raw=[@exit, @alu={0x4, 0x1, 0xb, 0x9, 0xe, 0x8, 0xfffffffffffffffc}, @alu={0x4, 0x0, 0x6, 0x8, 0x9, 0x4, 0x4}], &(0x7f00000000c0)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', r6, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x3, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x4, 0xe, 0x8, 0x8}, 0x10, 0x0, r0, 0x6, 0x0, &(0x7f0000000400)=[{0x2, 0x1, 0x7, 0x7}, {0x1, 0x4, 0xe, 0xa}, {0x5, 0x2, 0xf, 0x5}, {0x0, 0x1, 0x7, 0x7}, {0xfbbc, 0x5, 0xc, 0xc}, {0x2, 0x1, 0x6, 0x3}], 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x803, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r10, 0x6, 0x13, 0x0, 0x0)
bind$inet(r10, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)

1.93048211s ago: executing program 4 (id=3571):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x88f, 0x0, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r2, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)

1.9298679s ago: executing program 4 (id=3572):
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0)
ppoll(&(0x7f0000000280), 0x0, 0x0, 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x6, 0x6, 0x1, "42341f9b1000007e4f00"})
r2 = syz_open_pts(r1, 0x40000)
dup3(r2, r1, 0x0)
splice(r1, 0x0, r0, 0x0, 0x7ffff000, 0x0)

1.066489723s ago: executing program 4 (id=3599):
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
futimesat(r0, &(0x7f0000000000)='./file1\x00', 0x0)

912.696226ms ago: executing program 4 (id=3603):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='xprtrdma_post_send\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r1, &(0x7f0000000480)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}, {&(0x7f0000000700)="f34563fad3788f962da090c5ab351de95e6c84c7a02808f6c3794bee057fe9a5c1250a3ffa5c1de06e69f586a1c05938bbe5e16c2bc77e229688c0c6b69d73250823f8a2c9cc3ac7fa9fe023f1be69049a42fcace81df9b9e155407f681b0c49a20941b6d2103b72d4c0d3a7b70e7ac63fa6e25dd0eed08b036069e52abba411cb7992c8955a786ae05912e949fe20be8d454841a652aadc02529f6ccd7982e43d4a45897e36593424a335ff8954de87658b6ffeb2cb40f577277152fd69891184982345dcc03da7c966c70cd5660d8421f11ad86e6b3148054a334b0803e88582", 0xe1}, {&(0x7f0000000240)="a2671b1599b12aa8fac6aef03a233ff1623b7b325b2fbd03755ff609e6a22dd8008a498836e5d797019e65f6597db44ba4", 0x31}, {&(0x7f0000000880)="84bbfcfd856a69ddc567aed96a08a3fd984c86ba2b0801f90549f282c537f9ecc68a2d6f3c242965c92b9958b037eca4d3e06e0646ecf5292c87fc7315a8c4dcedb62e08bec2933e83a225b737e2cb8acce87bc9fe0a89c7688d96bb7becc97c886988ff41e802e5e861a930398807602c", 0x71}], 0x5)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0x0, 0x0)
capget(&(0x7f00000014c0)={0x20080522}, &(0x7f0000001500)={0x9, 0x4, 0x2, 0x2, 0x4, 0xe})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x44, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x880)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)

860.225517ms ago: executing program 3 (id=3606):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

842.564837ms ago: executing program 4 (id=3607):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r1, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)

814.600417ms ago: executing program 3 (id=3609):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10030, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100002, 0x0, 0xedf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8205, &(0x7f0000001340)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x15}}, {@stripe}, {@grpid}, {@errors_remount}, {@data_err_ignore}, {@noblock_validity}, {@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x13}}]}, 0x1, 0x60a, &(0x7f0000001c40)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78lrR/pDn84FZvXkzu+999+lp3uzo7QRQWtPZQxpxOCIuJRFTTdsmo75xurHfw+/uXM6WJGq1/32bRNLIK/Z/1Pi5P3tIIsYj4tOzEb+vbC13/dbtqwvVWt2rEbMbq2uz67duH19ZXbiydGXp2vyJf548Nfev+ZPzuxJnEde58//901uvvfSP5c+qx5M4HRdHX1mMljh2y3RMx6NGiM35IxFxKku0eV/2miKEZMD1YGcqjd/H0Yg4FFNRydfqpmLlzYFWDuipWiWiBpRUov9DSRXjgOLcvhfnwcPswZn6CdDW+Efqn43EeH5utO9h0nRmVD/fPbAL5Wdl/HznyHvZEh0+hxjZhXI62bwbEX9sF3+S1+1A/ilOFn8aadPzsvRcRIw13ot0h+VPt6z3+/fvWeJvbocs3tONn1n+2R2WP+j4ASin+2caB/LNbO3J8S8bGRbjn2gz/plsc+zaiUEf/zqP/4rj/Xj+GXnaMg7LxjwX2r/kaGvGV2+ce6dT+c3jv2zJyi/Ggv3w4G7EkZb4X88Hc8nj9k/atH+2y6Uuy/jP59+c67Rt0PHX7kUcbXv+8+SKVpaa3VhdK/Jark/OLq9Ul+bqj23L+OiTFz/oVP6g48/aPzrEv137Z3lrXZbx4YV7q522TT41/vTrseRinhpr5Ly8sLFxYz5iLDnf2KUp/8T2dSn2KV4ji//YX9v3/23izxt6s8v41/5/9WE9tfUqadftv+WvSu5Rrcs6dJLFv7jD9n+7yzJ+eOHmn1uyJorEdvFPbH2ppNv3HAAAAAAAAMooza/BJunM43SazszU5/D+Ifal1evrG39bvn7z2mLEsfz/IUfT4kr3VH09ydbnG/8PW6yfaFn/e0QcjIh3KxP5+szl69XFQQcPAAAAAAAAAAAAAAAAAAAAQ2J/Y/5/cZ/q7yv1+f9d2TjU49oBPdfLG8wBw03/h/LK+/9O7+AK7GmO/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMBz6eBf7n+ZRMTmvyfyJTPW2DY60JoBvfbsfXy6J/UA+q/S16cBw+TxpX/T/6F0uhr//9j4csDeVwcYgKRdZj44qG3f+e+3fSYAAAAAAAAAAAAA0ANHD5v/D2WVxseDrgIwIL9iIr/vAIA9zlf/Q3k5xweeNot/vNMG8/8BAAAAAAAAAAAAoG8m8yVJZxq3AJ2MNJ2ZifhtRByI0WR5pbo0FxG/i4gvKqO/ydbnB11pAAAAAAAAAAAAAAAAAAAAeM6s37p9daFaXbrRnPhpS87znSjugjos9WlORNL/QiciYhhi701ipCknidjMWn4oKnZjPYaiGmlejQH/YQIAAAAAAAAAAAAAAAAAgBJqmnvc3pH3+1wjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi/J/f/33kiecrrDDpGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBv+iUAAP//q+Q5KA==")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x88f, &(0x7f00000003c0)={0x0, 0xaee2, 0x0, 0x2, 0xbf9ffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r4, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r4, 0x47f6, 0x0, 0x2, 0x0, 0x0)

796.528127ms ago: executing program 4 (id=3611):
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0)
ppoll(&(0x7f0000000280)=[{r1, 0x6000}], 0x1, 0x0, 0x0, 0x0)
write$binfmt_aout(r1, 0x0, 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x6, 0x6, 0x1, "42341f9b1000007e4f00"})
r2 = syz_open_pts(r1, 0x40000)
dup3(r2, r1, 0x0)
splice(r1, 0x0, r0, 0x0, 0x7ffff000, 0x0)

692.525519ms ago: executing program 2 (id=3612):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)

645.96546ms ago: executing program 2 (id=3613):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000340)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@max_batch_time={'max_batch_time', 0x3d, 0x9}}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x5, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b00)=@newtfilter={0x190, 0x2c, 0xd27, 0x70bd25, 0x7ffd, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x160, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x114, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x3c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffc1e, 0x1, 0xc00}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x40006}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x19d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xe7}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x46}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x0, 0x3, 0xe}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x17}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x22}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x0, 0x2, 0x93}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x81}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x2e}]}}]}, 0x190}, 0x1, 0x0, 0x0, 0x80}, 0x800)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0x0, 0x56, 0x0, 0x3, 0x0, 0x0, @void, @value}, 0x28)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r7, 0x84, 0x1b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x20d, @dev={0xfe, 0x80, '\x00', 0x40}, 0x6}], 0x1)
r8 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x84}, 0x4800)
r9 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
ioctl$LOOP_SET_STATUS(r9, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {}, 0x40000004, 0x5, 0xfffffffb, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})

523.945471ms ago: executing program 8 (id=3616):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b801000"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)

496.292342ms ago: executing program 8 (id=3617):
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
futimesat(r0, &(0x7f0000000000)='./file1\x00', 0x0)

459.765243ms ago: executing program 3 (id=3618):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='xprtrdma_post_send\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r1, &(0x7f0000000480)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}, {&(0x7f0000000700)="f34563fad3788f962da090c5ab351de95e6c84c7a02808f6c3794bee057fe9a5c1250a3ffa5c1de06e69f586a1c05938bbe5e16c2bc77e229688c0c6b69d73250823f8a2c9cc3ac7fa9fe023f1be69049a42fcace81df9b9e155407f681b0c49a20941b6d2103b72d4c0d3a7b70e7ac63fa6e25dd0eed08b036069e52abba411cb7992c8955a786ae05912e949fe20be8d454841a652aadc02529f6ccd7982e43d4a45897e36593424a335ff8954de87658b6ffeb2cb40f577277152fd69891184982345dcc03da7c966c70cd5660d8421f11ad86e6b3148054a334b0803e88582", 0xe1}, {&(0x7f0000000240)="a2671b1599b12aa8fac6aef03a233ff1623b7b325b2fbd03755ff609e6a22dd8008a498836e5d797019e65f6597db44ba4", 0x31}, {&(0x7f0000000880)="84bbfcfd856a69ddc567aed96a08a3fd984c86ba2b0801f90549f282c537f9ecc68a2d6f3c242965c92b9958b037eca4d3e06e0646ecf5292c87fc7315a8c4dcedb62e08bec2933e83a225b737e2cb8acce87bc9fe0a89c7688d96bb7becc97c886988ff41e802e5e861a930398807602c", 0x71}], 0x5)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0x0, 0x0)
capget(&(0x7f00000014c0)={0x20080522}, &(0x7f0000001500)={0x9, 0x4, 0x2, 0x2, 0x4, 0xe})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x44, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x880)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)

401.572273ms ago: executing program 8 (id=3619):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

366.216014ms ago: executing program 3 (id=3621):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x28, r1, 0x1, 0x0, 0x25dfdbfe, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}]}, 0x28}}, 0x0)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r1, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)

359.302964ms ago: executing program 2 (id=3622):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="060000b37ebff700feffffff0540000010000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r3 = shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
shmdt(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESDEC=r3], 0x50)
perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x2, 0x1, 0x2, 0x4, 0x0, 0x3, 0xa6122, 0xe, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4079, 0x1, @perf_bp={&(0x7f0000000380), 0x3c2166d6d59fad8e}, 0x1211, 0x4, 0x0, 0x2, 0x9, 0x6, 0x9, 0x0, 0x2, 0x0, 0x5}, 0x0, 0xc, r2, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = creat(&(0x7f0000000300)='./file0\x00', 0xe5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x80000001, 0x0, 0x0, 0x40f00, 0x56, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0xffffffffffffffcf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
write$qrtrtun(r5, &(0x7f0000001880)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e84b928ecb96e0e4e781bfca4c928c956321dd51400000000000020011584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26cfbb2eb91e40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a63d070000930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299dea6c08073dd0c47b9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8303985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725436101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35cfe7d498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c17d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f91", 0x45c)
r7 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r6, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000005c0)={r7, 0x0, 0x0}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x2, 0x5, 0x2, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x14, 0x10, &(0x7f0000000800)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
fsmount(r0, 0x1, 0x0)
openat$cgroup_int(0xffffffffffffffff, &(0x7f00000002c0)='memory.oom.group\x00', 0x2, 0x0)

315.325435ms ago: executing program 8 (id=3623):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)

314.824425ms ago: executing program 3 (id=3624):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x88f, &(0x7f00000003c0)={0x0, 0xaee2, 0x0, 0x2, 0xbf9ffffc}, &(0x7f0000000000)=<r3=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, 0x0, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r2, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)

312.342885ms ago: executing program 8 (id=3625):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r0, 0x25, &(0x7f0000000140)={0x2, 0x2, 0x5, 0x80000000})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="0a00003fd4dfa4ef594a9c00069e061ee9cd51a0be70568919a3721ccafebb254f0d275518e924a2e4164b7f2efcd5c0e5ab6ac0bfc28e9a38c74a1a1fa87eddb6784d58e07f21445b73b46ed1c9ddbcc91fd29ad84b1339edda3388a6447ffdef7a529e671e28a0a54448a8"], 0x48)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x34, 0x0, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000010}, 0x24000880)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r1}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xf, 0x7, &(0x7f0000000740)=ANY=[@ANYRES16=r1, @ANYRES32=r2, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @cgroup_device=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="180100001c00003f2f3fd1b3fd8f6dc0ae9c000000000000000000850000006d00000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'ipvlan0\x00', <r8=>0x0})
sendmsg$ETHTOOL_MSG_DEBUG_SET(r6, &(0x7f0000000280)={0x0, 0x2c, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000fedbdf25080000001800028014000380100001800400030008000100050000000c00018008000100", @ANYRES32=r8], 0x38}, 0x1, 0x0, 0x0, 0x4000814}, 0x0)

262.578966ms ago: executing program 3 (id=3626):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
dup3(r0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
move_mount(r0, &(0x7f0000000100)='./bus\x00', r1, &(0x7f00000000c0)='./bus\x00', 0x14)
sendfile(r1, r0, 0x0, 0x7ffff000)

261.336526ms ago: executing program 2 (id=3627):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b00)=@newtfilter={0x190, 0x2c, 0xd27, 0x70bd25, 0x7ffd, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x160, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x114, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x3c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffc1e, 0x1, 0xc00}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x40006}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x19d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xe7}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x46}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x0, 0x3, 0xe}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x17}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x22}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x0, 0x2, 0x93}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x81}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x2e}]}}]}, 0x190}, 0x1, 0x0, 0x0, 0x80}, 0x800)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0x0, 0x56, 0x0, 0x3, 0x0, 0x0, @void, @value}, 0x28)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r6, 0x84, 0x1b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x20d, @dev={0xfe, 0x80, '\x00', 0x40}, 0x6}], 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x84}, 0x4800)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r7 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r8 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
ioctl$LOOP_CHANGE_FD(r7, 0x4c00, r8)

260.923256ms ago: executing program 6 (id=3628):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e746572"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)

