last executing test programs:

4m14.340953428s ago: executing program 1 (id=669):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x2, &(0x7f0000000000)=[{0x15}, {0x2d}]})
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

4m13.484787822s ago: executing program 1 (id=696):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
lremovexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.nlink\x00')
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x2000000000000178, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000080)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x3}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x140400c0}, 0x2000081)
syz_io_uring_setup(0x3bc1, &(0x7f0000000080)={0x0, 0x485f, 0x10100, 0x2, 0xe2}, &(0x7f0000000540), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r4, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})

4m13.147862307s ago: executing program 1 (id=698):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_team\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000001a40)=@newqdisc={0xa0, 0x24, 0xd0f, 0x3, 0x3, {0x60, 0x0, 0x0, r1, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@TCA_STAB={0x6c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0xa, 0x0, 0x5, 0x0, 0x9, 0x10000}}, {0x4}}, {{0x1c, 0x1, {0x4, 0x9, 0x2, 0x1, 0x0, 0xfffffff7, 0xfffffffc}}, {0x4}}, {{0x1c, 0x1, {0x2, 0x7, 0x1, 0x800, 0x2, 0x6, 0x5, 0x3}}, {0xa, 0x2, [0x1, 0x3, 0x6]}}]}, @qdisc_kind_options=@q_drr={0x8}, @TCA_RATE={0x6, 0x5, {0x6, 0x42}}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

4m13.113222157s ago: executing program 1 (id=702):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240)={[{@grpquota}, {@auto_da_alloc}, {@minixdf}]}, 0x1, 0x50c, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLEaGVEHsEqRsSN4pix1HsLJvQQ3rmikQlTvTIH8C5Jw7cuCC4cSkHJH5EoAaJg9GMJ6mb2o3VJHYUfz7SaObNm/r7fXH8Xuc59gtgZF2PiP2ImIiITyNiNjufy7b4qL0l1z05uLdyeHBvJRet1if/zKX1ybno+DeJa9ljFiPihw8jfpJ7Pm5jd29juVqtbGfl+WZta76xu3drvba8VlmrbJbLS4tLCx/cfr98bm19qzaRHX318R/2v/WzJK2Z7ExnO85Tu+mF4ziJ8Yj4/kUEG4KxrD0Tw06El5KPiNcj4u309T8bY+mzCQBcZa3WbLRmO8sAwFWXT+fAcvlSNhcwE/l8qdSew3sjpvPVeqN58259Z3O1PVc2F4X83fVqZSGbK5yLQi4pL6bHT8vlE+XbEfFaRPxiciotl1bq1dVh/scHAEbYtRPj/38m2+M/AHDFFYedAAAwcD3G//1B5wEADI77fwAYPcZ/ABg97fF/athpAAAD5P4fAEaP8R8ARsoPPv442VqH2fdfr362u7NR/+zWaqWxUartrJRW6ttbpbV6fS39zp7aaY9Xrde3Ft+Lnc/nvr3VaM43dvfu1Oo7m8076fd636kU0qt8sgAAhum1tx79OZeMyB9OpVt0rOVQGGpmwEXLDzsBYGjGhp0AMDRW+4LRdYZ7fNMDcEV0WaL3GcVuHxBqtVqti0sJuGA3vmT+H0ZVx/y/vwKGEWP+H0aX+X8YXa1Wrt81/6PfCwGAy80cP9Dj/f/Xs/1vsjcHfrx68ooHF5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG5H6/+WsrXAZyKfL5UiXomIuSjk7q5XKwsR8WpE/GmyMJmUF4ecMwBwVvm/5bL1v27MvjvzTNWb144PJyLip7/65JefLzeb23+MmMj9a/LofPNBdr48+OwBgNMdjdPpvuNG/snBvZWjbZD5/P27EVFsxz88mIjD4/jjMZ7ui1GIiOl/57JyW65j7uIs9u9HxBe7tT8XM+kcSHvl05Pxk9ivDDR+/pn4+bSuvU9+Fl84h1xg1DxK+p+Pur3+8nE93Xd//RfTHurssv4veaiVw7QPfBr/qP8b69H/Xe83xnu/+177aOr5uvsRXx6POIp92NH/HMXP9Yj/bp/x//KVN9/uVdf6dcSN6B6/M9Z8s7Y139jdu7VeW16rrFU2y+WlxaWFD26/X55P56jne48G//jw5qu96pL2T/eIXzyl/V/vs/0P//fpj772gvjffKdb/Hy88YL4yZj4jT7jL0//ttirLom/2qP9pz3/N/uM//ive88tGw4ADE9jd29juVqtbI/kQfR38e+zH9alyHmkD5Jn4RKk0fXgO4OKNRHdq37+TvvXdDKi8xe71XqpWL16jPOYdQMug+MXfUT8d9jJAAAAAAAAAAAAAAAAXQ3iE0vDbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABX1/8DAAD//9RMyv0=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x28541, 0x14b)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00', r1, 0x0, 0x8}, 0x18)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
sendmsg$rds(r2, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x4, @local}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@rdma_args={0x48, 0x114, 0x1, {{0x5}, {0x0}, &(0x7f0000000300)=[{&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000000500)=""/247, 0xf7}], 0x2}}], 0x48}, 0x0)

4m12.96722763s ago: executing program 1 (id=704):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
io_uring_setup(0x5a6, &(0x7f0000000040)={0x0, 0xd59c, 0x400, 0x2, 0x254})
io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000000580)={0x4, 0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)=""/19, 0x13}, {&(0x7f0000000240)=""/78, 0x4e}, {&(0x7f0000000ac0)=""/221, 0xdd}, {&(0x7f00000002c0)=""/12, 0xc}], 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket(0x10, 0x3, 0x9)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000380)=0xffffffff00000041, 0x8)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
setresuid(0x0, 0xee00, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

4m11.955897305s ago: executing program 1 (id=717):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1700000000000000030000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1a, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffa1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$qrtrtun(r2, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
inotify_add_watch(r2, &(0x7f00000002c0)='./file0\x00', 0x4)
mlock2(&(0x7f0000ea7000/0x3000)=nil, 0x3000, 0x1)

3m56.901828355s ago: executing program 32 (id=717):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1700000000000000030000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1a, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffa1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$qrtrtun(r2, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
inotify_add_watch(r2, &(0x7f00000002c0)='./file0\x00', 0x4)
mlock2(&(0x7f0000ea7000/0x3000)=nil, 0x3000, 0x1)

3m48.411748596s ago: executing program 4 (id=1002):
r0 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000640), &(0x7f0000000680)=0xe, 0x80000)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
fcntl$setown(r0, 0x8, r1)
syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x60000)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000140))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r5, &(0x7f0000000500)="c4e4132a", 0x4, 0x8000c60)
ioctl$EXT4_IOC_MIGRATE(r4, 0x6609)

3m48.295079267s ago: executing program 4 (id=1007):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
unshare(0x42000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3e, 0x0, 0x0)
bind$llc(r1, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0xffffff6a)
sendfile(r1, r2, 0x0, 0xffffffff000)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x1a000}}, 0x40)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000140)={0xa, 0x4e21, 0x6, @private1, 0x98ae}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000380)='m', 0x1}], 0x1}, 0x8000)
shutdown(r3, 0x1)
getsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000040)={0x0, 0xe0}, &(0x7f0000000080)=0x8)
recvfrom$inet6(r0, &(0x7f0000000280)=""/11, 0x1a000, 0x102, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x4})
r4 = getpid()
syz_pidfd_open(r4, 0x0)
setns(0xffffffffffffffff, 0x8000000)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, 0x0, 0x40011)

3m47.628070688s ago: executing program 4 (id=1016):
open(&(0x7f0000000080)='./bus\x00', 0x143c62, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket(0x10, 0x3, 0x0)
ptrace$getregset(0x4205, 0x0, 0x202, &(0x7f0000000240)={0x0})
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x700, &(0x7f0000000300)='trans=rdma,')

3m47.518512139s ago: executing program 4 (id=1018):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000c3000000f10000009500000c00000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2a10700, &(0x7f0000000380), 0x0, 0x44a, &(0x7f0000000880)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x404, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, @perf_config_ext={0x0, 0x1}, 0xcec0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00') (fail_nth: 1)

3m47.351755642s ago: executing program 4 (id=1023):
prctl$PR_SET_NAME(0xf, &(0x7f0000001240)='+}\x1b@\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fef"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
lremovexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.nlink\x00')
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x2000000000000178, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000080)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x3}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x140400c0}, 0x2000081)
syz_io_uring_setup(0x3bc1, &(0x7f0000000080)={0x0, 0x485f, 0x10100, 0x2, 0xe2}, &(0x7f0000000540), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r4, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})

3m47.103952216s ago: executing program 4 (id=1028):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000500)={&(0x7f0000000300)={0x34, r1, 0x324, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x1a, 0xfffffffa, @l2={'ib', 0x3a, 'veth0\x00'}}}}, [""]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x2, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x2})
r4 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x1}, 0x1c)
listen(r4, 0x8957)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r9}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r8}, 0x10)
r10 = dup(r7)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[], [], 0x6b}})

3m47.103729396s ago: executing program 33 (id=1028):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000500)={&(0x7f0000000300)={0x34, r1, 0x324, 0x70bd2a, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x1a, 0xfffffffa, @l2={'ib', 0x3a, 'veth0\x00'}}}}, [""]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x2, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
r3 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x2})
r4 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x1}, 0x1c)
listen(r4, 0x8957)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r9}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r8}, 0x10)
r10 = dup(r7)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[], [], 0x6b}})

2m31.302412279s ago: executing program 5 (id=2966):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r3)

2m31.197418471s ago: executing program 5 (id=2970):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb0100180000000000000018000000100400000400000000000000000800000000000000000000020000000100000000003000"], 0x0, 0x34, 0x0, 0x0, 0xfffffffc, 0x0, @void, @value}, 0x28)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="02180000100000000000000000000000030005000000000002000010e000000100000000000000000800120000000000000000000000000010000000000000000000000000000000ac1414bb000000000000000000000000fc010000000000000000000000000000030006000000000002"], 0x80}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=@base={0xa, 0x2, 0x1001, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_ifreq(r2, 0x8935, &(0x7f0000000180)={'vlan0\x00', @ifru_addrs=@l2={0x1f, 0x2, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6, 0x1}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
syz_usb_disconnect(0xffffffffffffffff)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x3, 0x0, 0x0, 0x1000000}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)

2m30.675716949s ago: executing program 0 (id=2977):
creat(0x0, 0xecf86c37d53049cc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
ptrace(0x10, 0x0)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003a000b12d25a80648c2594f90124fc60100c03", 0x17}], 0x1}, 0x0)

2m30.60348231s ago: executing program 0 (id=2979):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c756e695f786c6174653d302c756d61736b3d30303030303030303030303031343432353036333233362c756e695f786c6174653d312c756e695f786c6174653d302c696f636861727365743d64656661756c742c73686f72746e616d653d77696e393500756e695f786c6174653d312c756e695f786c6174653d312c757466383d312c73686f72746e616d653d6d697865642c696f636861727365743d63703750372c6e6e6f6e756d7461696c3d312c757466383d302c00b08e18498eabf2b4e8ffe85b113a293e45c892212c260a64dbe05913f908a5eddd4b1c3e2d1ac131b189ffdd7e586f437ac8ba15caa40760ab8316f95d1391f13be5f0542e2d5967287ba0887cc6c2c53d25cc823b9f0165c5759a9815ffb91260df9c0eb5b4a989a65a827d632b3991c7c7e82a7b4832302c35b91c130fa616b0de49a164578e95986a1121ffa3ede16d77c439de8d8ab70b3bbf8bf2e9accd9ce7415a40ec2f54d404a28c124868ebb772d7008b10acd1c5414729ed62723496fc30fb0d388dc4ca427559149a66e97b19ef8c648d747efad5cf5cbff32f7226cd3cfb6b995ee76467bed63bf59bca85e08930bd575b83f5ac7a8bc7507b0db30861550426ef104a4fe45c9b4d4390b16d411e8a6b38ec4da423459ef9b9ba5b46f05a4f02b62fb8a635c5a5ef3dd63290b7072b8e"], 0x4, 0x2e0, &(0x7f0000000500)="$eJzs27tPI1cUx/GfecQ8AnZeEJAirpImaUbgdOksBFKEpUQER5BIkYYwTixPbOKxiBxFgS5Fmv070Jbb7Wq1/wAN3fbbudluKVbr1TwAGwwyLGMb6ftp5nqOz8y9c+6MbjHT2HzwR6ngWQW7pqGE0Yh0oBMprSENK5Tw90WSek+tDvTV1p/Hn/2w9dNaNpdbWTdmNbvxdcYYM73w9K9/Hn7+rDb546Ppx0kdpX9pvMy8OJo5mmu82fi96JmiZ8qVmrHNdqVSs7ddx+wUvZJlzPeuY3uOKZY9p9oWL7iV3d26scs7UxO7VcfzjF2um5JTN7WKqVXrxv7NLpaNZVmjUxPCudnjTnvzh+vrdrb3vUEvVatZe1nS/KVI/rAvHQIAAH3V2Ex0s/4PDAXt+7H+N6z/I8+vib3D+j956w6hx/z1/8/R/duO9T8AAAAAAAAAAAAAAAAAAAAAAPfBcrKZajabqZNmuB2Vgi98mtHvcUkTkib9ffthzrSklKS0pA8kfSjpI0kfS/pE0oykWUmfSpprOVa/x4rLTuveTf3flzR1q/qPivoPql7Un/t/UPXm/qf+g6rlw90xyf1vL7+XD7dhPFtQUa4cLSql10EtI2F79dvcyqIJpPW/ux/l7+/lh9vzl5TyJ0yn/KUw37TnJ4N5d5afUcqfYEHqN1Hno/xMx/wxfflFS76llI5/VUWudoLU8/P/u2TM8ne5C/nzwf+uNx5naXrCMmc61s+yroqH+TeYHxeu74jmR/o7dkhe/e+S7bpONY7G6TfiLaFX0eyI76R30NCVocTVobtt+JdtQK7GPW8kOob8p9vtj5zQk76PK+5GV4+PtTifTYjfedFvnjsWR4cAAAAAAAAAAAAAAAAAAF2J8y3C694P82MLPRwnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACt3gYAAP//4wpVfg==")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
clock_adjtime(0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
syz_emit_ethernet(0x9a, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000000ffffffffffff86000000000000000000000000bbff02000000000000000000000000000100004e22004d9078020000000000000000000000eaf12af8010d489432cc01f9f39c6526ece5d2603725b9cabfc2c9f4513d3dfb201f3a70a41ef6c2fca06a9bd768d5f176c198150020000000000000000010009514b06796dbf2ea9e520f1475c8f65b"], 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af80d01000000bfa20000000000000702000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
getrlimit(0x1, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x409c884, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @mcast1, 0x4}, 0x1c)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)={<r6=>0x0, @local, @remote}, &(0x7f0000000240)=0xc)
syz_clone3(&(0x7f0000000940)={0x90004000, &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300)=<r7=>0x0, {0x4}, &(0x7f0000000380)=""/185, 0xb9, &(0x7f00000008c0)=""/55, &(0x7f0000000900)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0x4}, 0x58)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)=@dellinkprop={0x28, 0x6d, 0x400, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r6, 0x1, 0x3e7663d54225b8ca}, [@IFLA_NET_NS_PID={0x8, 0x13, r7}]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x20008882)
sendto$inet6(r5, &(0x7f0000003240)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8eed9ace110469c51f4f211dd9fad815eb5b273ac04e1edc679bcdf0a0d24482de5454be9003cb80714a95e136bb704ee58e707d1e69b3c3a1c2c37f9c0402e14abdeb32086a49aff25e5c0f0131d59b4783316b9fa2c71c51ce76942d5f519145c9e3bf0d4182b4a62970b2ce81d35a7afc8384b387b8e21f2051d90d92323a710cabe5275d335b64453e759251a140de480541d8dd7662a14296a59eba99b95bfdf5b22992c323865b471d13ad79867e2692fd4eece299a81e2b33336b6801f51c2ae8d73e4df90c9bd70cd535b72cbdf67754acdc44b3780450308d9c5527c3314eb7b2cc38b61e96403a30a8ba0c8a357aa04d3c62bc51bcf55cf214f44a909b29c30c18c3a43c86472612086664a80f2aa8490e58352732acb96eb46deab42895d1957a6029ad86e7a5ced6bde89c158aaee721954beeebe5973059007f7dd5459029af6d3f1d73d35f07d19b7cedfc80d1d7ef37f8b113f564afd0f093202929fef43e788619ca522c7f679dd2f27949d879b4dab46581a0e054b4ed1db37e43f528748b56ec5a54b7af198d4ae551046f7814fe3a5cbc1cc7cb6655fc198939b049f3c02443148c588e34d6ebef81096b4e48f468016d2bde0828664c0874d71e2d88b3bc04079d4a504255a83c3f07a4f1c3e5a4c66f55f36e51e344392487c8299d8d1bfb568780c0d57df48990cb5d6b35c3f7445f80312186d8598faf61072d4eefc961fb5a7e72b971c8f94a8346effd27362cee8d72a98b55e317de280d2d63ee83ca7140b791312252f5b7ad5e7ef72d7c58cb4d5bafbea535b381df6ebe94c62cf782cf7ab81c017c296a88ca91d641b45748d230cf5e87e5dbee4764ea4d131ae022e6bbf3ffc3ea7b264737d9db44354bfffa63d79bc403d3ac23fb615edc382d18b0daf1bbb2fbd708d1830ddac1c3f098b8cb1ef9a0019d804bf5d953110f12f3b9a8b9b7e0c61cb5d34116add1fc9a92721ffa5fdc83e1488cf88aa6e56ad2dd55e0aadd827cc7b4e7242f01241f49e905e5e7451092c28c3f6560a6a0002e5d91fc253a5a8fd8f27e42f4f02f5849528b7d93df9b0c568022acaff410e797e88d2f8eeadbba66e423335b843df734d203fa62a861b712da8f33d5ea721767871aa2cd53e659e505507de9a54d7e6fa3c20bbfb28cd6dd2b314dabbb59e9ce15c0a94ec3b3efc54eaaa27bd7576a687dcaf58dc182662539943014a02e76dc89f48c9f83cc7199038418f965ad3dc866098b89cabcac8691b0f51ffb71902337e49293309c4480a8f1b32411cc1b55a0ec0fe2c2572fe9d488a25bfc12ba74048e1d7beee93321c7aa49ea17cb9728dc46e5272154b3b995feacbacb8885621b335274af4df9365f8c8121ff323b572d320c8fc46acd6218b9579d43005e7b0506ccb14d9a0dac4cc6efaf5366c44342eaea8b5a11457f5afbea913ce4975ab67e6a85bc46e714ca5741da38a7cceb9e85d77fd03f83f7a5ecc7241e69e2bda327f769b48ba5f13662585c72778d12bd0e9a62a3d0dbe376d1aee81e6845c2cf23f42c73ccf3db73286c690b010cd257ba8b9389deeabd4077315a71560fbaeb767bbb3a76e1b8039024da8502a9054c785e9a9b6bb3f38372dd059780ee6ef9d4fcb2126d2f6748f61920a2a07cb0d9461aaec9e8d20b778a34135c0229505a4d0e55b9ae72e295a319f3b09b71a863203db5b136fa3c9e6e6e70ca3e81abb9cc7b33ecc3c7d1f844b706bb1424d039645bfe399df32ae1f2f0d2d608c99c449570602c462397bfdc6017e3c483ed06d2fd894fb8e4e2bdc014048c596660ad985483bd023ca5c1990fad7cdb746614a0bd2eec49b711a369d58788844a29ede55257def168b29f5cb654d4bb213eb4781ec0f365a9162505f7a040ea14c369c6b88805fb14ba", 0x586, 0x6d91fb6106d8d10c, 0x0, 0x0)
sendto$inet6(r5, &(0x7f0000000000)='I', 0x1, 0x0, 0x0, 0x0)
setsockopt$RXRPC_SECURITY_KEYRING(0xffffffffffffffff, 0x110, 0x2, &(0x7f0000000b40)='GPL\x00', 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)