208.742157ms ago: executing program 8 (id=3629):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x10)
setitimer(0x0, 0x0, 0x0)
readv(r0, &(0x7f0000000300)=[{&(0x7f0000000380)=""/4096, 0x1000}], 0x1)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
unshare(0x22020400)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f00000001c0)=@abs={0x1}, 0x6e)
bind$unix(r4, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r5}, &(0x7f0000000380), &(0x7f0000000400)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x10)
mount_setattr(0xffffffffffffffff, &(0x7f0000000400)='.\x00', 0x8000, &(0x7f0000001dc0)={0x81, 0x8a}, 0x20)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r7 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=<r8=>0x0, &(0x7f00000007c0)=<r9=>0x0)
syz_emit_ethernet(0x46, &(0x7f00000003c0)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @parameter_prob={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x0, @private, @local}, "0b0a000000c4f120"}}}}}, 0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x38}, {0x0}], 0x2})
io_uring_enter(r7, 0x4d10, 0x2, 0x2, 0x0, 0x0)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
poll(&(0x7f0000000000)=[{r10, 0x1040}], 0x1, 0x7)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xa, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702060002000000850000ac69230085000000b70000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='svcrdma_decode_short_err\x00', r11, 0x0, 0x7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)

169.526167ms ago: executing program 2 (id=3630):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='xprtrdma_post_send\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r3, &(0x7f0000000480)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}, {&(0x7f0000000700)="f34563fad3788f962da090c5ab351de95e6c84c7a02808f6c3794bee057fe9a5c1250a3ffa5c1de06e69f586a1c05938bbe5e16c2bc77e229688c0c6b69d73250823f8a2c9cc3ac7fa9fe023f1be69049a42fcace81df9b9e155407f681b0c49a20941b6d2103b72d4c0d3a7b70e7ac63fa6e25dd0eed08b036069e52abba411cb7992c8955a786ae05912e949fe20be8d454841a652aadc02529f6ccd7982e43d4a45897e36593424a335ff8954de87658b6ffeb2cb40f577277152fd69891184982345dcc03da7c966c70cd5660d8421f11ad86e6b3148054a334b0803e88582", 0xe1}, {&(0x7f0000000240)="a2671b1599b12aa8fac6aef03a233ff1623b7b325b2fbd03755ff609e6a22dd8008a498836e5d797019e65f6597db44ba4", 0x31}, {&(0x7f0000000880)="84bbfcfd856a69ddc567aed96a08a3fd984c86ba2b0801f90549f282c537f9ecc68a2d6f3c242965c92b9958b037eca4d3e06e0646ecf5292c87fc7315a8c4dcedb62e08bec2933e83a225b737e2cb8acce87bc9fe0a89c7688d96bb7becc97c886988ff41e802e5e861a930398807602c0ba4d9d68ec9061c1782aaaec9744264add43aeb2105ae5846b492af2ee499af19c078e176d4bf690c410204dcc1f3ad19054fbccdf49a382f33efb4fedc2d3b85f69391cc8a9be0125ee48e0797cfab0860ed15a56e5f444f550475110874ba9708ad732e542632720c6ffffef486f6", 0xe1}], 0x5)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0x0, 0x0)
capget(&(0x7f00000014c0)={0x20080522}, &(0x7f0000001500)={0x9, 0x4, 0x2, 0x2, 0x4, 0xe})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x44, r7, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x880)
sendmsg$NLBL_MGMT_C_ADDDEF(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180)=0x63)
sendmsg$NLBL_MGMT_C_ADDDEF(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x1, 0x0)

168.946067ms ago: executing program 6 (id=3631):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='xprtrdma_post_send\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r1, &(0x7f0000000480)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}, {&(0x7f0000000700)="f34563fad3788f962da090c5ab351de95e6c84c7a02808f6c3794bee057fe9a5c1250a3ffa5c1de06e69f586a1c05938bbe5e16c2bc77e229688c0c6b69d73250823f8a2c9cc3ac7fa9fe023f1be69049a42fcace81df9b9e155407f681b0c49a20941b6d2103b72d4c0d3a7b70e7ac63fa6e25dd0eed08b036069e52abba411cb7992c8955a786ae05912e949fe20be8d454841a652aadc02529f6ccd7982e43d4a45897e36593424a335ff8954de87658b6ffeb2cb40f577277152fd69891184982345dcc03da7c966c70cd5660d8421f11ad86e6b3148054a334b0803e88582", 0xe1}, {&(0x7f0000000240)="a2671b1599b12aa8fac6aef03a233ff1623b7b325b2fbd03755ff609e6a22dd8008a498836e5d797019e65f6597db44ba4", 0x31}, {&(0x7f0000000880)="84bbfcfd856a69ddc567aed96a08a3fd984c86ba2b0801f90549f282c537f9ecc68a2d6f3c242965c92b9958b037eca4d3e06e0646ecf5292c87fc7315a8c4dcedb62e08bec2933e83a225b737e2cb8acce87bc9fe0a89c7688d96bb7becc97c886988ff41e802e5e861a930398807602c", 0x71}], 0x5)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0x0, 0x0)
capget(&(0x7f00000014c0)={0x20080522}, &(0x7f0000001500)={0x9, 0x4, 0x2, 0x2, 0x4, 0xe})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x44, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x880)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)

118.992418ms ago: executing program 6 (id=3632):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
stat(&(0x7f00000001c0)='./file0\x00', &(0x7f00000004c0))

93.614828ms ago: executing program 6 (id=3633):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

40.175879ms ago: executing program 2 (id=3634):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000340)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@max_batch_time={'max_batch_time', 0x3d, 0x9}}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x5, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b00)=@newtfilter={0x190, 0x2c, 0xd27, 0x70bd25, 0x7ffd, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x160, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x114, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x3c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffc1e, 0x1, 0xc00}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x40006}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x19d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xe7}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x46}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x0, 0x3, 0xe}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x17}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x22}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x0, 0x2, 0x93}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x81}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x2e}]}}]}, 0x190}, 0x1, 0x0, 0x0, 0x80}, 0x800)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0x0, 0x56, 0x0, 0x3, 0x0, 0x0, @void, @value}, 0x28)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r6, 0x84, 0x1b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x20d, @dev={0xfe, 0x80, '\x00', 0x40}, 0x6}], 0x1)
r7 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x84}, 0x4800)
r8 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
ioctl$LOOP_SET_STATUS(r8, 0x4c02, &(0x7f0000000280)={0x0, {}, 0x0, {}, 0x40000004, 0x5, 0xfffffffb, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})

569.44µs ago: executing program 6 (id=3635):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)

0s ago: executing program 6 (id=3636):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x88f, &(0x7f00000003c0)={0x0, 0xaee2, 0x0, 0x2, 0xbf9ffffc}, &(0x7f0000000000)=<r3=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, 0x0, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r2, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