2m30.454956472s ago: executing program 0 (id=2981):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
unshare(0x68060200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000240)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
acct(&(0x7f00000001c0)='./file0\x00')

2m30.367169074s ago: executing program 5 (id=2984):
r0 = fsmount(0xffffffffffffffff, 0x1, 0x7b)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)={0x188, r1, 0x100, 0x70bd2d, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x7}, {0x6, 0x16, 0x5ca}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x5}, {0x6, 0x16, 0x7}, {0x5, 0x12, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x8}, {0x6, 0x16, 0x400}, {0x5, 0x12, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xd7f}, {0x6, 0x16, 0x1}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x1}, {0x6, 0x16, 0xc}, {0x5, 0x12, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x9}, {0x6, 0x16, 0x3}, {0x5}}]}, 0x188}, 0x1, 0x0, 0x0, 0x40000}, 0x4c045)
r2 = accept$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000300)=0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000340), 0x4)
mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000)
syncfs(r0)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000380)=@req={0x0, 0xfffffff9, 0xc, 0x4}, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r0)
r3 = openat(r0, &(0x7f0000000400)='./file0\x00', 0x101000, 0xc0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1a, 0x3, 0xfffffff8, 0x7f, 0x10000, r3, 0x10001, '\x00', 0x0, r0, 0x3, 0x3, 0x5, 0x0, @void, @value, @value=r0}, 0x50)
ioctl$FIONREAD(r0, 0x541b, &(0x7f00000004c0))
connect$inet6(r3, &(0x7f0000000500)={0xa, 0x4e20, 0x3, @ipv4={'\x00', '\xff\xff', @private=0xa010100}, 0x7f}, 0x1c)
getpid()
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000540)={<r5=>0x0, 0x5}, &(0x7f0000000580)=0xc)
ioctl$BTRFS_IOC_LOGICAL_INO(r2, 0xc0389424, &(0x7f0000000600)={0x2, 0x10, '\x00', 0x1, &(0x7f00000005c0)=[0x0, 0x0]})
write$cgroup_int(r3, &(0x7f0000000640)=0x6, 0x12)
mremap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
openat$cgroup_type(r0, &(0x7f0000000680), 0x2, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000006c0)="d4087c51101b6d689190aa9de8a51aa7576f61e4c455edd0b3740b6a2edd677f0ddb212ff1385e08f8476bb00052398b0a69b1aef313386ae03ceb46d2a976ad9cdc23fa9b08849ff3cdd3bc7bd6ad7347375f4685895a1b433da6d791ad40e4f4dfe8474854ba0d4c328a85132c6cbe4145c60f6edf0d93cca936ba2fd906bc", 0x80}, {&(0x7f0000000740)="e8c158a6f1f5cfb75e062aa529430664876246dd1af07764599aabbe8a709493ee1fe392707af38eae49737ffeb865bc5ebf2bfb3f3f42ff331bed1454d15bebd329c7159f89d6585ad03f49ffbc042ca82704844b8e244b13bca802a0ef943c6fc8b9b46fc02497d488709cdfb8f62a6bc28250b6b9ee38dcb5eda17c0f71fbe98918285dd21fd27e47e58d291b15ad63bbe68be69c37c1dc811afd53620132adc2b528a13ee03e4bc2861b99593d8786a4", 0xb2}], 0x2, &(0x7f0000000840)=[@ip_retopts={{0x68, 0x0, 0x7, {[@generic={0x7, 0x2}, @ssrr={0x89, 0xf, 0x60, [@empty, @private=0xa010102, @local]}, @ssrr={0x89, 0x1f, 0x59, [@local, @multicast2, @empty, @local, @dev={0xac, 0x14, 0x14, 0xe}, @dev={0xac, 0x14, 0x14, 0x14}, @empty]}, @generic={0x83, 0x8, "37d48538a78a"}, @lsrr={0x83, 0x1f, 0x3a, [@remote, @broadcast, @remote, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, @local]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x4}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xc}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x15}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x40}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8}}], 0x110}, 0x4000)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000c40)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x4, '\x00', 0x0, r3, 0x4, 0x2, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d00)={0x6, 0x12, &(0x7f00000009c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@exit, @call={0x85, 0x0, 0x0, 0x80}, @func={0x85, 0x0, 0x1, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000a80)='GPL\x00', 0x36c, 0xe4, &(0x7f0000000ac0)=""/228, 0x41100, 0x27, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000bc0)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000c00)={0x2, 0x5, 0x1, 0x9e}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=[r3, r0, r3, r7, r3], 0x0, 0x10, 0xfa4, @void, @value}, 0x94)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r4, &(0x7f0000000f00)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x800012}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e00)={0xb4, r1, 0x200, 0x70bd27, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x6}}]}, 0xb4}, 0x1, 0x0, 0x0, 0x40000}, 0x90)
syz_io_uring_setup(0x7543, &(0x7f0000000f40)={0x0, 0x3f55, 0x8000, 0x2, 0x12d, 0x0, r3}, &(0x7f0000000fc0), &(0x7f0000001000))
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000001040)={r5, @in6={{0xa, 0x4e23, 0x9, @mcast2, 0x4}}, 0xca, 0x4, 0x7, 0x9, 0x51, 0x8, 0x6}, &(0x7f0000001100)=0x9c)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000001140)={<r8=>r5, 0x539a}, &(0x7f0000001180)=0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000011c0)={r8, 0x18}, 0x8)
socket$inet6_tcp(0xa, 0x1, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

2m30.337425254s ago: executing program 5 (id=2986):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x1000410, &(0x7f0000000040), 0x4, 0x504, &(0x7f0000019940)="$eJzs3c9vG1kdAPDvOHGTZt1NF/YACNiyLBRU6vzobrRaDnQvILRaCbFCQuLQDYk3imLXUZwsTcghPXJHohIn+BO4cUDqiQM3bnDjUg5IBSJQg8Rh0IyniZvEdWiTeGt/PtJ45r1x/H3PznvP8xznBTC0rkTETkRciIgPI2KyyE+KLW62t+x+j3a3F/Z2txeSSNMP/pHk57O86PiZzEvFY45HxPe/E/Hj5Gjc1ubWyny9Xlsr0lPrjdWp1ubW9eVSkTM7NzM3/faNt2ZPra6vNX7z8NvL7/3gd7/9woM/7nz9p1mxKj+7lJ/rrMdpale9HJWOvNGIeO8sgvXJaPH7w4sna22fiojX8/Y/GSP5qwkADLI0nYx0sjMNAAy67Pq/EkmpWswFVKJUqlbbc3ivxkSp3mytX5tsbtxejHwO63KUSx8t12vTxVzh5SgnWXomPz5Izx5K34iIVyLi52MX83R1oVlf7OcbHwAYYi8dGv//PdYe/wGAATfe7wIAAOfO+A8Aw8f4DwDD5/8Y/307EAAGhOt/ABg+xn8AGD49x/+751MOAOBcfO/997Mt3Sv+//Xix5sb36x8fH2x1lqpNjYWqgvNtdXqUrO5VK9VF9K01+PVm83VmTf3k63NrVuN5sbt9VvLjfml2q1a+YzrAwD09spr9/+cRMTOOxfzLTrWcjBWw2ArPZE6ZqEeYGCN9LsAQN/4Pg8MrxNc45sGgAHX68q/658I3bP4K7yorn7W/D8Mq1K/CwD0zbPN/3/r1MsBnD/z/zC80jSx5j8ADBlz/MCzfP7/wyg+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAhVcm3pFTN1wLfyW5L1WrEpYi4HOXko+V6bToiXo6IP42Vx7L0TL8LDQA8p9LfkmL9r6uTb1QOn72Q/Gcs30fET375wS/uzK+vr81k+f/cz1+/V+TPXuhHBQCATjePZrXH6WLfcSH/aHd74fF2nkV8+G57cdEs7l6xtc+Mxmi+H49yREz8KynSbdn7lZFTiL9zNyI+c1D/Ox0RKvkcSHvl08Pxs9iXziD+wfOfRJqm6UH80hPxS3nZsn05fy4+fQplgWFz/912P5m1u4u721kTK9pfKa7k++Pb/3jeQz2/x/3f3pH+r7Tf/40ciZ/kbf7KfvrpJXn45u+/eyQznWyfuxvxudHj4if78ZMu/e8bJ6zjXz7/xde7nUt/FXE1jo/f1si72an1xupUa3Pr+nJjfqm2VLs9Ozs3Mzf99o23ZqfyOer27R+Oi/H3d6693C1+Vv+JLvHHe9T/Kyes/6//++GPvvSU+F/78vGv/6tPiZ+NiV89Yfz5iZvHLd+9H3+xS/17vf7XThj/wV+3Fk94VwDgHLQ2t1bm6/XaWo+D7L1mr/s4eDEPYifinIN+YzziE1F3B90O+t0zAWftoNH3uyQAAAAAAAAAAAAAAEA3rc2tlbE4268T9buOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK7/BQAA//+TAtDE")
r5 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
fstatfs(r5, &(0x7f0000000500)=""/224)
mount$bind(0x0, &(0x7f0000000100)='./file2\x00', 0x0, 0x2480, 0x0)
write$binfmt_register(r5, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x2007, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000340), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0x1, 0x0, &(0x7f0000000000))
r6 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@o_path={&(0x7f0000000140)='./file2\x00', 0x0, 0x4008, r2}, 0x18)
ppoll(&(0x7f0000000240)=[{r0, 0x64b}, {r5, 0x20}, {r6, 0x10}, {r3, 0x2080}, {r5, 0xa00a}, {r4, 0x40}], 0x6, &(0x7f0000000280), &(0x7f0000000300)={[0xd]}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000007000000000a60000000060a0b0400000000000000000200000034000480200001800e000100636f6e6e6c696d69740000000c000280080001400000000010000180090001006c617374000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x88}}, 0x0)
close(r0)

2m30.335224814s ago: executing program 0 (id=2987):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000580)='mountinfo\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000380)={0x90000008})
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
getpid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, 0x0, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
getsockopt(r0, 0x117, 0x2727, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000400)='rxrpc_peer\x00', r5, 0x0, 0xfffffffffffffff9}, 0x18)
socket(0x2000000000000021, 0x2, 0x10000000000002)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0x8000}, 0x18)
syz_io_uring_setup(0x7b7a, &(0x7f0000000300)={0x0, 0xe484, 0x0, 0x3, 0x2da}, &(0x7f0000000380), &(0x7f00000003c0))

2m30.197530026s ago: executing program 0 (id=2990):
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x48985)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
io_setup(0x8, &(0x7f0000004200)=<r0=>0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
io_pgetevents(r0, 0x3, 0x0, &(0x7f0000000440), &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)

2m30.108847978s ago: executing program 5 (id=2993):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x800000000003}, 0x1320, 0xffffffff, 0x3, 0x1, 0x4, 0x1088f109, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x304}, "04000000000700", "0d07080d004fcf0000e8ffff1a8600", "cf0d00", "8657e2b7e43b34e4"}, 0x28)
write$binfmt_script(r0, &(0x7f0000001300), 0x8f)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000013c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0x1}], 0x1)

2m29.697119584s ago: executing program 5 (id=2999):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
unshare(0x68060200)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$selinux_validatetrans(r3, 0x0, 0x71)
syz_clone(0x90042540, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000300)=ANY=[], 0x15)
r6 = dup(r5)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r6, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
acct(&(0x7f00000001c0)='./file0\x00')

2m29.661775515s ago: executing program 34 (id=2999):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
unshare(0x68060200)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$selinux_validatetrans(r3, 0x0, 0x71)
syz_clone(0x90042540, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000300)=ANY=[], 0x15)
r6 = dup(r5)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r6, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
acct(&(0x7f00000001c0)='./file0\x00')

2m28.195013437s ago: executing program 0 (id=3032):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000200)={0x0, 0x40, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000e40)=""/4096, 0x1018}], 0x1, 0x0, 0x1800}, 0x0)

2m28.180707697s ago: executing program 35 (id=3032):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000200)={0x0, 0x40, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000e40)=""/4096, 0x1018}], 0x1, 0x0, 0x1800}, 0x0)

2m0.203471368s ago: executing program 7 (id=3379):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000004c0), r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x7e05}, 0x18)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
msgget(0x0, 0x2c4)
sendmsg$IEEE802154_ASSOCIATE_RESP(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400130028", @ANYRES16=r1, @ANYBLOB="01002dbd682139d5df2509c1d590d5af54a602d35728ddf794574ad21e4914ce2efc0542d8485a9a63d0d139b72aae6d327eef1255529616da97377067857648be15a34db61028b98211e88bae0c68c253bd7778cf84bf334145faffeb47"], 0x14}, 0x1, 0x0, 0x0, 0x8004}, 0x40)

2m0.166102409s ago: executing program 7 (id=3380):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000101010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x0)

2m0.030850811s ago: executing program 7 (id=3382):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socket$netlink(0x10, 0x3, 0x15)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
timerfd_create(0x0, 0x0)