op4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.115234][T10383] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.137157][T12323] lo speed is unknown, defaulting to 1000
[  193.169600][T12328] loop6: detected capacity change from 0 to 128
[  193.192289][T12323] lo speed is unknown, defaulting to 1000
[  193.242121][T12328] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  193.263876][T12328] ext4 filesystem being mounted at /98/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  193.306735][T12339] FAULT_INJECTION: forcing a failure.
[  193.306735][T12339] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.320156][T12339] CPU: 0 UID: 0 PID: 12339 Comm: syz.3.2935 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  193.320187][T12339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  193.320200][T12339] Call Trace:
[  193.320208][T12339]  <TASK>
[  193.320216][T12339]  __dump_stack+0x1d/0x30
[  193.320238][T12339]  dump_stack_lvl+0xe8/0x140
[  193.320267][T12339]  dump_stack+0x15/0x1b
[  193.320284][T12339]  should_fail_ex+0x265/0x280
[  193.320317][T12339]  should_fail+0xb/0x20
[  193.320346][T12339]  should_fail_usercopy+0x1a/0x20
[  193.320420][T12339]  strncpy_from_user+0x25/0x230
[  193.320446][T12339]  ? kmem_cache_alloc_noprof+0x186/0x310
[  193.320473][T12339]  ? getname_flags+0x80/0x3b0
[  193.320497][T12339]  getname_flags+0xae/0x3b0
[  193.320542][T12339]  user_path_at+0x28/0x130
[  193.320577][T12339]  __se_sys_mount+0x25b/0x2e0
[  193.320595][T12339]  ? fput+0x8f/0xc0
[  193.320622][T12339]  __x64_sys_mount+0x67/0x80
[  193.320692][T12339]  x64_sys_call+0xd36/0x2fb0
[  193.320714][T12339]  do_syscall_64+0xd2/0x200
[  193.320733][T12339]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  193.320770][T12339]  ? clear_bhb_loop+0x40/0x90
[  193.320826][T12339]  ? clear_bhb_loop+0x40/0x90
[  193.320848][T12339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.320869][T12339] RIP: 0033:0x7f28ee67e929
[  193.320885][T12339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.320968][T12339] RSP: 002b:00007f28ecce7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  193.320987][T12339] RAX: ffffffffffffffda RBX: 00007f28ee8a5fa0 RCX: 00007f28ee67e929
[  193.321000][T12339] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000200000000380
[  193.321013][T12339] RBP: 00007f28ecce7090 R08: 0000000000000000 R09: 0000000000000000
[  193.321039][T12339] R10: 0000000000001000 R11: 0000000000000246 R12: 0000000000000001
[  193.321052][T12339] R13: 0000000000000000 R14: 00007f28ee8a5fa0 R15: 00007fffdf581d88
[  193.321147][T12339]  </TASK>
[  193.543711][T10383] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  193.581734][   T29] audit: type=1400 audit(2000000006.520:19863): avc:  denied  { append } for  pid=12344 comm="syz.6.2936" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  193.611703][T12347] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2939'.
[  193.620864][T12341] loop4: detected capacity change from 0 to 2048
[  193.639317][T12341] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.682837][T10662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.759847][   T29] audit: type=1326 audit(2000000006.700:19864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.4.2942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c41ee929 code=0x7ffc0000
[  193.793517][T12362] loop3: detected capacity change from 0 to 164
[  193.800106][T12357] bond1: entered promiscuous mode
[  193.801151][   T29] audit: type=1326 audit(2000000006.730:19865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.4.2942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe8c41ee929 code=0x7ffc0000
[  193.805472][T12357] bond1: entered allmulticast mode
[  193.829007][   T29] audit: type=1326 audit(2000000006.730:19866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.4.2942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c41ee929 code=0x7ffc0000
[  193.829085][   T29] audit: type=1326 audit(2000000006.730:19867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.4.2942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7fe8c41ee929 code=0x7ffc0000
[  193.881599][   T29] audit: type=1326 audit(2000000006.730:19868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.4.2942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8c41ee929 code=0x7ffc0000
[  193.905239][   T29] audit: type=1326 audit(2000000006.730:19869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.4.2942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fe8c41ee929 code=0x7ffc0000
[  193.917937][T12357] 8021q: adding VLAN 0 to HW filter on device bond1
[  193.969108][T12362] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  193.984386][T12362] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  193.993444][T12362] Symlink component flag not implemented
[  193.994458][T12357] bond1 (unregistering): Released all slaves
[  193.999146][T12362] Symlink component flag not implemented
[  193.999287][T12362] Symlink component flag not implemented (7)
[  194.016922][T12362] Symlink component flag not implemented (116)
[  194.023853][T12370] netlink: 14528 bytes leftover after parsing attributes in process `syz.2.2945'.
[  194.112794][T12377] loop2: detected capacity change from 0 to 512
[  194.131743][T12378] loop3: detected capacity change from 0 to 2048
[  194.138661][T12380] FAULT_INJECTION: forcing a failure.
[  194.138661][T12380] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.151865][T12380] CPU: 1 UID: 0 PID: 12380 Comm: syz.4.2952 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  194.151902][T12380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.151919][T12380] Call Trace:
[  194.151927][T12380]  <TASK>
[  194.151935][T12380]  __dump_stack+0x1d/0x30
[  194.151957][T12380]  dump_stack_lvl+0xe8/0x140
[  194.152000][T12380]  dump_stack+0x15/0x1b
[  194.152085][T12380]  should_fail_ex+0x265/0x280
[  194.152332][T12380]  should_fail+0xb/0x20
[  194.152431][T12380]  should_fail_usercopy+0x1a/0x20
[  194.152473][T12380]  _copy_from_user+0x1c/0xb0
[  194.152493][T12380]  kstrtouint_from_user+0x69/0xf0
[  194.152526][T12380]  ? 0xffffffff81000000
[  194.152543][T12380]  ? selinux_file_permission+0x1e4/0x320
[  194.152574][T12380]  proc_fail_nth_write+0x50/0x160
[  194.152617][T12380]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  194.152642][T12380]  vfs_write+0x269/0x8e0
[  194.152697][T12380]  ? vfs_read+0x47f/0x6f0
[  194.152764][T12380]  ? __rcu_read_unlock+0x4f/0x70
[  194.152786][T12380]  ? __fget_files+0x184/0x1c0
[  194.152808][T12380]  ksys_write+0xda/0x1a0
[  194.152830][T12380]  __x64_sys_write+0x40/0x50
[  194.152853][T12380]  x64_sys_call+0x2cdd/0x2fb0
[  194.152881][T12380]  do_syscall_64+0xd2/0x200
[  194.152944][T12380]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  194.153043][T12380]  ? clear_bhb_loop+0x40/0x90
[  194.153064][T12380]  ? clear_bhb_loop+0x40/0x90
[  194.153091][T12380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.153114][T12380] RIP: 0033:0x7fe8c41ed3df
[  194.153129][T12380] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  194.153225][T12380] RSP: 002b:00007fe8c2857030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  194.153256][T12380] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe8c41ed3df
[  194.153272][T12380] RDX: 0000000000000001 RSI: 00007fe8c28570a0 RDI: 0000000000000006
[  194.153287][T12380] RBP: 00007fe8c2857090 R08: 0000000000000000 R09: 0000000000000000
[  194.153300][T12380] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  194.153315][T12380] R13: 0000000000000000 R14: 00007fe8c4415fa0 R15: 00007ffe93e397e8
[  194.153390][T12380]  </TASK>
[  194.154669][T12377] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  194.276901][T12382] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  194.391237][T12382] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  194.398947][T12382] vhci_hcd vhci_hcd.0: Device attached
[  194.408089][T12378] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.408971][T12377] EXT4-fs (loop2): 1 truncate cleaned up
[  194.426435][T12377] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.490989][T10446] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.559370][T12396] loop2: detected capacity change from 0 to 1024
[  194.566392][T12396] EXT4-fs: Ignoring removed orlov option
[  194.585137][T10590] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.595836][T12396] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.636724][T10261] usb 9-1: new high-speed USB device number 2 using vhci_hcd
[  194.645170][T12401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.653923][T12401] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.676920][T10446] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.700384][T12406] loop2: detected capacity change from 0 to 512
[  194.707765][T12406] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  194.719501][T12406] EXT4-fs (loop2): 1 truncate cleaned up
[  194.719655][T12405] netlink: 'syz.6.2959': attribute type 1 has an invalid length.
[  194.725725][T12406] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.742852][T12405] 8021q: adding VLAN 0 to HW filter on device bond1
[  194.748183][T12406] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2958'.
[  194.786581][T10446] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.806488][T12412] loop2: detected capacity change from 0 to 512
[  194.813568][T12412] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  194.825487][T12412] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  194.840947][T12412] EXT4-fs (loop2): 1 truncate cleaned up
[  194.844643][T12415] loop6: detected capacity change from 0 to 164
[  194.847420][T12412] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.866382][T12415] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  194.880886][T12415] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  194.889465][T12415] Symlink component flag not implemented
[  194.895143][T12415] Symlink component flag not implemented
[  194.901397][T12415] Symlink component flag not implemented (7)
[  194.907547][T12415] Symlink component flag not implemented (116)
[  194.915148][T10446] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.955337][T12422] loop6: detected capacity change from 0 to 2048
[  195.032223][T12426] loop6: detected capacity change from 0 to 1024
[  195.040214][T12426] EXT4-fs: Ignoring removed orlov option
[  195.048109][T12426] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.062510][T12386] vhci_hcd: connection reset by peer
[  195.068240][T12426] FAULT_INJECTION: forcing a failure.
[  195.068240][T12426] name failslab, interval 1, probability 0, space 0, times 0
[  195.068509][ T5504] vhci_hcd: stop threads
[  195.080968][T12426] CPU: 1 UID: 0 PID: 12426 Comm: syz.6.2965 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  195.081002][T12426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.081020][T12426] Call Trace:
[  195.081029][T12426]  <TASK>
[  195.081064][T12426]  __dump_stack+0x1d/0x30
[  195.081099][T12426]  dump_stack_lvl+0xe8/0x140
[  195.081126][T12426]  dump_stack+0x15/0x1b
[  195.081149][T12426]  should_fail_ex+0x265/0x280
[  195.081262][T12426]  should_failslab+0x8c/0xb0
[  195.081374][T12426]  kmem_cache_alloc_noprof+0x50/0x310
[  195.081417][T12426]  ? ext4_mb_new_blocks+0x2ce/0x2050
[  195.081444][T12426]  ? __mark_inode_dirty+0x43c/0x760
[  195.081477][T12426]  ext4_mb_new_blocks+0x2ce/0x2050
[  195.081586][T12426]  ? ext4_ext_search_right+0x30b/0x4f0
[  195.081628][T12426]  ? ext4_inode_to_goal_block+0x1be/0x1e0
[  195.081664][T12426]  ext4_ext_map_blocks+0xff5/0x38a0
[  195.081785][T12426]  ext4_map_blocks+0x61c/0xd70
[  195.081821][T12426]  ext4_convert_inline_data_nolock+0x16e/0x4c0
[  195.081911][T12426]  ext4_convert_inline_data+0x2b8/0x350
[  195.081958][T12426]  ext4_fallocate+0xa6/0x660
[  195.082001][T12426]  vfs_fallocate+0x413/0x450
[  195.082100][T12426]  __x64_sys_fallocate+0x7a/0xd0
[  195.082251][T12426]  x64_sys_call+0x2b88/0x2fb0
[  195.082279][T12426]  do_syscall_64+0xd2/0x200
[  195.082303][T12426]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  195.082339][T12426]  ? clear_bhb_loop+0x40/0x90
[  195.082402][T12426]  ? clear_bhb_loop+0x40/0x90
[  195.082438][T12426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.082468][T12426] RIP: 0033:0x7f21d1b4e929
[  195.082491][T12426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.082533][T12426] RSP: 002b:00007f21d01b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  195.082560][T12426] RAX: ffffffffffffffda RBX: 00007f21d1d75fa0 RCX: 00007f21d1b4e929
[  195.082578][T12426] RDX: 0000000000000ffc RSI: 0000000000000011 RDI: 0000000000000004
[  195.082596][T12426] RBP: 00007f21d01b7090 R08: 0000000000000000 R09: 0000000000000000
[  195.082612][T12426] R10: 00000000000006d8 R11: 0000000000000246 R12: 0000000000000001
[  195.082629][T12426] R13: 0000000000000000 R14: 00007f21d1d75fa0 R15: 00007fff33369428
[  195.082655][T12426]  </TASK>
[  195.132237][T12427] loop2: detected capacity change from 0 to 512
[  195.136640][ T5504] vhci_hcd: release socket
[  195.136671][ T5504] vhci_hcd: disconnect device
[  195.168885][T12427] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.170332][T10383] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.174673][T12427] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.362713][T12427] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2964'.
[  195.441861][T12439] loop6: detected capacity change from 0 to 2048
[  195.458385][T12439] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.592555][T10383] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.626759][T12447] loop4: detected capacity change from 0 to 512
[  195.634158][T12447] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  195.645882][T12447] EXT4-fs (loop4): 1 truncate cleaned up
[  195.653327][T12447] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.669327][T12447] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2971'.
[  195.749126][T10662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.783449][T12451] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2972'.
[  195.813122][T12453] loop4: detected capacity change from 0 to 512
[  195.819868][T12453] EXT4-fs: Ignoring removed mblk_io_submit option
[  195.827517][T12453] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  195.837664][T12453] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  195.845636][T12453] System zones: 1-12
[  195.857163][T12453] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.2973: corrupted in-inode xattr: e_value size too large
[  195.889228][T12453] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2973: couldn't read orphan inode 15 (err -117)
[  195.902275][T10446] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.912778][T12453] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.975377][T10662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.019992][T12461] loop4: detected capacity change from 0 to 1024
[  196.026604][T12459] loop2: detected capacity change from 0 to 8192
[  196.033685][T12461] EXT4-fs: Ignoring removed orlov option
[  196.063147][T12461] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.119449][T10662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.175063][T12468] loop2: detected capacity change from 0 to 2048
[  196.210022][T12468] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.245868][T12477] loop4: detected capacity change from 0 to 128
[  196.271630][T12477] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  196.285288][T12483] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12483 comm=syz.6.2982
[  196.285534][T12477] ext4 filesystem being mounted at /119/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  196.347738][T10662] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  196.428813][T12486] loop4: detected capacity change from 0 to 512
[  196.436786][T12486] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  196.453733][T12486] EXT4-fs (loop4): 1 truncate cleaned up
[  196.460734][T12486] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.477259][T10446] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.489407][T12485] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2983'.
[  196.552532][T12493] FAULT_INJECTION: forcing a failure.
[  196.552532][T12493] name failslab, interval 1, probability 0, space 0, times 0
[  196.565329][T12493] CPU: 1 UID: 0 PID: 12493 Comm:  Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  196.565378][T12493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  196.565395][T12493] Call Trace:
[  196.565403][T12493]  <TASK>
[  196.565413][T12493]  __dump_stack+0x1d/0x30
[  196.565481][T12493]  dump_stack_lvl+0xe8/0x140
[  196.565515][T12493]  dump_stack+0x15/0x1b
[  196.565607][T12493]  should_fail_ex+0x265/0x280
[  196.565767][T12493]  should_failslab+0x8c/0xb0
[  196.565821][T12493]  kmem_cache_alloc_node_noprof+0x57/0x320
[  196.565849][T12493]  ? __alloc_skb+0x101/0x320
[  196.565885][T12493]  __alloc_skb+0x101/0x320
[  196.565948][T12493]  netlink_alloc_large_skb+0xba/0xf0
[  196.565995][T12493]  netlink_sendmsg+0x3cf/0x6b0
[  196.566015][T12493]  ? __pfx_netlink_sendmsg+0x10/0x10
[  196.566038][T12493]  __sock_sendmsg+0x142/0x180
[  196.566070][T12493]  ____sys_sendmsg+0x31e/0x4e0
[  196.566151][T12493]  ___sys_sendmsg+0x17b/0x1d0
[  196.566182][T12493]  __x64_sys_sendmsg+0xd4/0x160
[  196.566266][T12493]  x64_sys_call+0x2999/0x2fb0
[  196.566292][T12493]  do_syscall_64+0xd2/0x200
[  196.566314][T12493]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  196.566351][T12493]  ? clear_bhb_loop+0x40/0x90
[  196.566427][T12493]  ? clear_bhb_loop+0x40/0x90
[  196.566448][T12493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.566473][T12493] RIP: 0033:0x7f21d1b4e929
[  196.566488][T12493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.566512][T12493] RSP: 002b:00007f21d01b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.566534][T12493] RAX: ffffffffffffffda RBX: 00007f21d1d75fa0 RCX: 00007f21d1b4e929
[  196.566602][T12493] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000005
[  196.566618][T12493] RBP: 00007f21d01b7090 R08: 0000000000000000 R09: 0000000000000000
[  196.566629][T12493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.566640][T12493] R13: 0000000000000000 R14: 00007f21d1d75fa0 R15: 00007fff33369428
[  196.566659][T12493]  </TASK>
[  196.649359][T12466] Set syz1 is full, maxelem 65536 reached
[  196.810813][T10662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.840895][T12501] loop3: detected capacity change from 0 to 1024
[  196.851384][T12501] EXT4-fs: Ignoring removed orlov option
[  196.858513][T12504] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2991'.
[  196.870112][T12501] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.884531][T12498] loop2: detected capacity change from 0 to 164
[  196.891156][T12498] iso9660: Unknown parameter 'no‚ompress'
[  196.907025][T12504] loop6: detected capacity change from 0 to 1024
[  196.907444][T12498] lo speed is unknown, defaulting to 1000