1m58.948323857s ago: executing program 7 (id=3403):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2) (async, rerun: 32)
r1 = socket$kcm(0x10, 0x2, 0x0) (rerun: 32)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="043900002000ef"], 0x33fe0) (async)
close(r0) (async)
keyctl$restrict_keyring(0xf, 0xfffffffffffffffc, 0x0, 0x0) (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001700)=ANY=[@ANYBLOB="540200001600050000000000fedbdf25ff0100000000000000000000000000010a0101010000000000000000000000004e2200004e2300000a00200021000000", @ANYRES32=r2, @ANYRES32, @ANYBLOB="fc0000000000000000000000000000000000000033000000e0000002000000000000000000000000060000000000000019d000000000000009000000000000000000000000000000000000000000000008000000000000000000000000000000ff030000100000000300000000000000ffffffff00000000ffffff7f000000000900000000000000000000007f000000070000002bbd7000000000000200013f000000000000000001000000060000002c001300200100000000000000000000000000010000000000000000000000020000001c00040003004e204e210000fe"], 0x254}}, 0x40808)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2) (async)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x4, 0xfb, 0x3, 0xfffffffe}]}) (async, rerun: 32)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) (rerun: 32)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r4, 0xd000943e, &(0x7f0000000d80)={0x0, <r6=>0x0, "69ffc0ab8d2e874f933652e8b6eac102cb0905244683363962b0cb27812ffe71388fbc76682271379120d8a9ec79cf5704e265b5d8098e0b61ef323354ea0ebc81c683e40399b8bd39be2cf5a58dd305c760d930d2ebf5c860184d4dbd23ddf492b943ee1e270d632570f9f258452502c97a4b6b31320a31ee944e1cbf3aa02d3b84b75cc761ac62ea9f86532f0dc66a3901f1ca0818448163bf2a6b4c1173c8ae4782dd1564356e2238211f2577bc2d413ca0514e1758bb4ff894fef2a1509e285bd715013652e75d1fe29b8cb51cc6c94f527e0db0d819c657036c231cc127ca93833ee34cc78164df77eeb810d723f57cbb662637ea1278e97bbe8cb2685a", "6e97d1bf15b94cd1d6c78923fb21e1f389fe8660f9a360c58728a8d3020d5e5d4b9c9713ee5d97218c1508198849dc4bbb6a1988725a8caebbc4689a154a8f65ac60f40be6edb9c07c107a2a1208384ff84b479d867beef16d46810d94359ad43a76118565ba100d373e87b834fcdb4b4b534e4ecc32e34d57e62c669883938ed6f02fb9cdbd0b8ecef49865a965c5256fbf14ad9b8f2d0802271f4031de86e130a6020a408f80f2b3aa69d0ced7518ff8700bb2191d0e904905239c0e34c9df599d5422a7628cdb049e49efb3185f06f6746b139471a33edbbc62304a9199fc0e72e9472052bb370c78d0a0444501fc86075d3590cff8245e958c263f41461ccffe593aea1a2c8f07b9c071870a41048589ba465f092aa71377226d7c091627badf9421579133188a7b28a1e704a3aade178aa73ef011dd8e7866133d1c86abb7ba4eb1c119bad31e619c9d3a6dddca4bc05090718cbf91040e1fb39412c8e3dd27d29730bdcdd7a8570883d89d3bbf1bbdac4ae81685378e663df9f0c4b851b36ec485dfec0a8d3ad0b5836b7be94966df7e3a1abdf03ee2b80255e670e8aa280877d1e65abc22ae90fb250892b8b7b41c9bcb6a59dccdafd6885e63881a3fad1f7e6ed7891600e98f2b2666887f35108ca885103cb1a99b3e3f762a38cfbbcd5820cdfd33f8f66ee983cd694c83640526b76baadf7c27831dec984f8cc8df11ea3ccb57c8f1184ad651ba687ce1976be757148ae3ae2b81a90a5f99e2e15605bcdca2a47fecc533c993e837cc5b94346bb7ade7ae95a03ba63c4f6b7a87e18e2bde0c0c1e68ff969f4f8a08b9d8edd2efa4612aab94785fd0c9f66256814c611c7f654abe5d95588d311ad5760652e26387cb3a908255ff512a0a9137fa865bb2d19ba88038124d9680c542cc0f74bbcdf637e06c9bc651a26acacdfbe195a95bea6428d37d6d4f5de3155d1fbfe1f570a5fe4dd54c29682f9d8f5ba366f22dc5a101857a66140c378ebc5a3ed36693fb6d4aa1bbd76de715f5c4a9fa1655253f4576431bca7f9e33a3e9dbef5d3f7be106bb5d2a3cfa1e8e2ab5acf02eb40a0830f8fa2bd12fd2edeebb70a01bc0501c9c55e865593a1e6e725fee315b3b35bf0aff7716bfb3caca98be78f8e9d8ca70cf701347bdc78296f9de7ad1c96a071eb3d700a3e5a1190b4781956d770de9eb606edb0543c79422c68fcb4ed6a8eb2b298f7b563a9c3220415000a35b07d61c63de6f7465710d7bfbad24eb9dc0327685de5d6ea80dd027f3110f34e1d99de65a0f8cb95ec78ab3a9bde1c978c62e0a7fb8519a40b927ee3fa438abc52c56f9ec5cf1e864827b6e11782726039d08c707d6bc1aadf48171b3762d966282b0da0f8a180bb2f47a49307e80139086d458814d37ac48113e9c99613f92437d35a37a6033335aad38a0888a59c49a8648f2b3ec161a4deb8a1ab3324764a8e2d0a6d49b51d7f981065a4c52438be0c8e0ce8b74dfff6642c94994d9e76e666bc8dd441a3b28c05af10941c2f648b4b731ea3ecda40c3e2cb10664632bfe35cf90be8a5eb77cca69bf05a4970d5d4c88f825b6b837cc1d8d9de6dd2e0bade6418f4340b3732a82bc453c80db33e2fa61c4b2be085d5c3a993aa064337a8080d22ce9246d8df20ee4b40c775f8c96166f057cf3662df5b9f466da3db177bab64ab5d36ba963e5129f8af0e4a2fbb9f72749d65f371a4e7dbd10ac88e6ef2d79e5008f9242663e6fad46ac7b45ae281dbe348176b80a501d008afa0e734b8f874c54ca8f61bad2729ab3a867665d2028edd92008a334b1a1a90b1cb6e6aa19a58ff6edf100c26244b51b28aa0fd6ae57d6a772a75916b7eb05b89416a79016f173c44d192d2fb66d4d58bf0d3dd4fec38bab0d54883605a85e8e95f21db253872f9837a69cf8e1065dbadbbb105359b240d8c0b6848989ac9c57aec01538281d9da5947b9e1e90073bfc1046cb5f66e81b019a42b7ca32dd4c87defaf8d31cbbc4d29423d2501b24bd2f347fde0443ea87f1dfc12410739328effb8e0ccc03a4ff5a66ebce6b70bc4e172d6909004d62a276df63e6ff9e8245c0cc41e54557c1ce43adb5cfab80bf8a390b5aadd18deeab5c856df0b00f4c3fd439be8b7a9002bba58f9102726817a7b434b8f03cc456b656d382e1fbfa8c9988f34d9f12234d7ee7c57df98b99331c181c95dd0dadb6ad56fec4ad1b6f56c627cf9fd7a5383007b0b7fcbf65c9ab654fe91397bb219dc6cb459b51d977c7abeaf1214cd0187cf92f256e87bc91b3e1ff16204ce14ddacf224c23bcb745cc91776e0e0275fb3b83e6ac5c085b820bb2f6a40004a018f1fd6c31095a9e84d3d18490ea2e39c6d2b0f946b47de08a8dcf56c8a1f14088d3ecaf1161c7de8f47d5c39397aadd3a127a467b3d79a1dbdc532d94939b69198c9c25111e229b89fe5a34f45b75b6e78ff2e5b692d611825ac88240a774c73fb8858101b6132be61afa2b9d3fd42d52601b9580f2fae2bff3004c4c984b229100083798f6bef72b5d7e81f1e62faaf20e0b8ac17ce6c60e9a168a6d954859094a965446fc9847085743c9a002840b8692b73de9402aec8a1c9d73a3144d00c3f76588276f071082c936605d5c5f26436df1915ba755234b127b5351587e6cf805551937c8a2385d3bbefdb5fdca6587dcd1bd144ce61efcfbe8ba217de4b1ccd1e3f58e0672bf4788c4470d4b911b928bb54b865e38100bd22b9191cebe2cfd527dbe4dceeb8388e81b6449e65445c7b76c2356ad59a9e5ec02b07fa4eb038f7bea3bfc00c7034e773401eea9cbc487b63231a0b03cb3a3c4fa6b7ac0bbdc9f03908c276d5d09eecee1a67c387b9182048a19a4d3062e4fa3492eab7c441717d951fa56a4036d76e7e3fcdb58654fc6915b6e2267622fb47974abebfbe67c0d9485ebeda87c8549545ae2cb52db9f1ad88d440a16a8180793904f244dd412fa31ee3caad9f13a39caf1d7312e8edd037e9cf51a2ae170272a7d6a184e98237cfac4c4133ca250b0e49b6ea0f16aa2b977ec1b9730533b6c7a53da92930a771b3533cf81c1675575c222b759f9231ce1d3829bf24e6b3b6badd7ad5aa507b2b95857fbe7d737b0d8b6bd1cb2de9ed6a8f781a32cd58a7c3669e8328595c8a11f97dab94712659e75766370be8219e63f12619697045b490e006ed901f34ae3b68522633afb4ec18675488b55a9f981ae50fcd641a54ee797be25aa486e7803656eb39b7b6cb295762467ddc655597f2a921fcd38d045de4ac915788f77c27edb63b66c8d4502eb2e0fad680660b2ce0cff7a3b7dc4bafedf11d69a8a3f191b58a0598ffa1d418f3202bf2d8ef87b267215c66e2fa5bcb12d39173d707c501fdd0bb534ebd9220dcda5ac6f5047f98b3288848641fa03b1eac66f0804e94a73ec50cc33172f785c92af44f4dd179f900ad2721d10acaef2721335c5cba7f9e614475caa0bfa5eee05a10d340abacb4a20aae9b2a23dfb82c253090e74314b97dcfe11b96cce0ee8b7f5679d304ffa4f7ef054ee062d3161995e3184eda233e5b82308f09d0ac4a3d1d2487c24920edd6f6cd1a8c2730b5994b106da5914d5f7d32c0e4aa42c28d6d0b2236e909cb340bbd2920a49d415978178d5e782b159e9fa15cd1ccdffd393567fcb04225a3b4a350e95571ccaf8a6b0297a2828c13c51d19c8ca1a9dacea9cdc1b853d205d19c1fe2bafd63004b91337c316aa9d21092ffc4101d13331332991136f296d5cb16b0387ad89b4d09d6864251976a37c40620b773722fbd7f4c0544a93a5ae089654c7a94d649c04780f023fe6842b12999c2f80f1df602e6e7bc63ea67f35a85fc64b03c76d4ec6a8518820c2683a3dd4844e46ffdee458dab675dc2aa00ded3050fc919a8eac00a7a620bd0f9313ac71685b1c0d6b06e82a724bb158a7d10bf15b93bbefb3e08452f50a880a3212c45c735c667b880f923e40f51ceb8b9f8eb7eee55cf3b1f2fa95f40b8e5a803593dd2d7958bd91dae738b0ee5e894699b9899fc5cac65212949e294c558ccf76c3ef2d05872d0526a8b7e1bf8b4d0d12243eaa2ce73cd46f7c26567f26c00c14b08360bd37d35691596c1b69b5af7c003513a241f9148ed59125dfcae89c6695954a77a67a5071d9e3937e634aa57f71d06d0069af3f137e9bc5f5ddbdf347a74fbe106a50a8ff38b507a83b0508d60bdd79bae88673fc3b3b31421d4a15ae4437a630819e4274ff6fa382bc4f25d6e7c2e10d1c96ab1f8f2f77872d666c7934b52c055dcfc31d7631c9d29a6ffad11d0cbd1e9f8ced1835e60f5bb5a81e13277f6d35c16e5c9f59cf64ad15edd8b5ded7665721f790af67b7ce638196043ea0490c77cff0f3b092e176055a75615f8fea8bbc32c8491074e100ce93f69d6379c8151bc044c496fe5cc1bb5dd417d5f0649ad5ea10034435ec4203021d30ee4a7191717b01918f96fce93188a60fd9c748bc3089ddec7097eac183a8b82dca81aec4b50f23b5f48c1ec68ddc7b3ab20a5a389b60fbec1d11644e961605cd319346ed86c923c9ccc05928921162fb2394b101bc3c0a26d8f3f1c83f7b41bfa5f714fd760bea67a72d6e64c2657c63730b05a2b9b82f17f7558cc807a7c5b5d9532824ec7453b996f783efcbd1c10c0a81db09f3beab246f11fe40dc0280f415e3a698dcaf915c5d46a451d58a5c2743cb7745b84988cb9b660220fcdde84602e3b35bb4ae21d684f8326e444fbc46022be099f9096a7f9fc14a87a6c25a18750bf142e6d840334008af635c8ffcae7e7f7b13a8c7bff8b51b5151cc3358063a9a5ce7f74c65a812e6742d371feda8c06cf26086ce6eb3947a3ce0e4cfd326456da4763599477fb757d0abafd221feb7741b3e9a8fc585c8891a3812d3594ab185e9773e128e0102c5d9460e216302ef65c1f11a6e06082948f6afa7c8d16f0fd42821bef41f50c822601d21e51acdbfeb1ac74f7f20794d48534e2fbb01d30918457d59241890f1eaf90b3b425d4537a9b0389e9ba3772832bd79cd89c508b34a3feb7444579a6d1419967bd11b570fe36d618163238d979877e67f1f900a6b8b61a7c7468c0dcb0b0984ed3bf3bf2dd5c4b0784b494155a47fc98baaac258ac757e5f7b8dc77e5d19b1d1216bd2b2581b91fe263c558693607fb19049e1fc5fdecb0e507244f52748ffe77ba1c1de50200b419fedd150fcaa4d7aedd241c5919797a3077c22f5675f0324b5a2132b62ff960a90dd267e4a8689f3fa67f95788f89270edf445c74255ac585e6fb2f4b1620cf615e25c236ef07dc582b62415d6107336c1bff85af262228284dd8bb26589068bb8cd09ff8b2f3e3b5ea02d55f5eafdfc6732515055c0ed11aaaf5c3ed5340d0ee55002"})
ioctl$BTRFS_IOC_INO_LOOKUP(r0, 0xd0009412, &(0x7f0000001d80)={r6, 0x1ff}) (async)
capget(&(0x7f0000000d40)={0x20080522}, 0x0) (async)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}}) (async)
write$cgroup_type(r0, 0x0, 0x0)