[  196.920551][T12504] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  196.931170][T12504] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  196.942992][T10590] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.950664][T12498] lo speed is unknown, defaulting to 1000
[  196.958201][T12507] FAULT_INJECTION: forcing a failure.
[  196.958201][T12507] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.971393][T12507] CPU: 0 UID: 0 PID: 12507 Comm: syz.4.2992 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  196.971420][T12507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  196.971453][T12507] Call Trace:
[  196.971461][T12507]  <TASK>
[  196.971470][T12507]  __dump_stack+0x1d/0x30
[  196.971496][T12507]  dump_stack_lvl+0xe8/0x140
[  196.971518][T12507]  dump_stack+0x15/0x1b
[  196.971616][T12507]  should_fail_ex+0x265/0x280
[  196.971649][T12507]  should_fail+0xb/0x20
[  196.971678][T12507]  should_fail_usercopy+0x1a/0x20
[  196.971791][T12507]  _copy_from_user+0x1c/0xb0
[  196.971813][T12507]  kstrtouint_from_user+0x69/0xf0
[  196.971850][T12507]  ? 0xffffffff81000000
[  196.971867][T12507]  ? selinux_file_permission+0x1e4/0x320
[  196.971962][T12507]  proc_fail_nth_write+0x50/0x160
[  196.971983][T12507]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  196.972008][T12507]  vfs_write+0x269/0x8e0
[  196.972098][T12507]  ? vfs_read+0x47f/0x6f0
[  196.972131][T12507]  ? __rcu_read_unlock+0x4f/0x70
[  196.972209][T12507]  ? __fget_files+0x184/0x1c0
[  196.972236][T12507]  ksys_write+0xda/0x1a0
[  196.972258][T12507]  __x64_sys_write+0x40/0x50
[  196.972275][T12507]  x64_sys_call+0x2cdd/0x2fb0
[  196.972365][T12507]  do_syscall_64+0xd2/0x200
[  196.972382][T12507]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  196.972474][T12507]  ? clear_bhb_loop+0x40/0x90
[  196.972498][T12507]  ? clear_bhb_loop+0x40/0x90
[  196.972526][T12507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.972582][T12507] RIP: 0033:0x7fe8c41ed3df
[  196.972600][T12507] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  196.972618][T12507] RSP: 002b:00007fe8c2857030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  196.972636][T12507] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe8c41ed3df
[  196.972649][T12507] RDX: 0000000000000001 RSI: 00007fe8c28570a0 RDI: 0000000000000007
[  196.972741][T12507] RBP: 00007fe8c2857090 R08: 0000000000000000 R09: 0000000000000000
[  196.972758][T12507] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  196.972770][T12507] R13: 0000000000000000 R14: 00007fe8c4415fa0 R15: 00007ffe93e397e8
[  196.972790][T12507]  </TASK>
[  196.978091][T12504] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  197.216486][T12504] EXT4-fs error (device loop6): ext4_map_blocks:780: inode #3: block 2: comm syz.6.2991: lblock 2 mapped to illegal pblock 2 (length 1)
[  197.230913][T12504] EXT4-fs (loop6): Remounting filesystem read-only
[  197.237486][T12504] __quota_error: 49 callbacks suppressed
[  197.237504][T12504] Quota error (device loop6): qtree_write_dquot: dquota write failed
[  197.238129][T12513] loop3: detected capacity change from 0 to 128
[  197.243238][T12504] Quota error (device loop6): v2_write_file_info: Can't write info structure
[  197.253498][T12511] loop4: detected capacity change from 0 to 2048
[  197.257900][T12504] EXT4-fs (loop6): 1 orphan inode deleted
[  197.268961][T12513] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  197.273534][T12504] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.279059][T12513] ext4 filesystem being mounted at /124/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  197.304038][T12504] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.349417][   T29] audit: type=1326 audit(2000000010.290:19919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12503 comm="syz.6.2991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f21d1b4d290 code=0x7ffc0000
[  197.373155][   T29] audit: type=1326 audit(2000000010.290:19920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12503 comm="syz.6.2991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f21d1b4e52b code=0x7ffc0000
[  197.387971][T12511] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.396706][   T29] audit: type=1326 audit(2000000010.290:19921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12503 comm="syz.6.2991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f21d1b4d58a code=0x7ffc0000
[  197.432326][   T29] audit: type=1326 audit(2000000010.290:19922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12503 comm="syz.6.2991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  197.456856][   T29] audit: type=1326 audit(2000000010.290:19923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12503 comm="syz.6.2991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  197.459674][T10590] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  197.480536][   T29] audit: type=1326 audit(2000000010.290:19924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12503 comm="syz.6.2991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  197.513328][   T29] audit: type=1326 audit(2000000010.290:19925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12503 comm="syz.6.2991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  197.513742][T12504] loop6: detected capacity change from 0 to 512
[  197.536995][   T29] audit: type=1326 audit(2000000010.290:19926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12503 comm="syz.6.2991" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  197.579225][T12504] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.2991: Failed to acquire dquot type 1
[  197.591605][T12504] EXT4-fs (loop6): 1 truncate cleaned up
[  197.607252][T12504] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.625949][T12504] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.639737][T12504] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.706448][T10662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.745533][T12528] loop4: detected capacity change from 0 to 512
[  197.755236][T12526] loop2: detected capacity change from 0 to 8192
[  197.756045][T12528] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  197.778425][T12528] EXT4-fs (loop4): 1 truncate cleaned up
[  197.784637][T12528] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.785171][T12531] netlink: 'syz.3.2999': attribute type 2 has an invalid length.
[  197.817776][T12528] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2998'.
[  197.871192][T10662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.888501][T12540] loop3: detected capacity change from 0 to 128
[  197.902804][T12542] loop4: detected capacity change from 0 to 1024
[  197.903036][T12542] EXT4-fs: Ignoring removed orlov option
[  197.905401][T12542] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.957513][T12536] loop2: detected capacity change from 0 to 512
[  197.957840][T12536] EXT4-fs: Ignoring removed i_version option
[  197.958183][T12536] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  197.966057][T12536] EXT4-fs (loop2): 1 truncate cleaned up
[  198.018770][T12552] Restarting kernel threads ...
[  198.019003][T12552] Done restarting kernel threads.
[  198.062813][T12558] loop4: detected capacity change from 0 to 164
[  198.073387][T12558] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  198.100573][T12558] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  198.100788][T12558] Symlink component flag not implemented
[  198.114491][T12558] Symlink component flag not implemented
[  198.125470][T12558] Symlink component flag not implemented (7)
[  198.125487][T12558] Symlink component flag not implemented (116)
[  198.215349][T12567] FAULT_INJECTION: forcing a failure.
[  198.215349][T12567] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.215419][T12567] CPU: 1 UID: 0 PID: 12567 Comm: syz.2.3012 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  198.215444][T12567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.215512][T12567] Call Trace:
[  198.215518][T12567]  <TASK>
[  198.215528][T12567]  __dump_stack+0x1d/0x30
[  198.215551][T12567]  dump_stack_lvl+0xe8/0x140
[  198.215573][T12567]  dump_stack+0x15/0x1b
[  198.215592][T12567]  should_fail_ex+0x265/0x280
[  198.215663][T12567]  should_fail+0xb/0x20
[  198.215759][T12567]  should_fail_usercopy+0x1a/0x20
[  198.215788][T12567]  _copy_from_user+0x1c/0xb0
[  198.215807][T12567]  __sys_bpf+0x178/0x790
[  198.215960][T12567]  __x64_sys_bpf+0x41/0x50
[  198.216130][T12567]  x64_sys_call+0x2478/0x2fb0
[  198.216157][T12567]  do_syscall_64+0xd2/0x200
[  198.216181][T12567]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  198.216274][T12567]  ? clear_bhb_loop+0x40/0x90
[  198.216298][T12567]  ? clear_bhb_loop+0x40/0x90
[  198.216376][T12567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.216395][T12567] RIP: 0033:0x7f0a7119e929
[  198.216408][T12567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.216446][T12567] RSP: 002b:00007f0a6f807038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  198.216520][T12567] RAX: ffffffffffffffda RBX: 00007f0a713c5fa0 RCX: 00007f0a7119e929
[  198.216615][T12567] RDX: 0000000000000090 RSI: 00002000000001c0 RDI: 0000000000000005
[  198.216632][T12567] RBP: 00007f0a6f807090 R08: 0000000000000000 R09: 0000000000000000
[  198.216649][T12567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.216666][T12567] R13: 0000000000000000 R14: 00007f0a713c5fa0 R15: 00007ffd170a9ba8
[  198.216691][T12567]  </TASK>
[  198.262933][T12570] loop2: detected capacity change from 0 to 1024
[  198.263287][T12570] EXT4-fs: Ignoring removed orlov option
[  198.341506][T12579] loop2: detected capacity change from 0 to 1024
[  198.341785][T12579] EXT4-fs: Ignoring removed orlov option
[  198.402853][T12573] loop4: detected capacity change from 0 to 8192
[  198.509878][T12583] loop6: detected capacity change from 0 to 128
[  198.510499][T12583] EXT4-fs warning (device loop6): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  198.510535][T12583] EXT4-fs (loop6): Couldn't mount because of unsupported optional features (fffc1829)
[  198.824298][T12593] loop2: detected capacity change from 0 to 1024
[  198.859979][T12597] loop4: detected capacity change from 0 to 2048
[  198.869317][T12593] FAULT_INJECTION: forcing a failure.
[  198.869317][T12593] name failslab, interval 1, probability 0, space 0, times 0
[  198.882040][T12593] CPU: 0 UID: 0 PID: 12593 Comm: syz.2.3023 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  198.882076][T12593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.882159][T12593] Call Trace:
[  198.882168][T12593]  <TASK>
[  198.882178][T12593]  __dump_stack+0x1d/0x30
[  198.882205][T12593]  dump_stack_lvl+0xe8/0x140
[  198.882229][T12593]  dump_stack+0x15/0x1b
[  198.882250][T12593]  should_fail_ex+0x265/0x280
[  198.882289][T12593]  should_failslab+0x8c/0xb0
[  198.882363][T12593]  __kmalloc_noprof+0xa5/0x3e0
[  198.882415][T12593]  ? ext4_find_extent+0x16b/0x7a0
[  198.882449][T12593]  ext4_find_extent+0x16b/0x7a0
[  198.882482][T12593]  ? folio_mark_accessed+0x240/0x3d0
[  198.882523][T12593]  ext4_ext_map_blocks+0x11f/0x38a0
[  198.882644][T12593]  ? bdev_getblk+0x66/0x3d0
[  198.882675][T12593]  ? ext4_get_group_desc+0x16b/0x190
[  198.882696][T12593]  ? from_kprojid+0x159/0x380
[  198.882791][T12593]  ? ext4_fc_track_inode+0x9f/0x530
[  198.882855][T12593]  ? mark_buffer_dirty+0xf8/0x210
[  198.882887][T12593]  ? ext4_es_lookup_extent+0x352/0x4f0
[  198.882918][T12593]  ext4_map_blocks+0x61c/0xd70
[  198.883020][T12593]  ext4_alloc_file_blocks+0x28b/0x720
[  198.883054][T12593]  ext4_fallocate+0x2b8/0x660
[  198.883143][T12593]  vfs_fallocate+0x413/0x450
[  198.883169][T12593]  __x64_sys_fallocate+0x7a/0xd0
[  198.883192][T12593]  x64_sys_call+0x2b88/0x2fb0
[  198.883229][T12593]  do_syscall_64+0xd2/0x200
[  198.883249][T12593]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  198.883280][T12593]  ? clear_bhb_loop+0x40/0x90
[  198.883304][T12593]  ? clear_bhb_loop+0x40/0x90
[  198.883344][T12593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.883369][T12593] RIP: 0033:0x7f0a7119e929
[  198.883387][T12593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.883420][T12593] RSP: 002b:00007f0a6f807038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  198.883440][T12593] RAX: ffffffffffffffda RBX: 00007f0a713c5fa0 RCX: 00007f0a7119e929
[  198.883456][T12593] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  198.883472][T12593] RBP: 00007f0a6f807090 R08: 0000000000000000 R09: 0000000000000000
[  198.883486][T12593] R10: 00000000001001f0 R11: 0000000000000246 R12: 0000000000000002
[  198.883500][T12593] R13: 0000000000000000 R14: 00007f0a713c5fa0 R15: 00007ffd170a9ba8
[  198.883523][T12593]  </TASK>
[  199.133964][T12597] Alternate GPT is invalid, using primary GPT.
[  199.140327][T12597]  loop4: p1 p2 p3
[  199.180043][T12609] loop4: detected capacity change from 0 to 512
[  199.188230][T12609] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  199.197452][T12609] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  199.206472][T12607] loop3: detected capacity change from 0 to 512
[  199.214426][T12609] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  199.232479][T12609] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  199.243374][T12607] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  199.267365][T12609] System zones: 0-2, 18-18, 34-35
[  199.292606][T12607] EXT4-fs (loop3): orphan cleanup on readonly fs
[  199.301549][T12607] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.3026: Block bitmap for bg 0 marked uninitialized
[  199.316040][T12607] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  199.329552][T12607] EXT4-fs (loop3): 1 orphan inode deleted
[  199.386192][T12623] loop6: detected capacity change from 0 to 2048
[  199.401665][T12625] loop2: detected capacity change from 0 to 1024
[  199.409226][T12625] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  199.419305][T12623] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3033'.
[  199.420652][T12625] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  199.429430][T12623] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3033'.
[  199.455022][T12625] EXT4-fs (loop2): orphan cleanup on readonly fs
[  199.473132][T12625] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.3032: Invalid inode table block 0 in block_group 0
[  199.486991][T12625] EXT4-fs (loop2): Remounting filesystem read-only
[  199.494034][T12625] EXT4-fs (loop2): 1 truncate cleaned up
[  199.695772][T12644] loop6: detected capacity change from 0 to 164
[  199.703869][T12644] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  199.716583][T12644] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  199.724991][T12644] Symlink component flag not implemented
[  199.730718][T12644] Symlink component flag not implemented
[  199.737214][T12644] Symlink component flag not implemented (7)
[  199.743217][T12644] Symlink component flag not implemented (116)
[  199.766591][T10261] vhci_hcd: vhci_device speed not set
[  199.778792][T12646] loop2: detected capacity change from 0 to 1024
[  199.783016][T12649] loop6: detected capacity change from 0 to 1024
[  199.786069][T12646] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  199.794271][T12649] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  199.802544][T12646] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  199.813360][T12649] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  199.822655][T12646] EXT4-fs error (device loop2): ext4_get_journal_inode:5796: inode #32: comm syz.2.3039: iget: special inode unallocated
[  199.829950][T12649] EXT4-fs (loop6): orphan cleanup on readonly fs
[  199.843663][T12646] EXT4-fs (loop2): no journal found
[  199.851407][T12649] EXT4-fs error (device loop6): __ext4_get_inode_loc:4792: comm syz.6.3040: Invalid inode table block 0 in block_group 0
[  199.867942][T12649] EXT4-fs (loop6): Remounting filesystem read-only
[  199.874622][T12649] EXT4-fs (loop6): 1 truncate cleaned up
[  200.067320][T12660] loop6: detected capacity change from 0 to 512
[  200.088715][T12658] loop3: detected capacity change from 0 to 8192
[  200.098713][T12660] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  200.126236][T12660] EXT4-fs (loop6): 1 truncate cleaned up
[  200.133521][T12660] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3044'.
[  200.163547][T12663] loop3: detected capacity change from 0 to 128
[  200.172021][T12663] ext4 filesystem being mounted at /131/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  200.233414][T12670] FAULT_INJECTION: forcing a failure.
[  200.233414][T12670] name failslab, interval 1, probability 0, space 0, times 0
[  200.246189][T12670] CPU: 0 UID: 0 PID: 12670 Comm: syz.6.3049 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  200.246258][T12670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  200.246271][T12670] Call Trace:
[  200.246278][T12670]  <TASK>
[  200.246302][T12670]  __dump_stack+0x1d/0x30
[  200.246324][T12670]  dump_stack_lvl+0xe8/0x140
[  200.246427][T12670]  dump_stack+0x15/0x1b
[  200.246449][T12670]  should_fail_ex+0x265/0x280
[  200.246487][T12670]  should_failslab+0x8c/0xb0
[  200.246516][T12670]  kmem_cache_alloc_node_noprof+0x57/0x320
[  200.246556][T12670]  ? __alloc_skb+0x101/0x320
[  200.246622][T12670]  __alloc_skb+0x101/0x320
[  200.246735][T12670]  netlink_alloc_large_skb+0xba/0xf0
[  200.246776][T12670]  netlink_sendmsg+0x3cf/0x6b0
[  200.246840][T12670]  ? __pfx_netlink_sendmsg+0x10/0x10
[  200.246934][T12670]  __sock_sendmsg+0x142/0x180
[  200.246963][T12670]  ____sys_sendmsg+0x31e/0x4e0
[  200.247052][T12670]  ___sys_sendmsg+0x17b/0x1d0
[  200.247100][T12670]  __x64_sys_sendmsg+0xd4/0x160
[  200.247129][T12670]  x64_sys_call+0x2999/0x2fb0
[  200.247157][T12670]  do_syscall_64+0xd2/0x200
[  200.247246][T12670]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  200.247277][T12670]  ? clear_bhb_loop+0x40/0x90
[  200.247349][T12670]  ? clear_bhb_loop+0x40/0x90
[  200.247377][T12670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.247403][T12670] RIP: 0033:0x7f21d1b4e929
[  200.247482][T12670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.247506][T12670] RSP: 002b:00007f21d01b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.247529][T12670] RAX: ffffffffffffffda RBX: 00007f21d1d75fa0 RCX: 00007f21d1b4e929
[  200.247544][T12670] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005
[  200.247559][T12670] RBP: 00007f21d01b7090 R08: 0000000000000000 R09: 0000000000000000
[  200.247574][T12670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.247600][T12670] R13: 0000000000000000 R14: 00007f21d1d75fa0 R15: 00007fff33369428
[  200.247639][T12670]  </TASK>
[  200.468188][T12672] loop3: detected capacity change from 0 to 1024
[  200.474995][T12672] EXT4-fs: Ignoring removed orlov option
[  200.494176][T12674] loop2: detected capacity change from 0 to 2048
[  200.611405][T12682] loop6: detected capacity change from 0 to 512
[  200.618897][T12682] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  200.629561][T12682] EXT4-fs (loop6): orphan cleanup on readonly fs
[  200.636502][T12682] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:517: comm syz.6.3052: Block bitmap for bg 0 marked uninitialized
[  200.650437][T12682] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  200.660156][T12682] EXT4-fs (loop6): 1 orphan inode deleted
[  200.744099][T12687] loop3: detected capacity change from 0 to 1024
[  200.751495][T12687] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  200.762868][T12687] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  200.771450][T12687] EXT4-fs (loop3): orphan cleanup on readonly fs
[  200.778424][T12687] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.3053: Invalid inode table block 0 in block_group 0
[  200.792726][T12687] EXT4-fs (loop3): Remounting filesystem read-only
[  200.799494][T12687] EXT4-fs (loop3): 1 truncate cleaned up
[  200.808236][T12693] loop2: detected capacity change from 0 to 1024
[  200.837302][T12697] loop8: detected capacity change from 0 to 1024
[  200.844273][T12697] EXT4-fs: Ignoring removed orlov option
[  200.981806][T12702] loop3: detected capacity change from 0 to 1024
[  200.988666][T12702] EXT4-fs: Ignoring removed orlov option
[  201.100870][T12706] loop8: detected capacity change from 0 to 2048
[  201.189493][T12710] loop8: detected capacity change from 0 to 128
[  201.197932][T12710] ext4 filesystem being mounted at /110/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  201.262886][T12715] netlink: 1057 bytes leftover after parsing attributes in process `syz.8.3061'.
[  201.317142][T12717] loop3: detected capacity change from 0 to 8192
[  201.326221][T12719] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.387558][T12721] loop3: detected capacity change from 0 to 8192
[  201.396328][T12719] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.452350][T12719] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.512449][T12719] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.523373][T12736] loop3: detected capacity change from 0 to 128
[  201.535483][T12738] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3072'.
[  201.536473][T12736] ext4 filesystem being mounted at /141/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  201.548710][T12738] netlink: 14593 bytes leftover after parsing attributes in process `syz.4.3072'.
[  201.658106][T12719] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.679084][T12719] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.696095][T12742] loop3: detected capacity change from 0 to 512
[  201.720092][T12719] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.733961][T12719] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.743316][T12748] loop6: detected capacity change from 0 to 1024
[  201.744367][T12742] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.771285][T12748] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3075'.
[  201.773201][T12742] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.3074: corrupted xattr block 19: overlapping e_value 
[  201.792637][T12754] loop2: detected capacity change from 0 to 1024
[  201.796018][T12742] EXT4-fs (loop3): Remounting filesystem read-only
[  201.807237][T12742] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  201.819286][T12742] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  201.839242][T12755] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  201.851057][T12754] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.853782][T12742] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  201.871187][T12742] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  201.883637][T12742] SELinux: syz.3.3074 (12742) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  201.972597][T12770] loop6: detected capacity change from 0 to 164
[  201.980386][T12770] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  202.007974][T12770] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  202.019662][T12770] Symlink component flag not implemented
[  202.025438][T12770] Symlink component flag not implemented
[  202.035668][T12770] Symlink component flag not implemented (7)
[  202.042037][T12770] Symlink component flag not implemented (116)
[  202.071724][T12774] loop6: detected capacity change from 0 to 256
[  202.098104][T12776] loop3: detected capacity change from 0 to 512
[  202.106170][T12777] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #15: block 3: comm syz.2.3077: lblock 3 mapped to illegal pblock 3 (length 1)
[  202.122523][T12777] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  202.135108][T12777] EXT4-fs (loop2): This should not happen!! Data will be lost
[  202.135108][T12777] 
[  202.148810][T12776] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  202.162056][T12776] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3086: corrupted inode contents
[  202.174597][T12776] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3086: mark_inode_dirty error
[  202.202415][T12776] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3086: corrupted inode contents
[  202.231988][T12776] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.3086: mark_inode_dirty error
[  202.244679][T12788] loop6: detected capacity change from 0 to 1024
[  202.251673][T12788] EXT4-fs: Ignoring removed orlov option
[  202.258522][   T29] kauditd_printk_skb: 1469 callbacks suppressed
[  202.258538][   T29] audit: type=1400 audit(2000000015.200:21388): avc:  denied  { mac_admin } for  pid=12775 comm="syz.3.3086" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  202.258565][T12776] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  202.295831][   T29] audit: type=1400 audit(2000000015.230:21389): avc:  denied  { relabelto } for  pid=12775 comm="syz.3.3086" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  202.327248][T12776] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3086: corrupted inode contents
[  202.351413][T12791] loop2: detected capacity change from 0 to 8192
[  202.358149][T12776] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz.3.3086: mark_inode_dirty error
[  202.380381][T12776] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz.3.3086: corrupted inode contents
[  202.418867][T12776] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 21: comm syz.3.3086: path /146/bus: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=1953724787, rec_len=28005, size=2048 fake=0
[  202.423131][   T29] audit: type=1400 audit(2000000015.360:21390): avc:  denied  { rename } for  pid=12775 comm="syz.3.3086" name="bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  202.461221][   T29] audit: type=1400 audit(2000000015.360:21391): avc:  denied  { unlink } for  pid=12775 comm="syz.3.3086" name="file0" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  202.507851][T12803] FAULT_INJECTION: forcing a failure.
[  202.507851][T12803] name failslab, interval 1, probability 0, space 0, times 0
[  202.520695][T12803] CPU: 0 UID: 0 PID: 12803 Comm: syz.2.3095 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  202.520730][T12803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  202.520746][T12803] Call Trace:
[  202.520753][T12803]  <TASK>
[  202.520761][T12803]  __dump_stack+0x1d/0x30
[  202.520881][T12803]  dump_stack_lvl+0xe8/0x140
[  202.520903][T12803]  dump_stack+0x15/0x1b
[  202.520918][T12803]  should_fail_ex+0x265/0x280
[  202.520947][T12803]  should_failslab+0x8c/0xb0
[  202.521048][T12803]  __kvmalloc_node_noprof+0x123/0x4e0
[  202.521075][T12803]  ? bpf_test_run_xdp_live+0xed/0xfe0
[  202.521120][T12803]  bpf_test_run_xdp_live+0xed/0xfe0
[  202.521236][T12803]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  202.521277][T12803]  ? __pfx_autoremove_wake_function+0x10/0x10
[  202.521320][T12803]  ? 0xffffffffa02053c0
[  202.521409][T12803]  ? synchronize_rcu+0x45/0x320
[  202.521445][T12803]  ? 0xffffffffa02053c0
[  202.521461][T12803]  ? 0xffffffffa02053c0
[  202.521546][T12803]  ? bpf_dispatcher_change_prog+0x6ec/0x7f0
[  202.521583][T12803]  ? 0xffffffffa0204690
[  202.521619][T12803]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  202.521653][T12803]  bpf_prog_test_run_xdp+0x4f5/0x910
[  202.521693][T12803]  ? __rcu_read_unlock+0x4f/0x70
[  202.521717][T12803]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  202.521823][T12803]  bpf_prog_test_run+0x22a/0x390
[  202.521850][T12803]  __sys_bpf+0x3dc/0x790
[  202.521983][T12803]  __x64_sys_bpf+0x41/0x50
[  202.522010][T12803]  x64_sys_call+0x2478/0x2fb0
[  202.522033][T12803]  do_syscall_64+0xd2/0x200
[  202.522055][T12803]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  202.522137][T12803]  ? clear_bhb_loop+0x40/0x90
[  202.522200][T12803]  ? clear_bhb_loop+0x40/0x90
[  202.522278][T12803]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.522371][T12803] RIP: 0033:0x7f0a7119e929
[  202.522386][T12803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.522404][T12803] RSP: 002b:00007f0a6f807038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  202.522490][T12803] RAX: ffffffffffffffda RBX: 00007f0a713c5fa0 RCX: 00007f0a7119e929
[  202.522502][T12803] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  202.522514][T12803] RBP: 00007f0a6f807090 R08: 0000000000000000 R09: 0000000000000000
[  202.522529][T12803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.522544][T12803] R13: 0000000000000000 R14: 00007f0a713c5fa0 R15: 00007ffd170a9ba8
[  202.522625][T12803]  </TASK>
[  202.522950][T10590] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #2: comm syz-executor: corrupted inode contents
[  202.785489][T10590] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #2: comm syz-executor: mark_inode_dirty error
[  202.808486][T12800] loop4: detected capacity change from 0 to 2048
[  202.915339][T12816] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  202.933982][   T29] audit: type=1400 audit(2000000015.850:21392): avc:  denied  { read write } for  pid=12815 comm="syz.6.3098" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  202.957858][   T29] audit: type=1400 audit(2000000015.850:21393): avc:  denied  { open } for  pid=12815 comm="syz.6.3098" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  202.969255][T12818] loop3: detected capacity change from 0 to 164
[  202.981582][   T29] audit: type=1400 audit(2000000015.850:21394): avc:  denied  { ioctl } for  pid=12815 comm="syz.6.3098" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  202.988000][T12816] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  203.026163][T12818] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  203.048522][T12818] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  203.058505][T12818] Symlink component flag not implemented
[  203.064210][T12818] Symlink component flag not implemented
[  203.074224][T12818] Symlink component flag not implemented (7)
[  203.080362][T12818] Symlink component flag not implemented (116)
[  203.088308][T12820] netlink: 'syz.4.3101': attribute type 2 has an invalid length.
[  203.148745][T12823] SELinux: syz.4.3103 (12823) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  203.186610][   T29] audit: type=1326 audit(2000000016.120:21395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12826 comm="syz.3.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  203.210319][   T29] audit: type=1326 audit(2000000016.120:21396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12826 comm="syz.3.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  203.214268][T12824] lo speed is unknown, defaulting to 1000
[  203.234014][   T29] audit: type=1326 audit(2000000016.120:21397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12826 comm="syz.3.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  203.278735][T12830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3105'.
[  203.287963][T12830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3105'.
[  203.297017][T12830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3105'.
[  203.305309][T12824] lo speed is unknown, defaulting to 1000
[  203.334415][T12830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3105'.
[  203.343703][T12830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3105'.
[  203.352906][T12830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3105'.
[  203.446952][T12845] loop2: detected capacity change from 0 to 2048
[  203.490511][T12846] loop3: detected capacity change from 0 to 8192
[  203.515439][T12848] loop4: detected capacity change from 0 to 2048
[  203.550023][T12853] loop3: detected capacity change from 0 to 1024
[  203.558640][T12853] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  203.602233][T12857] loop6: detected capacity change from 0 to 512
[  203.612062][T12853] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  203.635843][T12857] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  203.647330][T12853] EXT4-fs (loop3): orphan cleanup on readonly fs
[  203.662384][T12853] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.3113: Invalid inode table block 0 in block_group 0
[  203.701579][T12863] loop2: detected capacity change from 0 to 164
[  203.710700][T12857] EXT4-fs (loop6): 1 truncate cleaned up
[  203.733791][T12853] EXT4-fs (loop3): Remounting filesystem read-only
[  203.744106][T12863] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  203.753320][T12866] loop4: detected capacity change from 0 to 1024
[  203.754077][T12853] EXT4-fs (loop3): 1 truncate cleaned up
[  203.772639][T12863] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  203.782035][T12863] Symlink component flag not implemented
[  203.787809][T12863] Symlink component flag not implemented
[  203.814988][T12863] Symlink component flag not implemented (7)
[  203.821073][T12863] Symlink component flag not implemented (116)
[  204.083069][T12879] loop2: detected capacity change from 0 to 1024
[  204.098780][T12879] EXT4-fs: inline encryption not supported
[  204.133517][T12879] EXT4-fs: Ignoring removed bh option
[  204.214159][T12883] loop6: detected capacity change from 0 to 512
[  204.248954][T12883] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  204.278457][T12879] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.3121: Allocating blocks 385-513 which overlap fs metadata
[  204.335209][T12883] EXT4-fs error (device loop6): ext4_get_branch:178: inode #11: block 4294967295: comm syz.6.3123: invalid block
[  204.385912][T12879] EXT4-fs (loop2): Remounting filesystem read-only
[  204.406913][T12878] EXT4-fs (loop2): pa ffff888106d18d20: logic 16, phys. 129, len 24
[  204.417670][T12883] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.3123: invalid indirect mapped block 4294967295 (level 1)
[  204.434487][T12887] loop3: detected capacity change from 0 to 8192
[  204.441461][T12883] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.3123: invalid indirect mapped block 4294967295 (level 1)
[  204.455836][T12883] EXT4-fs (loop6): 2 truncates cleaned up
[  204.531579][T12895] loop3: detected capacity change from 0 to 2048
[  204.538451][T12893] loop6: detected capacity change from 0 to 2048
[  204.563218][T12897] loop2: detected capacity change from 0 to 512
[  204.570998][T12897] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  204.592494][T12897] EXT4-fs (loop2): 1 truncate cleaned up
[  204.686196][T12910] futex_wake_op: syz.2.3132 tries to shift op by -1; fix this program
[  204.703467][T12912] loop6: detected capacity change from 0 to 1024
[  204.725351][T12914] smc: net device bond0 applied user defined pnetid SYZ0
[  204.732748][T12914] smc: net device bond0 erased user defined pnetid SYZ0
[  204.797093][T12912] EXT4-fs: Ignoring removed nobh option
[  204.802786][T12912] EXT4-fs: Ignoring removed bh option
[  204.848029][T12925] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  204.855292][T12925] IPv6: NLM_F_CREATE should be set when creating new route
[  204.862558][T12925] IPv6: NLM_F_CREATE should be set when creating new route
[  204.998429][T12925] loop4: detected capacity change from 0 to 1024
[  205.041686][T12925] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  205.052760][T12925] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  205.130918][T12925] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  205.175540][T12925] JBD2: no valid journal superblock found
[  205.181403][T12925] EXT4-fs (loop4): Could not load journal inode
[  205.663171][T12937] lo speed is unknown, defaulting to 1000
[  205.697487][T12937] lo speed is unknown, defaulting to 1000
[  205.884630][T12951] loop6: detected capacity change from 0 to 512
[  205.891929][T12951] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  205.905132][T12951] EXT4-fs (loop6): 1 truncate cleaned up
[  206.009461][T12954] smc: net device bond0 applied user defined pnetid SYZ0
[  206.019038][T12954] smc: net device bond0 erased user defined pnetid SYZ0
[  206.055193][T12956] loop2: detected capacity change from 0 to 2048
[  206.432501][T12964] loop2: detected capacity change from 0 to 2048
[  206.512887][T12972] loop6: detected capacity change from 0 to 164
[  206.534635][T12972] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  206.572705][T12972] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  206.603721][T12972] Symlink component flag not implemented
[  206.609492][T12972] Symlink component flag not implemented
[  206.642732][T12972] Symlink component flag not implemented (7)
[  206.648815][T12972] Symlink component flag not implemented (116)
[  206.712322][T12979] loop6: detected capacity change from 0 to 512
[  206.748981][T12979] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  206.777268][T12979] EXT4-fs (loop6): 1 truncate cleaned up
[  206.844394][T12992] smc: net device bond0 applied user defined pnetid SYZ0
[  206.857287][T12992] smc: net device bond0 erased user defined pnetid SYZ0
[  206.908376][T12995] loop3: detected capacity change from 0 to 2048
[  206.950649][T13004] loop4: detected capacity change from 0 to 2048
[  207.019955][T13017] loop6: detected capacity change from 0 to 164
[  207.031312][T13017] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  207.056692][T13017] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  207.067049][T13017] Symlink component flag not implemented
[  207.072737][T13017] Symlink component flag not implemented
[  207.079542][T13022] __nla_validate_parse: 5 callbacks suppressed
[  207.079559][T13022] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3170'.
[  207.094843][T13017] Symlink component flag not implemented (7)
[  207.100939][T13017] Symlink component flag not implemented (116)
[  207.148887][T13029] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  207.159910][T13028] smc: net device bond0 applied user defined pnetid SYZ0
[  207.164073][T13029] loop6: detected capacity change from 0 to 1024
[  207.167474][T13028] smc: net device bond0 erased user defined pnetid SYZ0
[  207.175460][T13029] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  207.191499][T13029] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  207.202481][T13029] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  207.253889][T13029] JBD2: no valid journal superblock found