1m58.870147349s ago: executing program 7 (id=3408):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000240)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4739}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@norecovery}, {@user_xattr}, {@nodioread_nolock}]}, 0xfd, 0x512, &(0x7f0000001600)="$eJzs3c1vY1cVAPBjJ3acTNqkpQtA0A5tYUCjcRJPG1VdQFkhhCohugRpGhJPFMWOo9gpTZhFumaLxEisYMkfwHpW7Nkg2LEZFkh8RKAJEgtX7/k548nYkyhfjuLfT3p6H9f2OTcZ3+scj30DGFk3I2IvIooR8XFEzGTXc9kWH3S25HZP9h8sH+w/WM5Fu/3Rv3Jpe3Iteu6TuJE9ZikifvS9iJ/mno/b3NldX6rVqlvZ+VyrvjnX3Nm9s1ZfWq2uVjcqlcWFxfn37r5bObe+vlEvZkdfffzHvW/9PElrOrvS24/z1Ol64TBOYjwifnARwYZgLOtPcdiJcCr5iHg1It5Mn/8zMZb+NgGA66zdnon2TO85AHDd5dMaWC5fzmoB05HPl8udGt5rMZWvNZqt2/cb2xsrnVrZbBTy99dq1fmsVjgbhVxyvpAePz2vHDm/GxGvRMQvJybT8/Jyo7YyzBc+ADDCbhyZ//870Zn/AYBrrjTsBACAS2f+B4DRY/4HgNHTO//3+awuAHANdeb/yWGnAQBcIvV/ABg95n8AGCk//PDDZGsfZN9/vfLJzvZ645M7K9Xmerm+vVxebmxtllcbjdX0O3vqxz1erdHYXHgntj+d/fZmszXX3Nm9V29sb7Tupd/rfa9aSG+1dwk9AwAGeeWNR3/JJTPy+5PpFj1rORSGmhlw0fLDTgAYmrFhJwAMjdW+YHSd4W985QG4Jo772G+p3weE2u12++JSAi7YrS+p/8Oo6qn/+1/AMGLU/2F0qf/D6Gq3cydd8z9OekMA4GpT4wcGvP//arb/XfbmwE9Wjt7i4UVmBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFdbd/3fcrYW+HTk8+VyxEsRMRuF3P21WnU+Il6OiD9PFCaS84Uh5wwAnFX+77ls/a9bM29PP9P0+o3Dw2JE/OzXH/3q06VWa+tPEcXcvye611sPs+uVy88eADheZ54udvY9f8g/2X+w3N0G3XfvAvL5x3cjotSJf7BfjIPD+OMxnu5LUYiIqf/ksvOOXE/t4iz2PouIL/brfy6m0xpIZ+XTo/GT2C9davz8M/HzaVtnn/wsvnAOucCoeZSMPx/0e/7l42a67//8L6Uj1Nll41/yUMsH6Rj4NH53/BsbMP7dPGmMd/7w/c7R5PNtn0V8eTyiG/ugZ/zpxs8NiP/2CeP/9Suvvzmorf2biFvRP35vrLlWfXOuubN7Z62+tFpdrW5UKosLi/Pv3X23MpfWqOcGzwb/fP/2y4Pakv5PDYhfOqb/Xz9h/3/7/49//LUXxP/mW/3i5+O1F8RP5sRvnDD+0tTvS4PakvgrA/p/3O//9gnjP/7b7nPLhgMAw9Pc2V1fqtWqWw66r5GuSj79DybjSqRxyoPuS8jTPk5y3+H3ov/Bdy4rVnHAP9FfvNX54R5pardPFWvQiHEeVTfgKjh80kfE/4adDAAAAAAAAAAAAAAA0NdlfGJp2H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+vo8AAD//0uHx+8=")
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$kcm(r0, 0x0, 0x24000085)
r1 = syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000400)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x6, [@var={0x4, 0x0, 0x0, 0xe, 0x3}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x4, [{0x0, 0x1}]}, @typedef={0x0, 0x0, 0x0, 0x5}, @volatile={0x0, 0x0, 0x0, 0x9, 0x3}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x5a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r2)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r1, &(0x7f0000000140)='fd/4\x00')

1m58.747660331s ago: executing program 7 (id=3413):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000180), 0x10)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100020, 0x0, 0x0, 0x6, 0x3, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
sendmsg$can_bcm(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x5, 0xd8, 0x0, {0x0, 0x2710}, {}, {0x0, 0x0, 0x0, 0x1}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "f8ca44b8874fdf8a"}}, 0x48}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xe)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$GTP_CMD_NEWPDP(r4, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@GTPA_MS_ADDR6={0x14, 0xc, @remote}, @GTPA_PEER_ADDRESS={0x8, 0x4, @remote}, @GTPA_MS_ADDRESS={0x8, 0x5, @empty}, @GTPA_PEER_ADDR6={0x14, 0xb, @private1}, @GTPA_MS_ADDRESS={0x8, 0x5, @empty}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000094}, 0x40085)

1m43.712049212s ago: executing program 36 (id=3413):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000180), 0x10)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100020, 0x0, 0x0, 0x6, 0x3, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
sendmsg$can_bcm(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x5, 0xd8, 0x0, {0x0, 0x2710}, {}, {0x0, 0x0, 0x0, 0x1}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "f8ca44b8874fdf8a"}}, 0x48}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xe)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$GTP_CMD_NEWPDP(r4, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@GTPA_MS_ADDR6={0x14, 0xc, @remote}, @GTPA_PEER_ADDRESS={0x8, 0x4, @remote}, @GTPA_MS_ADDRESS={0x8, 0x5, @empty}, @GTPA_PEER_ADDR6={0x14, 0xb, @private1}, @GTPA_MS_ADDRESS={0x8, 0x5, @empty}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000094}, 0x40085)