[  207.259719][T13029] EXT4-fs (loop6): Could not load journal inode
[  207.287441][T13044] loop2: detected capacity change from 0 to 512
[  207.295435][T13044] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  207.310424][T13044] EXT4-fs (loop2): 1 truncate cleaned up
[  207.347973][T13052] loop4: detected capacity change from 0 to 2048
[  207.357748][T13053] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3182'.
[  207.367470][T13049] loop6: detected capacity change from 0 to 2048
[  207.369173][   T29] kauditd_printk_skb: 462 callbacks suppressed
[  207.369257][   T29] audit: type=1326 audit(2000000020.310:21858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.3.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  207.405160][   T29] audit: type=1326 audit(2000000020.310:21859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.3.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  207.428843][   T29] audit: type=1326 audit(2000000020.310:21860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.3.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  207.452727][   T29] audit: type=1326 audit(2000000020.310:21861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.3.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  207.476434][   T29] audit: type=1326 audit(2000000020.320:21862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.3.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  207.500230][   T29] audit: type=1326 audit(2000000020.320:21863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.3.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  207.523863][   T29] audit: type=1326 audit(2000000020.320:21864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.3.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  207.533749][T13057] loop3: detected capacity change from 0 to 164
[  207.547433][   T29] audit: type=1326 audit(2000000020.320:21865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.3.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  207.578000][   T29] audit: type=1326 audit(2000000020.320:21866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.3.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  207.582852][T13059] smc: net device bond0 applied user defined pnetid SYZ0
[  207.601558][   T29] audit: type=1326 audit(2000000020.320:21867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.3.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28ee67e929 code=0x7ffc0000
[  207.612556][T13059] smc: net device bond0 erased user defined pnetid SYZ0
[  207.643418][T13057] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  207.655019][T13057] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  207.663710][T13057] Symlink component flag not implemented
[  207.669483][T13057] Symlink component flag not implemented
[  207.706206][T13057] Symlink component flag not implemented (7)
[  207.712380][T13057] Symlink component flag not implemented (116)
[  207.876519][T13091] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  207.934908][T13097] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3198'.
[  207.941635][T13099] loop2: detected capacity change from 0 to 2048
[  207.943870][T13097] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3198'.
[  207.966089][T13089] loop8: detected capacity change from 0 to 8192
[  207.979799][T13081] loop6: detected capacity change from 0 to 1024
[  207.986472][T13103] loop3: detected capacity change from 0 to 164
[  207.988226][T13081] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  208.003718][T13081] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  208.003826][T13103] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  208.017379][T13081] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  208.033243][T13081] JBD2: no valid journal superblock found
[  208.039063][T13081] EXT4-fs (loop6): Could not load journal inode
[  208.048317][T13103] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  208.056824][T13103] Symlink component flag not implemented
[  208.062505][T13103] Symlink component flag not implemented
[  208.082387][T13105] smc: net device bond0 applied user defined pnetid SYZ0
[  208.089565][T13103] Symlink component flag not implemented (7)
[  208.095682][T13103] Symlink component flag not implemented (116)
[  208.102568][T13105] smc: net device bond0 erased user defined pnetid SYZ0
[  208.177221][T13116] loop3: detected capacity change from 0 to 1024
[  208.189483][T13116] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  208.213261][T13116] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  208.243365][T13132] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  208.256003][T13129] loop4: detected capacity change from 0 to 8192
[  208.262520][T13116] EXT4-fs (loop3): orphan cleanup on readonly fs
[  208.274371][T13132] loop2: detected capacity change from 0 to 1024
[  208.283566][T13132] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  208.294708][T13132] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  208.306675][T13116] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.3206: Invalid inode table block 0 in block_group 0
[  208.321106][T13132] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  208.343318][T13134] loop6: detected capacity change from 0 to 2048
[  208.355796][T13116] EXT4-fs (loop3): Remounting filesystem read-only
[  208.362548][T13132] JBD2: no valid journal superblock found
[  208.368406][T13132] EXT4-fs (loop2): Could not load journal inode
[  208.374932][T13116] EXT4-fs (loop3): 1 truncate cleaned up
[  208.386878][T13136] loop8: detected capacity change from 0 to 164
[  208.414460][T13136] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  208.452998][T13136] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  208.472247][T13147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3218'.
[  208.497972][T13136] Symlink component flag not implemented
[  208.503852][T13136] Symlink component flag not implemented
[  208.505901][T13147] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3218'.
[  208.509783][T13136] Symlink component flag not implemented (7)
[  208.524813][T13136] Symlink component flag not implemented (116)
[  208.585355][T13157] smc: net device bond0 applied user defined pnetid SYZ0
[  208.597433][T13157] smc: net device bond0 erased user defined pnetid SYZ0
[  208.612032][T13161] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3225'.
[  208.687838][T13177] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  208.709675][T13175] loop3: detected capacity change from 0 to 2048
[  208.721241][T13177] loop8: detected capacity change from 0 to 1024
[  208.746233][T13177] EXT4-fs (loop8): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  208.757249][T13177] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  208.767937][T13177] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  208.785545][T13183] loop6: detected capacity change from 0 to 1024
[  208.803606][T13179] loop4: detected capacity change from 0 to 8192
[  208.804569][T13177] JBD2: no valid journal superblock found
[  208.815830][T13177] EXT4-fs (loop8): Could not load journal inode
[  208.854383][T13191] smc: net device bond0 applied user defined pnetid SYZ0
[  208.855281][T13183] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  208.872011][T13191] smc: net device bond0 erased user defined pnetid SYZ0
[  208.873891][T13193] loop8: detected capacity change from 0 to 164
[  208.897351][T13193] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  208.906246][T13183] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  208.916397][T13193] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  208.918125][T13183] EXT4-fs (loop6): orphan cleanup on readonly fs
[  208.938180][T13196] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3239'.
[  208.947726][T13193] Symlink component flag not implemented
[  208.953394][T13193] Symlink component flag not implemented
[  208.960574][T13183] EXT4-fs error (device loop6): __ext4_get_inode_loc:4792: comm syz.6.3233: Invalid inode table block 0 in block_group 0
[  208.980225][T13196] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3239'.
[  208.989402][T13193] Symlink component flag not implemented (7)
[  208.995515][T13193] Symlink component flag not implemented (116)
[  209.002849][T13183] EXT4-fs (loop6): Remounting filesystem read-only
[  209.009699][T13183] EXT4-fs (loop6): 1 truncate cleaned up
[  209.040118][T13202] smc: net device bond0 applied user defined pnetid SYZ0
[  209.048366][T13202] smc: net device bond0 erased user defined pnetid SYZ0
[  209.111488][T13200] netlink: 'syz.2.3241': attribute type 1 has an invalid length.
[  209.129035][T13200] xt_CT: No such helper "snmp_trap"
[  209.284226][T13226] loop2: detected capacity change from 0 to 2048
[  209.319876][T13231] loop3: detected capacity change from 0 to 1024
[  209.331742][T13231] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  209.342739][T13231] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  209.354086][T13231] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  209.365690][T13231] JBD2: no valid journal superblock found
[  209.371548][T13231] EXT4-fs (loop3): Could not load journal inode
[  209.394873][T13236] loop4: detected capacity change from 0 to 2048
[  209.416189][T13239] smc: net device bond0 applied user defined pnetid SYZ0
[  209.425108][T13239] smc: net device bond0 erased user defined pnetid SYZ0
[  209.429244][T13241] loop2: detected capacity change from 0 to 164
[  209.462015][T13241] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  209.511462][T13241] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  209.519899][T13244] loop3: detected capacity change from 0 to 8192
[  209.554608][T13241] Symlink component flag not implemented
[  209.560434][T13241] Symlink component flag not implemented
[  209.570244][T13241] Symlink component flag not implemented (7)
[  209.576321][T13241] Symlink component flag not implemented (116)
[  209.608354][T13258] loop3: detected capacity change from 0 to 2048
[  209.643552][T13267] loop6: detected capacity change from 0 to 2048
[  209.661606][T13269] loop2: detected capacity change from 0 to 1024
[  209.665712][T13258] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3263'.
[  209.676987][T13269] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  209.677665][T13269] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  209.707479][T13269] EXT4-fs (loop2): orphan cleanup on readonly fs
[  209.715667][T13269] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.3265: Invalid inode table block 0 in block_group 0
[  209.728811][T13269] EXT4-fs (loop2): Remounting filesystem read-only
[  209.735569][T13269] EXT4-fs (loop2): 1 truncate cleaned up
[  209.738425][T13280] smc: net device bond0 applied user defined pnetid SYZ0
[  209.774640][T13282] smc: net device bond0 erased user defined pnetid SYZ0
[  209.819412][T13284] loop6: detected capacity change from 0 to 1024
[  209.847688][T13284] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  209.858810][T13284] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  209.859329][T13293] loop3: detected capacity change from 0 to 1024
[  209.877657][T13293] EXT4-fs: Ignoring removed orlov option
[  209.884778][T13284] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  209.931501][T13284] JBD2: no valid journal superblock found
[  209.937335][T13284] EXT4-fs (loop6): Could not load journal inode
[  210.008846][T13304] loop8: detected capacity change from 0 to 164
[  210.055736][T13304] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  210.066896][T13304] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  210.075493][T13304] Symlink component flag not implemented
[  210.081569][T13304] Symlink component flag not implemented
[  210.087584][T13304] Symlink component flag not implemented (7)
[  210.093635][T13304] Symlink component flag not implemented (116)
[  210.111990][T13309] loop6: detected capacity change from 0 to 2048
[  210.218429][T13321] loop8: detected capacity change from 0 to 8192
[  210.259712][T13324] loop4: detected capacity change from 0 to 2048
[  210.269751][T13328] smc: net device bond0 applied user defined pnetid SYZ0
[  210.284954][T13328] smc: net device bond0 erased user defined pnetid SYZ0
[  210.343770][T13337] loop8: detected capacity change from 0 to 1024
[  210.363864][T13337] EXT4-fs (loop8): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  210.372883][T13344] loop3: detected capacity change from 0 to 164
[  210.374840][T13337] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  210.388527][T13343] loop2: detected capacity change from 0 to 1024
[  210.397488][T13344] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  210.400653][T13337] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  210.406092][T13343] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  210.416941][T13337] JBD2: no valid journal superblock found
[  210.432197][T13337] EXT4-fs (loop8): Could not load journal inode
[  210.432446][T13344] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  210.447363][T13344] Symlink component flag not implemented
[  210.447603][T13343] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  210.453036][T13344] Symlink component flag not implemented
[  210.483224][T13344] Symlink component flag not implemented (7)
[  210.489312][T13344] Symlink component flag not implemented (116)
[  210.494395][T13343] EXT4-fs (loop2): orphan cleanup on readonly fs
[  210.507377][T13343] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.3292: Invalid inode table block 0 in block_group 0
[  210.522447][T13343] EXT4-fs (loop2): Remounting filesystem read-only
[  210.532921][T13343] EXT4-fs (loop2): 1 truncate cleaned up
[  210.579119][T13355] loop8: detected capacity change from 0 to 2048
[  210.639561][T13366] smc: net device bond0 applied user defined pnetid SYZ0
[  210.700942][T13372] smc: net device bond0 erased user defined pnetid SYZ0
[  210.744037][T13359] loop4: detected capacity change from 0 to 8192
[  210.792718][T13383] smc: net device bond0 applied user defined pnetid SYZ0
[  210.798177][T13378] loop6: detected capacity change from 0 to 2048
[  210.800343][T13383] smc: net device bond0 erased user defined pnetid SYZ0
[  210.836927][T13387] loop4: detected capacity change from 0 to 164
[  210.854074][T13387] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  210.870348][T13394] loop2: detected capacity change from 0 to 1024
[  210.879625][T13387] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  210.888647][T13387] Symlink component flag not implemented
[  210.894320][T13387] Symlink component flag not implemented
[  210.900790][T13387] Symlink component flag not implemented (7)
[  210.906848][T13387] Symlink component flag not implemented (116)
[  210.914034][T13394] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  210.925171][T13394] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  210.954091][T13394] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  210.981818][T13394] JBD2: no valid journal superblock found
[  210.987699][T13394] EXT4-fs (loop2): Could not load journal inode
[  211.044726][T13406] loop4: detected capacity change from 0 to 1024
[  211.052553][T13402] loop6: detected capacity change from 0 to 2048
[  211.064553][T13410] smc: net device bond0 applied user defined pnetid SYZ0
[  211.073723][T13406] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  211.084909][T13410] smc: net device bond0 erased user defined pnetid SYZ0
[  211.126444][T13406] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  211.145084][T13406] EXT4-fs (loop4): orphan cleanup on readonly fs
[  211.161563][T13406] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.3316: Invalid inode table block 0 in block_group 0
[  211.176006][T13406] EXT4-fs (loop4): Remounting filesystem read-only
[  211.184045][T13418] loop8: detected capacity change from 0 to 8192
[  211.193167][T13406] EXT4-fs (loop4): 1 truncate cleaned up
[  211.259747][T13437] loop6: detected capacity change from 0 to 164
[  211.268146][T13437] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  211.279649][T13437] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  211.301679][T13435] loop3: detected capacity change from 0 to 2048
[  211.318803][T13443] loop2: detected capacity change from 0 to 1024
[  211.325367][T13437] Symlink component flag not implemented
[  211.331080][T13437] Symlink component flag not implemented
[  211.337998][T13437] Symlink component flag not implemented (7)
[  211.344024][T13437] Symlink component flag not implemented (116)
[  211.351090][T13443] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  211.362044][T13443] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  211.373405][T13443] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  211.393948][T13443] JBD2: no valid journal superblock found
[  211.399817][T13443] EXT4-fs (loop2): Could not load journal inode
[  211.489306][T13455] smc: net device bond0 applied user defined pnetid SYZ0
[  211.516105][T13459] loop4: detected capacity change from 0 to 2048
[  211.529614][T13455] smc: net device bond0 erased user defined pnetid SYZ0
[  211.621725][T13475] loop2: detected capacity change from 0 to 164
[  211.652123][T13475] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  211.679254][T13475] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  211.687648][T13473] loop3: detected capacity change from 0 to 8192
[  211.706010][T13481] loop6: detected capacity change from 0 to 1024
[  211.713773][T13475] Symlink component flag not implemented
[  211.719588][T13475] Symlink component flag not implemented
[  211.730222][T13481] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  211.735037][T13475] Symlink component flag not implemented (7)
[  211.743716][T13481] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  211.746778][T13475] Symlink component flag not implemented (116)
[  211.755086][T13481] EXT4-fs (loop6): orphan cleanup on readonly fs
[  211.778017][T13481] EXT4-fs error (device loop6): __ext4_get_inode_loc:4792: comm syz.6.3344: Invalid inode table block 0 in block_group 0
[  211.792374][T13481] EXT4-fs (loop6): Remounting filesystem read-only
[  211.804207][T13484] loop3: detected capacity change from 0 to 1024
[  211.811648][T13481] EXT4-fs (loop6): 1 truncate cleaned up
[  211.824109][T13484] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  211.835175][T13484] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  211.854333][T13484] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  211.870971][T13484] JBD2: no valid journal superblock found
[  211.876859][T13484] EXT4-fs (loop3): Could not load journal inode
[  211.964016][T13495] smc: net device bond0 applied user defined pnetid SYZ0
[  211.980346][T13493] loop3: detected capacity change from 0 to 2048
[  211.988179][T13495] smc: net device bond0 erased user defined pnetid SYZ0
[  212.038578][T13506] loop2: detected capacity change from 0 to 2048