3.907906089s ago: executing program 2 (id=5244):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x121001a, &(0x7f0000000180), 0x1, 0x42e, &(0x7f0000000940)="$eJzs20tvG0UcAPD/rpOUvkgo5dEHECiIiEfSpAV64AICiQsSEhzKMSRpFeI2qAkSrSIICHFFlbgjjkh8Ak5wQcAJiSsfAFWqUC4tnIzW3k1sx3k4deKCfz9pk5ndcWb+3hl7dicbQM8azn4kEYci4o+IGKxlGwsM137dXlma+ntlaSqJSuXtv5JquVsrS1NF0eJ1B/PMSBqRfp7EiRb1Lly9NjdZLs9cyfNji5c+GFu4eu352UuTF2cuzlyeOHfu7Jnxl16ceKEjcWZtunX84/mTx9549/qbU+evv/fLd0kRf1McHTK82cGnKpUOV9ddh+vSSV8XG0JbShGRna7+6vgfjFKsnbzBeP2zrjYO2FWVSqVycOPDyxXgfyyJbrcA6I7iiz67/i22PZp63BVuvlK7AMrivp1vtSN9keZl+puubztpOCLOL//zdbbF7tyHAABo8EM2/3mu1fwvjQfryt2brw0NRcR9EXEkIu6PiKMR8UBEtexDEfFwm/U3L5Ksn/+kN3YU2DZl87+X87WtxvlfMfuLoVKeO1yNvz+5MFueOZ2/JyPRvy/Lj29Sx4+v/f7lRsfq53/ZltVfzAXzdtzo29f4munJxck7ibnezU8jjve1ij9ZXQlIIuJYRBzfYR2zz3x7cqNjW8e/iQ6sM1W+iXi6dv6Xoyn+QrL5+uTYPVGeOT1W9Ir1fv3ti7c2qv+O4u+A7PwfaNn/V+MfSurXaxfa+/v7tji+0/4/kLxTTQ/k+z6aXFy8Mh4xMNfYKar7J9bni/JZ/COnWo//I7H2TpyIiKwTPxIRj0bEY3nbH4+IJyLi1CYx/vzqk+/vPP7dlcU/3db5X0sMRPOe1onS3E/fN1Q61E782fk/W02N5Hu28/m3nXa135sBAADgvymNiEORpKOr6TQdHa39v/zROJCW5xcWn70w/+Hl6dozAkPRnxZ3ugbr7oeO55f1RX6iKX8mv2/8VWl/NT86NV+e7nbw0OMObjD+M3+Wut06YNd5Xgt6l/EPvcv4h95l/EPvajH+93ejHcDea/X9/0kX2gHsvabxb9kPeojrf+hdxj/0LuMfetLC/tj6IXkJiXWJSO+KZkjsUqLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//9Oa5Js=")
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000840)=@framed={{}, [@snprintf]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = gettid()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000340), 0x801, 0x0)
ioctl$SCSI_IOCTL_STOP_UNIT(r4, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
readv(r5, &(0x7f0000000c40)=[{&(0x7f00000003c0)=""/7, 0x7}], 0x1)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r7 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000740), 0x1, 0x0)
write$selinux_validatetrans(r7, 0x0, 0x67)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0x20, &(0x7f0000000080)={&(0x7f00000002c0)=""/115, 0x73, <r8=>0x0, &(0x7f00000003c0)=""/115, 0x73}}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYRES32=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='kfree\x00', r9, 0x0, 0x80}, 0x18)
r10 = socket(0x2, 0x3, 0x3)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000040)={0x0, 0xfffffffffffffffc, 0x6, 0x0, @buffer={0x2, 0x51, &(0x7f0000000200)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x10026, 0x1, 0x0})
r12 = openat$null(0xffffffffffffff9c, &(0x7f00000004c0), 0x20, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000500)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x2, '\x00', 0x0, r12, 0x4, 0x5, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000740)={'macsec0\x00', <r13=>0x0})
sendmmsg$inet(r11, 0x0, 0x0, 0x4000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18)
sendmsg$nl_route_sched(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0xffffffff, 0x0, {0x0, 0x0, 0x74, r13, {0x0, 0x7}, {0x0, 0x4}, {0xa}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4000}, 0x0)

2.868488705s ago: executing program 2 (id=5278):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0x2000000000000209, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r0}, 0x0, 0x0}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
statfs(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000380)=""/168)

2.717490867s ago: executing program 2 (id=5279):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)

2.287200204s ago: executing program 9 (id=5285):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r0}, &(0x7f00000008c0), &(0x7f0000000900)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r2}, 0x10)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r0}, &(0x7f00000008c0), &(0x7f0000000900)}, 0x20) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r2}, 0x10) (async)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x1) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)

2.111699566s ago: executing program 9 (id=5287):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000002c0)=0x1)
ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f00000001c0))
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f00000002c0)={0x1, 0x4, 0x0, 0x0, @vifc_lcl_addr=@empty, @remote}, 0x10)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae"}, 0x3c)
setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f0000000040)=0x6, 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44000000, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000680)={[{@init_itable_val}, {@user_xattr}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x439, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7aQlfZBQlUfTAoHyiHgkTVpKD1xAIHEACQkO4RiStApxG9QEiVYRBIR6RZW4VxyR+As4wQUBJySucEeVKpRLS09Ga+8mtmOnSerEBf9+0iYzO2PNfN4de3bHG0DXGkr/JBEHIuKPiOivZusrDFX/3VpZmvpnZWkqiXL53b+TSr2bK0tTedX8dfvzTE9E4cskjjZpd+HS5bnJUmnmYpYfXTz/0ejCpcsvzp6fPDdzbubC+Jkzp06OvXx6/KW2xJnGdXPw0/ljR958/+rbUxNXP/jluySPvyGONhnaqPDpcrnNzXXWwZp00tPBjrAlxeowjd7K+O+PYqwdvP5444uOdg7YUeVyufxQ6+LlMvA/lkSnewB0Rv5Fn17/5tsuTT3uCTderV4ApXHfyrZqSU8Usjq9Dde37TQUERPLt6+lW+zMfQgAgDo/pPOfF5rN/wpRe1/o/mwNZSAiHoiIQxFxOiIOR8SDEZW6D0fEI1tsv3GRZP38p3B9W4FtUjr/eyVb26qf/+WzvxgoZrmDlfh7k7OzpZkT2XsyHL170/zYBm38+PrvX7UqW53/zT0TsXz7Wtp+PhfM+nG9Z2/9a6YnFyfvJuZaNz6PGOxpFn+yuhKQRMSRiBjcZhuzz317rFVZ7fx3omn8G2jDOlP5m4hnq8d/ORrizyUbr0+O3helmROj+Vmx3q+/XXmnVft3FX8bpMd/X9PzfzX+gaR2vXZh621c+XNvy7I7x9/8/N+TvFe375PJxcWLYxF7kreqna7dP95Qb3ytfhr/8PHm4/9QrL0TRyMiPYkfjYjHIuLxrO9PRMSTEXF8g/h/fu2pD7cf/85K45/e0vFfS+yJxj3NE8W5n76va3RgK/Gnx/9UJTWc7dnM599m+rW9sxkAAAD+ewoRcSCSwshqulAYGan+hv9w7CuU5hcWnz87//GF6eozAgPRW8jvdPXX3A8dyy7r8/x4Q/5kdt/462JfJT8yNV+a7nTw0OX2txj/qb+Kne4dsOM8rwXdy/iH7mX8Q/cy/qF7NRn/fZ3oB7D7mn3/f9aBfgC7r2H8W/aDLuL6H7qX8Q/dy/iHrrTQF3d+SF5CYl0iCvdENyR2KNHpTyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID2+DcAAP//NTzkEw==")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'})
r6 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r6, 0x2284, &(0x7f0000000080))
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="b400000000000000dd0a0000000000007301310000000000950000000000000085be803b6dbc2c7cc34fc4df8408654bb17a35dc299920cfeb63acbad3e0e0f93c7550c304c97e5fb17958627cd753cae5d82c5164c6b4849a14261578f71a43dffa62c1b9b2a12e508ca864d186c5a364dc324c4c5b755c279aa1b01eca4cf9937fa587de9589e3b2395f0b314d010afca2bf6fc3add2314cf15eceea08086cf003ff6b78046809efb106f624dca255b0976593aa9771f31285afeac72b33874ac78fb2fc7371b9862b379e8af4b40e83d7464f05fb63143770a6a4d579f8391e38bd6c59ef118c667d6cb154316c14a6884b796dcbfdffb5594f8bf358ebe3f5"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.939658709s ago: executing program 2 (id=5292):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000c80), 0x10000005, r0}, 0x38)
r1 = socket$kcm(0x2b, 0x1, 0x0)
close(r1)
socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(r1, 0x1, 0xd, &(0x7f00000001c0), 0x45)
close(r1)
syz_emit_ethernet(0x4a, &(0x7f00000003c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x2f, 0xff, @remote, @local, {[], {{0x0, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$selinux_load(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="8cca2923f91b092571"], 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kvm_ack_irq\x00', 0xffffffffffffffff, 0x0, 0x2}, 0xc)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'\x00', 0x2})
ioctl$TUNSETOFFLOAD(r5, 0x400454c9, 0xad356f19b320d40b)
r6 = socket(0x10, 0x2, 0x0)
r7 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r7)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000600)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', <r9=>r8, 0x0, 0x0, 0x0, 0x2, 0x40, @private0, @dev={0xfe, 0x80, '\x00', 0x2}, 0x1}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl0\x00', r9, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @mcast2, 0x0, 0x0, 0xfffffffc, 0x1}})
ioctl$SIOCGIFHWADDR(r5, 0x8927, &(0x7f00000000c0)={'netpci0\x00'})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000105000100070000000900020073797a30000000000c0007800800134095a565000000000500050002000000050004000000000015000300686173683a69702c706f72742c6e657400000000"], 0x5c}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
openat2(0xffffffffffffff9c, 0x0, 0x0, 0x0)