[  212.093026][T13508] loop6: detected capacity change from 0 to 8192
[  212.106036][T13516] loop2: detected capacity change from 0 to 164
[  212.123821][T13516] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  212.135110][T13516] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  212.145025][T13516] Symlink component flag not implemented
[  212.150788][T13516] Symlink component flag not implemented
[  212.157015][T13516] Symlink component flag not implemented (7)
[  212.163152][T13516] Symlink component flag not implemented (116)
[  212.200042][T13523] futex_wake_op: syz.3.3360 tries to shift op by -1; fix this program
[  212.339478][T13531] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  212.355131][T13531] loop2: detected capacity change from 0 to 1024
[  212.381738][T13539] smc: net device bond0 applied user defined pnetid SYZ0
[  212.391124][T13539] smc: net device bond0 erased user defined pnetid SYZ0
[  212.394791][T13531] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  212.408359][T13541] loop4: detected capacity change from 0 to 164
[  212.409277][T13531] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  212.429344][T13531] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  212.441127][T13531] JBD2: no valid journal superblock found
[  212.446937][T13531] EXT4-fs (loop2): Could not load journal inode
[  212.468693][T13541] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  212.520653][T13546] __nla_validate_parse: 11 callbacks suppressed
[  212.520714][T13546] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3369'.
[  212.547833][T13541] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  212.557406][T13541] Symlink component flag not implemented
[  212.563104][T13541] Symlink component flag not implemented
[  212.573280][T13544] loop8: detected capacity change from 0 to 2048
[  212.581098][T13541] Symlink component flag not implemented (7)
[  212.587154][T13541] Symlink component flag not implemented (116)
[  212.594007][T13546] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3369'.
[  212.604077][   T29] kauditd_printk_skb: 1473 callbacks suppressed
[  212.604095][   T29] audit: type=1400 audit(2000000025.480:23329): avc:  denied  { name_bind } for  pid=13540 comm="syz.4.3367" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  212.631765][   T29] audit: type=1400 audit(2000000025.480:23330): avc:  denied  { node_bind } for  pid=13540 comm="syz.4.3367" saddr=::1 src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  212.722646][T13544] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3368'.
[  212.773814][T13551] loop4: detected capacity change from 0 to 1024
[  212.788400][T13544] netlink: 40 bytes leftover after parsing attributes in process `syz.8.3368'.
[  212.799656][T13551] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  212.811745][T13551] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  212.822594][T13551] EXT4-fs (loop4): orphan cleanup on readonly fs
[  212.834086][T13551] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.3370: Invalid inode table block 0 in block_group 0
[  212.848299][T13551] EXT4-fs (loop4): Remounting filesystem read-only
[  212.854846][T13551] Quota error (device loop4): write_blk: dquota write failed
[  212.862349][T13551] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  212.873922][T13551] EXT4-fs (loop4): 1 truncate cleaned up
[  212.902514][   T29] audit: type=1326 audit(2000000025.840:23331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13557 comm="syz.6.3372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  212.926246][   T29] audit: type=1326 audit(2000000025.840:23332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13557 comm="syz.6.3372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  212.960321][   T29] audit: type=1326 audit(2000000025.850:23333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13557 comm="syz.6.3372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  212.984004][   T29] audit: type=1326 audit(2000000025.850:23334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13557 comm="syz.6.3372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  213.007733][   T29] audit: type=1326 audit(2000000025.850:23335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13557 comm="syz.6.3372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  213.031355][   T29] audit: type=1326 audit(2000000025.850:23336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13557 comm="syz.6.3372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21d1b4e929 code=0x7ffc0000
[  213.094465][T13567] loop6: detected capacity change from 0 to 1024
[  213.130507][T13571] loop8: detected capacity change from 0 to 164
[  213.140516][T13567] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  213.151592][T13567] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  213.169540][T13571] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  213.172749][T13573] smc: net device bond0 applied user defined pnetid SYZ0
[  213.185106][T13567] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  213.196315][T13573] smc: net device bond0 erased user defined pnetid SYZ0
[  213.204084][T13567] JBD2: no valid journal superblock found
[  213.209909][T13567] EXT4-fs (loop6): Could not load journal inode
[  213.218917][T13571] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  213.239942][T13571] Symlink component flag not implemented
[  213.245629][T13571] Symlink component flag not implemented
[  213.253086][T13571] Symlink component flag not implemented (7)
[  213.259177][T13571] Symlink component flag not implemented (116)
[  213.293457][T13582] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3382'.
[  213.312938][T13582] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3382'.
[  213.326812][T13580] loop4: detected capacity change from 0 to 8192
[  213.389800][T13589] loop8: detected capacity change from 0 to 2048
[  213.422218][T13589] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3385'.
[  213.431411][T13589] netlink: 40 bytes leftover after parsing attributes in process `syz.8.3385'.
[  213.443850][T13602] loop6: detected capacity change from 0 to 1024
[  213.452203][T13602] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  213.576831][T13610] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  213.590941][T13610] loop4: detected capacity change from 0 to 1024
[  213.597821][T13602] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  213.598260][T13607] SELinux:  policydb magic number 0x6572666b does not match expected magic number 0xf97cff8c
[  213.606008][T13610] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  213.616107][T13607] SELinux: failed to load policy
[  213.626863][T13610] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  213.641571][T13602] EXT4-fs (loop6): orphan cleanup on readonly fs
[  213.649740][T13602] EXT4-fs error (device loop6): __ext4_get_inode_loc:4792: comm syz.6.3389: Invalid inode table block 0 in block_group 0
[  213.664087][T13610] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  213.675628][T13612] FAULT_INJECTION: forcing a failure.
[  213.675628][T13612] name failslab, interval 1, probability 0, space 0, times 0
[  213.676031][T13602] EXT4-fs (loop6): Remounting filesystem read-only
[  213.688441][T13612] CPU: 0 UID: 0 PID: 13612 Comm: syz.2.3394 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  213.688481][T13612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  213.688498][T13612] Call Trace:
[  213.688508][T13612]  <TASK>
[  213.688519][T13612]  __dump_stack+0x1d/0x30
[  213.688549][T13612]  dump_stack_lvl+0xe8/0x140
[  213.688575][T13612]  dump_stack+0x15/0x1b
[  213.688614][T13612]  should_fail_ex+0x265/0x280
[  213.688722][T13612]  should_failslab+0x8c/0xb0
[  213.688754][T13612]  kmem_cache_alloc_noprof+0x50/0x310
[  213.688787][T13612]  ? alloc_empty_file+0x76/0x200
[  213.688824][T13612]  alloc_empty_file+0x76/0x200
[  213.688888][T13612]  alloc_file_pseudo+0xc6/0x160
[  213.688943][T13612]  __shmem_file_setup+0x1de/0x210
[  213.689016][T13612]  shmem_file_setup+0x3b/0x50
[  213.689065][T13612]  __se_sys_memfd_create+0x2c3/0x590
[  213.689120][T13612]  __x64_sys_memfd_create+0x31/0x40
[  213.689161][T13612]  x64_sys_call+0x122f/0x2fb0
[  213.689199][T13612]  do_syscall_64+0xd2/0x200
[  213.689265][T13612]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  213.689301][T13612]  ? clear_bhb_loop+0x40/0x90
[  213.689350][T13612]  ? clear_bhb_loop+0x40/0x90
[  213.689381][T13612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.689410][T13612] RIP: 0033:0x7f0a7119e929
[  213.689431][T13612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.689508][T13612] RSP: 002b:00007f0a6f806e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  213.689582][T13612] RAX: ffffffffffffffda RBX: 00000000000004de RCX: 00007f0a7119e929
[  213.689600][T13612] RDX: 00007f0a6f806ef0 RSI: 0000000000000000 RDI: 00007f0a712214cc
[  213.689618][T13612] RBP: 0000200000000c40 R08: 00007f0a6f806bb7 R09: 00007f0a6f806e40
[  213.689636][T13612] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[  213.689653][T13612] R13: 00007f0a6f806ef0 R14: 00007f0a6f806eb0 R15: 0000200000000380
[  213.689678][T13612]  </TASK>
[  213.697273][T13610] JBD2: no valid journal superblock found
[  213.766179][T13602] EXT4-fs (loop6): 1 truncate cleaned up
[  213.767047][T13610] EXT4-fs (loop4): Could not load journal inode
[  213.990151][T13628] loop8: detected capacity change from 0 to 128
[  214.021539][T13629] loop4: detected capacity change from 0 to 2048
[  214.028942][T13628] ext4 filesystem being mounted at /153/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  214.099630][T13629] Alternate GPT is invalid, using primary GPT.
[  214.100105][T13634] smc: net device bond0 applied user defined pnetid SYZ0
[  214.106016][T13629]  loop4: p1 p2 p3
[  214.114096][T13634] smc: net device bond0 erased user defined pnetid SYZ0
[  214.154452][T13636] loop6: detected capacity change from 0 to 512
[  214.161953][T13636] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[  214.194152][T13641] loop6: detected capacity change from 0 to 1024
[  214.200978][T13641] EXT4-fs: Ignoring removed orlov option
[  214.244041][T13638] lo speed is unknown, defaulting to 1000
[  214.283430][T13638] lo speed is unknown, defaulting to 1000
[  214.293629][T13647] netlink: 240 bytes leftover after parsing attributes in process `syz.4.3399'.
[  214.568999][T13664] loop8: detected capacity change from 0 to 2048
[  214.605744][T13664] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3412'.
[  214.646329][T13676] loop2: detected capacity change from 0 to 1024
[  214.650350][T13678] loop4: detected capacity change from 0 to 164
[  214.660456][T13676] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  214.672002][T13678] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  214.673446][T13676] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  214.689091][T13678] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  214.690251][T13676] EXT4-fs (loop2): orphan cleanup on readonly fs
[  214.698848][T13678] Symlink component flag not implemented
[  214.705338][T13676] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.3416: Invalid inode table block 0 in block_group 0
[  214.709397][T13678] Symlink component flag not implemented
[  214.722250][T13676] EXT4-fs (loop2): Remounting filesystem read-only
[  214.728551][T13678] Symlink component flag not implemented (7)
[  214.734396][T13676] EXT4-fs (loop2): 1 truncate cleaned up
[  214.740343][T13678] Symlink component flag not implemented (116)
[  214.804606][T13682] loop6: detected capacity change from 0 to 1024
[  214.867809][T13682] EXT4-fs: Ignoring removed orlov option
[  214.918880][T13696] smc_pnet_add_eth: 1 callbacks suppressed
[  214.918913][T13696] smc: net device bond0 applied user defined pnetid SYZ0
[  214.952631][T13700] loop4: detected capacity change from 0 to 512
[  214.960985][T13696] smc_pnet_remove_by_pnetid: 1 callbacks suppressed
[  214.961004][T13696] smc: net device bond0 erased user defined pnetid SYZ0
[  214.977214][T13700] EXT4-fs: Ignoring removed nomblk_io_submit option
[  214.994888][T13700] ext4 filesystem being mounted at /210/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  215.070727][T13717] smc: net device bond0 applied user defined pnetid SYZ0
[  215.092901][T13717] smc: net device bond0 erased user defined pnetid SYZ0
[  215.127594][T13722] loop2: detected capacity change from 0 to 2048
[  215.175420][T13728] loop6: detected capacity change from 0 to 1024
[  215.182566][T13728] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  215.228367][T13728] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  215.254141][T13728] EXT4-fs (loop6): orphan cleanup on readonly fs
[  215.264955][T13728] EXT4-fs error (device loop6): __ext4_get_inode_loc:4792: comm syz.6.3433: Invalid inode table block 0 in block_group 0
[  215.325971][T13747] loop2: detected capacity change from 0 to 1024
[  215.331326][T13728] EXT4-fs (loop6): Remounting filesystem read-only
[  215.333115][T13747] EXT4-fs: Ignoring removed orlov option
[  215.346713][T13728] EXT4-fs (loop6): 1 truncate cleaned up
[  215.353985][T13743] loop3: detected capacity change from 0 to 2048
[  215.432269][T13757] smc: net device bond0 applied user defined pnetid SYZ0
[  215.439744][T13757] smc: net device bond0 erased user defined pnetid SYZ0
[  215.475229][T13759] loop6: detected capacity change from 0 to 2048
[  215.496492][T13761] loop4: detected capacity change from 0 to 1024
[  215.504218][T13761] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  215.516012][T13761] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  215.524478][T13761] EXT4-fs (loop4): orphan cleanup on readonly fs
[  215.533564][T13761] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.3445: Invalid inode table block 0 in block_group 0
[  215.548039][T13761] EXT4-fs (loop4): Remounting filesystem read-only
[  215.560605][T13761] EXT4-fs (loop4): 1 truncate cleaned up
[  215.762714][T13782] loop3: detected capacity change from 0 to 164
[  215.774198][T13782] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  215.786182][T13782] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  215.794926][T13782] Symlink component flag not implemented
[  215.800734][T13782] Symlink component flag not implemented
[  215.807784][T13782] Symlink component flag not implemented (7)
[  215.813829][T13782] Symlink component flag not implemented (116)
[  215.873214][T13793] loop6: detected capacity change from 0 to 1024
[  215.892866][T13793] EXT4-fs: Ignoring removed orlov option
[  215.928724][T13800] loop3: detected capacity change from 0 to 2048
[  215.961029][T13807] loop2: detected capacity change from 0 to 164
[  215.984818][T13807] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  216.000774][T13807] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  216.009846][T13807] Symlink component flag not implemented
[  216.015603][T13807] Symlink component flag not implemented
[  216.021872][T13807] Symlink component flag not implemented (7)
[  216.027934][T13807] Symlink component flag not implemented (116)
[  216.137407][T13819] loop2: detected capacity change from 0 to 164
[  216.149221][T13821] loop3: detected capacity change from 0 to 1024
[  216.156411][T13821] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  216.197921][T13819] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  216.201806][T13824] loop8: detected capacity change from 0 to 2048
[  216.206212][T13821] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  216.226682][T13819] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  216.235186][T13819] Symlink component flag not implemented
[  216.240934][T13819] Symlink component flag not implemented
[  216.257955][T13819] Symlink component flag not implemented (7)
[  216.260431][T13821] EXT4-fs (loop3): orphan cleanup on readonly fs
[  216.263983][T13819] Symlink component flag not implemented (116)
[  216.293556][T13821] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.3466: Invalid inode table block 0 in block_group 0
[  216.306731][T13821] EXT4-fs (loop3): Remounting filesystem read-only
[  216.313314][T13821] EXT4-fs (loop3): 1 truncate cleaned up
[  216.415338][T13843] loop8: detected capacity change from 0 to 1024
[  216.422752][T13843] EXT4-fs (loop8): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  216.433885][T13843] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  216.445970][T13843] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  216.458073][T13843] JBD2: no valid journal superblock found
[  216.463950][T13843] EXT4-fs (loop8): Could not load journal inode
[  216.567700][T13856] loop6: detected capacity change from 0 to 2048
[  216.591455][T13860] loop8: detected capacity change from 0 to 1024
[  216.598624][T13860] EXT4-fs: Ignoring removed orlov option
[  216.879000][T13873] loop6: detected capacity change from 0 to 2048
[  216.908187][T13882] loop3: detected capacity change from 0 to 164
[  216.915808][T13882] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  216.928086][T13882] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  216.937094][T13882] Symlink component flag not implemented
[  216.942802][T13882] Symlink component flag not implemented
[  216.950118][T13882] Symlink component flag not implemented (7)
[  216.956252][T13882] Symlink component flag not implemented (116)
[  217.038351][T13892] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  217.049457][T13894] loop8: detected capacity change from 0 to 164
[  217.063102][T13886] loop3: detected capacity change from 0 to 1024
[  217.070306][T13886] EXT4-fs: Ignoring removed i_version option
[  217.076423][T13886] EXT4-fs: Ignoring removed bh option
[  217.083504][T13894] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  217.098656][T13894] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  217.107284][T13894] Symlink component flag not implemented
[  217.113068][T13894] Symlink component flag not implemented
[  217.119007][T13894] Symlink component flag not implemented (7)
[  217.125051][T13894] Symlink component flag not implemented (116)
[  217.176329][T13886] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3489: Allocating blocks 497-513 which overlap fs metadata
[  217.374819][T13912] loop4: detected capacity change from 0 to 2048
[  217.418758][T13885] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3489: Allocating blocks 497-513 which overlap fs metadata
[  217.435526][T13885] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3489: Allocating blocks 497-513 which overlap fs metadata
[  217.458426][T13885] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3489: Allocating blocks 497-513 which overlap fs metadata
[  217.490836][T13885] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3489: Allocating blocks 497-513 which overlap fs metadata
[  217.526588][T13885] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3489: Allocating blocks 497-513 which overlap fs metadata
[  217.541065][T13885] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3489: Allocating blocks 497-513 which overlap fs metadata
[  217.565351][T13926] loop6: detected capacity change from 0 to 1024
[  217.566699][T13924] loop2: detected capacity change from 0 to 2048
[  217.572782][T13926] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  217.589349][T13926] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  217.597918][T13926] EXT4-fs (loop6): orphan cleanup on readonly fs
[  217.604891][T13926] EXT4-fs error (device loop6): __ext4_get_inode_loc:4792: comm syz.6.3505: Invalid inode table block 0 in block_group 0
[  217.623759][T13929] loop8: detected capacity change from 0 to 1024
[  217.630581][T13926] EXT4-fs (loop6): Remounting filesystem read-only
[  217.637200][T13926] __quota_error: 1073 callbacks suppressed
[  217.637218][T13926] Quota error (device loop6): write_blk: dquota write failed
[  217.646695][T13929] EXT4-fs: Ignoring removed orlov option
[  217.650556][T13926] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  217.667588][T13926] EXT4-fs (loop6): 1 truncate cleaned up
[  217.674125][T13924] __nla_validate_parse: 20 callbacks suppressed
[  217.674142][T13924] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3502'.
[  217.689665][T13924] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3502'.
[  217.703631][T13885] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.3489: Allocating blocks 497-513 which overlap fs metadata
[  217.838603][   T29] audit: type=1326 audit(2000000030.770:24400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13937 comm="syz.2.3506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a7119e929 code=0x7ffc0000
[  217.862421][   T29] audit: type=1326 audit(2000000030.770:24401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13937 comm="syz.2.3506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a7119e929 code=0x7ffc0000
[  217.886059][   T29] audit: type=1326 audit(2000000030.770:24402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13937 comm="syz.2.3506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f0a7119e929 code=0x7ffc0000
[  217.909826][   T29] audit: type=1326 audit(2000000030.770:24403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13937 comm="syz.2.3506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a7119e929 code=0x7ffc0000
[  217.933431][   T29] audit: type=1326 audit(2000000030.770:24404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13937 comm="syz.2.3506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a7119e929 code=0x7ffc0000
[  217.957793][   T29] audit: type=1326 audit(2000000030.770:24405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13937 comm="syz.2.3506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a7119e929 code=0x7ffc0000
[  217.981530][   T29] audit: type=1326 audit(2000000030.770:24406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13937 comm="syz.2.3506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0a7119e929 code=0x7ffc0000
[  218.018480][   T29] audit: type=1326 audit(2000000030.800:24407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13937 comm="syz.2.3506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a7119e929 code=0x7ffc0000
[  218.079802][T13942] loop6: detected capacity change from 0 to 164
[  218.087189][T13942] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  218.090363][T13944] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3509'.
[  218.154260][T13942] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  218.163795][T13942] Symlink component flag not implemented
[  218.169664][T13942] Symlink component flag not implemented
[  218.181230][T13942] Symlink component flag not implemented (7)
[  218.187447][T13942] Symlink component flag not implemented (116)
[  218.189695][T13953] loop3: detected capacity change from 0 to 164
[  218.202033][T13953] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  218.239007][T13953] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  218.259993][T13953] Symlink component flag not implemented
[  218.265775][T13953] Symlink component flag not implemented
[  218.288836][T13960] loop8: detected capacity change from 0 to 2048
[  218.311223][T13953] Symlink component flag not implemented (7)
[  218.317303][T13953] Symlink component flag not implemented (116)
[  218.320116][T13960] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3515'.
[  218.329029][T13963] loop6: detected capacity change from 0 to 2048
[  218.342228][T13960] netlink: 40 bytes leftover after parsing attributes in process `syz.8.3515'.
[  218.379385][T13963] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3517'.
[  218.391074][T13969] loop3: detected capacity change from 0 to 1024
[  218.398833][T13963] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3517'.
[  218.409709][T13969] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  218.423371][T13969] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  218.431708][T13969] EXT4-fs (loop3): orphan cleanup on readonly fs
[  218.439581][T13969] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.3518: Invalid inode table block 0 in block_group 0
[  218.452530][T13969] EXT4-fs (loop3): Remounting filesystem read-only
[  218.459266][T13969] EXT4-fs (loop3): 1 truncate cleaned up
[  218.486698][T13864] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  218.558087][T13979] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3522'.
[  218.596442][T13982] loop4: detected capacity change from 0 to 512
[  218.630033][T13982] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  218.652130][T13982] System zones: 0-2, 18-18, 34-34
[  218.658410][T13982] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3523: bg 0: block 248: padding at end of block bitmap is not set
[  218.674670][T13982] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.3523: Failed to acquire dquot type 1
[  218.687973][T13982] EXT4-fs (loop4): 1 truncate cleaned up
[  218.694220][T13982] ext4 filesystem being mounted at /221/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.761493][T13992] loop8: detected capacity change from 0 to 8192
[  218.769924][T13992] vfat: Unknown parameter ''
[  218.815073][T14002] loop3: detected capacity change from 0 to 1024
[  218.821945][T14002] EXT4-fs: Ignoring removed orlov option
[  218.887506][T14007] loop4: detected capacity change from 0 to 2048
[  218.930878][T14007] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3532'.
[  218.941046][T14007] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3532'.
[  219.022677][T14016] loop8: detected capacity change from 0 to 2048
[  219.080893][T14025] loop2: detected capacity change from 0 to 1024
[  219.088723][T14025] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  219.109580][T14025] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  219.118217][T14025] EXT4-fs (loop2): orphan cleanup on readonly fs
[  219.125566][T14025] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.3539: Invalid inode table block 0 in block_group 0
[  219.138994][T14025] EXT4-fs (loop2): Remounting filesystem read-only
[  219.146038][T14025] EXT4-fs (loop2): 1 truncate cleaned up
[  219.207562][T14038] loop8: detected capacity change from 0 to 164
[  219.223843][T14038] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  219.242588][T14038] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  219.252417][T14038] Symlink component flag not implemented
[  219.258183][T14038] Symlink component flag not implemented
[  219.265718][T14038] Symlink component flag not implemented (7)
[  219.271955][T14038] Symlink component flag not implemented (116)
[  219.336902][T14046] loop4: detected capacity change from 0 to 2048
[  219.371949][T14053] loop2: detected capacity change from 0 to 1024
[  219.390055][T14053] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  219.401098][T14053] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  219.411056][T14053] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  219.422392][T14053] JBD2: no valid journal superblock found
[  219.428304][T14053] EXT4-fs (loop2): Could not load journal inode
[  219.448921][T14062] loop8: detected capacity change from 0 to 1024
[  219.455795][T14062] EXT4-fs: Ignoring removed orlov option
[  219.520956][T14067] loop4: detected capacity change from 0 to 2048
[  219.621877][T14080] loop2: detected capacity change from 0 to 1024
[  219.629299][T14080] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  219.676688][T14080] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  219.697011][T14080] EXT4-fs (loop2): orphan cleanup on readonly fs
[  219.704217][T14080] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.3559: Invalid inode table block 0 in block_group 0
[  219.725688][T14090] loop3: detected capacity change from 0 to 164
[  219.730435][T14080] EXT4-fs (loop2): Remounting filesystem read-only
[  219.741165][T14080] EXT4-fs (loop2): 1 truncate cleaned up
[  219.775534][T14093] loop6: detected capacity change from 0 to 2048
[  219.784168][T14090] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  219.803050][T14090] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  219.824254][T14090] Symlink component flag not implemented
[  219.829996][T14090] Symlink component flag not implemented
[  219.848062][T14090] Symlink component flag not implemented (7)
[  219.854174][T14090] Symlink component flag not implemented (116)
[  219.923699][T14111] loop6: detected capacity change from 0 to 1024
[  219.958899][T14111] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  219.970055][T14111] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  219.990438][T14111] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  220.004541][T14116] loop8: detected capacity change from 0 to 2048
[  220.010664][T14111] JBD2: no valid journal superblock found
[  220.016758][T14111] EXT4-fs (loop6): Could not load journal inode
[  220.052305][T14123] loop3: detected capacity change from 0 to 1024
[  220.070550][T14123] EXT4-fs: Ignoring removed orlov option
[  220.117966][T14135] loop6: detected capacity change from 0 to 164
[  220.143014][T14137] loop2: detected capacity change from 0 to 2048
[  220.150964][T14135] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  220.162969][T14135] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  220.172217][T14135] Symlink component flag not implemented
[  220.177959][T14135] Symlink component flag not implemented
[  220.186752][T14135] Symlink component flag not implemented (7)
[  220.192841][T14135] Symlink component flag not implemented (116)
[  220.301972][T14150] lo speed is unknown, defaulting to 1000
[  220.353290][T14150] lo speed is unknown, defaulting to 1000
[  220.389919][T14157] loop8: detected capacity change from 0 to 1024
[  220.397626][T14158] loop2: detected capacity change from 0 to 128
[  220.429261][T14157] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  220.448581][T14157] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  220.457902][T14157] EXT4-fs (loop8): orphan cleanup on readonly fs
[  220.464925][T14157] EXT4-fs error (device loop8): __ext4_get_inode_loc:4792: comm syz.8.3588: Invalid inode table block 0 in block_group 0
[  220.479024][T14157] EXT4-fs (loop8): Remounting filesystem read-only
[  220.485705][T14157] EXT4-fs (loop8): 1 truncate cleaned up
[  220.617966][ T5504] bio_check_eod: 99 callbacks suppressed
[  220.617983][ T5504] kworker/u8:27: attempt to access beyond end of device
[  220.617983][ T5504] loop2: rw=1, sector=145, nr_sectors = 32 limit=128
[  220.652747][T14175] loop6: detected capacity change from 0 to 2048
[  220.667077][ T5504] kworker/u8:27: attempt to access beyond end of device
[  220.667077][ T5504] loop2: rw=1, sector=185, nr_sectors = 8 limit=128
[  220.681691][ T5504] kworker/u8:27: attempt to access beyond end of device
[  220.681691][ T5504] loop2: rw=1, sector=201, nr_sectors = 8 limit=128
[  220.702781][ T5504] kworker/u8:27: attempt to access beyond end of device
[  220.702781][ T5504] loop2: rw=1, sector=217, nr_sectors = 8 limit=128
[  220.717761][ T5504] kworker/u8:27: attempt to access beyond end of device
[  220.717761][ T5504] loop2: rw=1, sector=233, nr_sectors = 8 limit=128
[  220.735693][ T5504] kworker/u8:27: attempt to access beyond end of device
[  220.735693][ T5504] loop2: rw=1, sector=249, nr_sectors = 8 limit=128
[  220.750242][ T5504] kworker/u8:27: attempt to access beyond end of device
[  220.750242][ T5504] loop2: rw=1, sector=265, nr_sectors = 8 limit=128
[  220.763871][ T5504] kworker/u8:27: attempt to access beyond end of device
[  220.763871][ T5504] loop2: rw=1, sector=281, nr_sectors = 8 limit=128
[  220.784848][ T5504] kworker/u8:27: attempt to access beyond end of device
[  220.784848][ T5504] loop2: rw=1, sector=297, nr_sectors = 8 limit=128
[  220.799670][ T5504] kworker/u8:27: attempt to access beyond end of device
[  220.799670][ T5504] loop2: rw=1, sector=313, nr_sectors = 8 limit=128
[  220.835316][T14185] loop4: detected capacity change from 0 to 164
[  220.840413][T14187] loop8: detected capacity change from 0 to 2048
[  220.853366][T14185] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  220.864958][T14185] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  220.873976][T14185] Symlink component flag not implemented
[  220.877543][T14187] EXT4-fs mount: 232 callbacks suppressed
[  220.877563][T14187] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.879723][T14185] Symlink component flag not implemented
[  220.903387][T14185] Symlink component flag not implemented (7)
[  220.909451][T14185] Symlink component flag not implemented (116)
[  220.916896][T10383] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.945271][T14195] loop6: detected capacity change from 0 to 1024
[  220.953618][T14195] EXT4-fs: Ignoring removed orlov option
[  220.963979][T14195] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.057037][T10531] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.076391][T14211] loop2: detected capacity change from 0 to 1024
[  221.086860][T14211] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  221.097905][T14211] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  221.110300][T14211] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  221.121738][T14211] JBD2: no valid journal superblock found
[  221.127539][T14211] EXT4-fs (loop2): Could not load journal inode
[  221.141997][T14215] loop3: detected capacity change from 0 to 1024
[  221.157082][T14215] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  221.177908][T14215] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  221.187061][T14215] EXT4-fs (loop3): orphan cleanup on readonly fs
[  221.194395][T14215] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.3609: Invalid inode table block 0 in block_group 0
[  221.217955][T14215] EXT4-fs (loop3): Remounting filesystem read-only
[  221.228544][T14215] EXT4-fs (loop3): 1 truncate cleaned up
[  221.235034][T14215] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  221.275696][T10383] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.291006][T14224] loop2: detected capacity change from 0 to 2048
[  221.375760][T14224] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.389623][T14236] loop8: detected capacity change from 0 to 164
[  221.396340][T10590] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.405563][T14236] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  221.417062][T14236] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  221.425837][T14236] Symlink component flag not implemented
[  221.431539][T14236] Symlink component flag not implemented
[  221.437287][T14236] Symlink component flag not implemented (7)
[  221.443473][T14236] Symlink component flag not implemented (116)
[  221.483838][T14240] loop6: detected capacity change from 0 to 2048
[  221.509050][T14240] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.528803][T10446] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.580391][T14257] loop3: detected capacity change from 0 to 1024
[  221.597106][T14257] EXT4-fs: Ignoring removed orlov option
[  221.605370][T10383] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.617144][T14257] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.834947][T14257] ==================================================================
[  221.843108][T14257] BUG: KCSAN: data-race in __mark_inode_dirty / writeback_single_inode
[  221.851394][T14257] 
[  221.853757][T14257] write to 0xffff888106f49300 of 4 bytes by task 14270 on cpu 0:
[  221.861511][T14257]  writeback_single_inode+0x14a/0x3e0
[  221.866944][T14257]  sync_inode_metadata+0x5b/0x90
[  221.871924][T14257]  generic_buffers_fsync_noflush+0xd9/0x120
[  221.877873][T14257]  ext4_sync_file+0x1ab/0x690
[  221.882578][T14257]  vfs_fsync_range+0x10a/0x130
[  221.887357][T14257]  ext4_buffered_write_iter+0x34f/0x3c0
[  221.892925][T14257]  ext4_file_write_iter+0x383/0xf00
[  221.898143][T14257]  iter_file_splice_write+0x5ef/0x970
[  221.903547][T14257]  direct_splice_actor+0x153/0x2a0
[  221.908686][T14257]  splice_direct_to_actor+0x30f/0x680
[  221.914084][T14257]  do_splice_direct+0xda/0x150
[  221.918879][T14257]  do_sendfile+0x380/0x650
[  221.923312][T14257]  __x64_sys_sendfile64+0x105/0x150
[  221.928525][T14257]  x64_sys_call+0xb39/0x2fb0
[  221.933134][T14257]  do_syscall_64+0xd2/0x200
[  221.937652][T14257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.943566][T14257] 
[  221.945899][T14257] read to 0xffff888106f49300 of 4 bytes by task 14257 on cpu 1:
[  221.953581][T14257]  __mark_inode_dirty+0x52/0x760
[  221.958537][T14257]  ext4_write_inline_data_end+0x3e5/0x5f0
[  221.964287][T14257]  ext4_write_end+0x4cd/0x730
[  221.969018][T14257]  generic_perform_write+0x312/0x490
[  221.974319][T14257]  ext4_buffered_write_iter+0x1ee/0x3c0
[  221.979882][T14257]  ext4_file_write_iter+0x383/0xf00
[  221.985094][T14257]  iter_file_splice_write+0x5ef/0x970
[  221.990511][T14257]  direct_splice_actor+0x153/0x2a0
[  221.995647][T14257]  splice_direct_to_actor+0x30f/0x680
[  222.001038][T14257]  do_splice_direct+0xda/0x150
[  222.005820][T14257]  do_sendfile+0x380/0x650
[  222.010249][T14257]  __x64_sys_sendfile64+0x105/0x150
[  222.015457][T14257]  x64_sys_call+0xb39/0x2fb0
[  222.020059][T14257]  do_syscall_64+0xd2/0x200
[  222.024576][T14257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.030487][T14257] 
[  222.032819][T14257] value changed: 0x00000038 -> 0x00000002
[  222.038541][T14257] 
[  222.040866][T14257] Reported by Kernel Concurrency Sanitizer on:
[  222.047023][T14257] CPU: 1 UID: 0 PID: 14257 Comm: syz.3.3626 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  222.059583][T14257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  222.069665][T14257] ==================================================================
[  222.090386][T14284] loop2: detected capacity change from 0 to 2048
[  222.110551][T14284] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.133602][T10590] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.226249][T10446] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.