1.735227843s ago: executing program 2 (id=5296):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff)
syz_clone3(&(0x7f00000008c0)={0x15340180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1.678228393s ago: executing program 2 (id=5297):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
syz_usb_control_io$printer(r0, &(0x7f0000000080)={0x14, &(0x7f0000000840)=ANY=[@ANYBLOB], &(0x7f0000000040)=ANY=[@ANYBLOB="00cac985380e67f4ddc1c7d8ba99cbd67822cad9c1d5a34b67d1420335000000350303e675abdc"]}, &(0x7f0000000400)={0x34, &(0x7f00000000c0)=ANY=[@ANYBLOB="200e480000000f6d8387d35c4d8370660bb1f52cf0b4c3248857162b22f05e8a35e51980b92ee592c115c7e8087ee3edfdc09e03d48d23ee0e2b86084e33cc0cda62325ec4ea02fa8d2fc63438f0"], &(0x7f00000001c0)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000000200)={0x0, 0x8, 0x1, 0x8}, &(0x7f00000002c0)={0x20, 0x0, 0xe2, {0xe0, "8546c826f1c63853005bbe7736a728a1a38b0712e64b420356a1d50a37acaed2f513eeb8db0b10d51fb8b5746357927550ac6bd7e6be51ba1fdefa5bae24da7ae3a5577dd8249aaa1d8a53784629cf85f05d15a1fd27811db3f98da9d2b4c3bd5f1645f77153905fce72d489ef5b7c665301e9cb56cde93f726e291774a7189239220444ce4a739d5545ef0b33332d3026619d2fc521c829a7c955601adf907734a613f4506087d798c0ca7e44970f3b1387eff33e41adb9945ebc5fd7b917cca98b615618da7b43097407ef36ee838dcdf7c2d39fe4f0c5e948c6a8d00a990a"}}, &(0x7f0000000240)={0x20, 0x1, 0x1, 0x5}, &(0x7f00000003c0)={0x20, 0x0, 0x1, 0x6}})
r1 = memfd_create(&(0x7f0000001480)='\x01\xfd\xae.+\xa6\x8c\xf8\xff2\x199\x94S,|\x99x?Ue[\xbd\xe1!\x03[d \xa0\x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\a\x00\x00\x00,\x82\x03\xfa\x18\x8dR\xbb\xea5F\x00G\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xccV\xa6w%\x06\x19\x7f\xc3\xb3O\xe5t3\x03\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2y\xc8W\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6x\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bO\xf0\x1ab\x96\xcf\xbb\x15\xcf\xfcNm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00p+\x96\x1ei|n\xda\xee\x01\xae\x96*\x82*\xb8j\xfa\xaa\x14\x1f\x1d\x9f\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xean\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\xf4\xcd\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\ti\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x17&\xb9]1\x05J\x96\xf0\x84\xc1L9p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xeb;lb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\b\x00\x00\x00\x00\x00\x00\x00\xb8\x02\x00\x00\x00\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01;\xbfM.\xe3\x84\x82\x9c\x91\a\x9b\x191c\xaeLz\xe0\x04Daz\x8d\xc3\x03\xab\x8dEGC$\x00e,\x94#\xcd4\xf9\x05\x88.\x13', 0x1)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000240), 0xfffffecc)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x3)
syz_usb_connect$uac1(0x0, 0xa0, &(0x7f0000000500)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8e, 0x3, 0x1, 0x3, 0x20, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x0, 0x4}, [@feature_unit={0x9, 0x24, 0x6, 0x6, 0x3, 0x1, [0x7], 0xaf}, @mixer_unit={0x6, 0x24, 0x4, 0x4, 0x4, "fb"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0xf6, 0x1, 0x6, 0x7}]}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x6, 0x1, 0xff, {0x7, 0x25, 0x1, 0x0, 0xff, 0x6df1}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x7, 0x2, 0x23, 0xf2}, @format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0xb, 0x1, 0x81, 0xf8}, @format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x81, 0x2, 0x5, 0xfa}]}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0x8, 0xc5, 0xe, {0x7, 0x25, 0x1, 0x81, 0x7, 0x72}}}}}}}]}}, &(0x7f0000000740)={0xa, &(0x7f00000005c0)={0xa, 0x6, 0x110, 0x7, 0x7, 0x65, 0xff, 0x2}, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x1, [{0xab, &(0x7f0000000680)=ANY=[]}]})
fcntl$getownex(r1, 0x11, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$rfkill(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001840)=@newtaction={0x894, 0x30, 0x12f, 0x0, 0x0, {}, [{0x880, 0x1, [@m_police={0x87c, 0x1, 0x0, 0x0, {{0xb}, {0x850, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xb, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}], [@TCA_POLICE_AVRATE={0x8, 0x4, 0x8}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0xffffffff, 0x7f, 0x401, 0x2, 0x0, 0x2, 0x80000000, 0x4, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x206, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x1, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x1, 0x4, 0x5, 0x8, 0x2000009, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x97, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x1fe, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffe, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x5, 0x2, 0x7, 0x3, 0xcdd, 0x2, 0xd67, 0x7, 0x4, 0x25, 0x9dc5, 0x7, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0xdb5, 0x101, 0x4, 0x74e4, 0x7fff, 0x7, 0x7ff, 0x1, 0xd70, 0x1, 0x8, 0xa, 0x7, 0x1, 0x82, 0x52e, 0x7, 0x1, 0x5, 0x26, 0x1, 0x1b2a, 0x81, 0x9, 0x1c, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x0, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0xfff, 0x8, 0x5, 0x5, 0x6, 0x3, 0xd7c3, 0x2, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0xfffffff7, 0x7, 0x2, 0x0, 0x6ee1847d, 0x10001, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x6, 0x4, 0x7, 0x2, 0x0, 0x1, 0x4, 0x3, 0xfff, 0x80000001, 0x7, 0x676, 0x3, 0x9, 0x2, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x0, 0x8000, 0xa, 0x9, 0xca000000, 0x2, 0xfffffffa, 0x3, 0x7, 0x9, 0x7, 0x65fe, 0x9, 0x6, 0x4, 0x80000000, 0x5, 0x801, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x9, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x5, 0x10000000, 0xb, 0x7, 0x5, 0x2, 0x4]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x894}}, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_clone(0xc4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r7)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_TP_METER(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="fd8d00000000000000000200000008000300", @ANYRES32=r9, @ANYBLOB="0a0009000180c2000000fdff08000b"], 0x30}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.612161545s ago: executing program 9 (id=5299):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
process_vm_readv(0x0, &(0x7f0000000840)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, &(0x7f0000000c80)=[{0x0}, {0x0}], 0x2, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r4 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040), 0x40c100, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000280)=0x14)
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f00000002c0)={@mcast1, @empty, @loopback, 0x4, 0x1, 0xea17, 0x400, 0x2, 0x20, r5})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r7, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setrlimit(0x9, &(0x7f0000000000)={0x0, 0xfffffffffffffffe})
syz_open_dev$vcsu(0x0, 0x9, 0x430200)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x18)
io_setup(0x2004, &(0x7f0000000680))

1.163838181s ago: executing program 6 (id=5303):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, &(0x7f00000001c0)=""/59}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
unshare(0x2040400)
r2 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r2, 0x0, 0x0)

1.142636372s ago: executing program 6 (id=5304):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
statfs(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000380)=""/168)

1.035801943s ago: executing program 6 (id=5306):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000200)='./bus/file0\x00', 0x43)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="03000000040000597670f61001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), r3)
renameat2(r1, &(0x7f0000000240)='./bus/file0\x00', 0xffffffffffffffff, &(0x7f0000000800)='./bus/file0\x00', 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000140)={0xffff, <r4=>0x0}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYRESDEC=r0], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000007c0)='jbd2_shrink_checkpoint_list\x00', r5}, 0x18)
socket$xdp(0x2c, 0x3, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x20)
r6 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014001100b7030000000000698500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000a80)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xffff, 0xfff1}, {0x0, 0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x8, 0x0, 0x2, 0xffffffff, 0xfffffffd}}}}]}, 0x4c}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000840)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='3\x00'/12, @ANYRES32, @ANYBLOB="e9b8b15830ecd071b3891a5a8895a2d2fd79b6e2dfc3fcf4872d5625f66d3bddc278f6ba7f68dba186c1dd8751ccff93742896fdfb7f25281b272a6ea094ac80535ee8d0e22a3147b7dc3b364ea6178b50675af317a4126f38", @ANYRES64=0x0], 0x20)
socket(0x15, 0x5, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r9, 0x0, 0xffffffffffffffff}, 0x13)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x3, &(0x7f0000000000)={[{@nogrpid}, {@noload}, {@noload}]}, 0x1, 0x626, &(0x7f0000000100)="$eJzs3c1vVOUaAPDnTKff994WcnOvuJAmxkCitLSCIcZE2BOCHzvdVFoIUiihNVoksSS4MRo3LkxcuRD/CpXErf+ACzeuDAkxhoUYImPOzDll2s5MP6endH6/5NDz0TnvM6VPn3feec+cADrWSPpPKeJARFxNIobqjpUjOzhS+777f9w4ly5JVCpv/J7EjY+SxfpzJdnXfdmD/x6KJH34/onvVrU7t3D90uTMzPS1bHts/vLVsbmF60cuXp68MH1h+srESxMnjh87fmL86NafX+b0rXffH/rkzFvffPUwGf/2lzNJnIxHXbVj6fNa+djeLbWctj0SlZoH9fvTn+uJLZ57t/hzKP89yfVHUi4sHDbofPb72B0R/4+h6Kr73xyKj18rNDigrSpJ5DUK6DjJpvK/b/sDAXZY3g/IX9s3eh28WqnNvRJgJ9w7VRsAqOV+d0Tk+V/Oxs76qmMDA/eTZeM8SURsbWSuJm3jpx/P3EqXaDIOB7TH4s3ebNx+Zf1Pqrk5HH3VrYH7pWX5X6pb0v2vb7L9kRXb8h92zuLNiHgqq/898Tj/a2/7tcz/kbr8f2eT7ct/AAAAAAAA2D53TkXEC43m/5WW5v/0NJj/MxgRJ7eh/bXf/yvdzVaSbWgOqHPvVMQrDef/Ls3xHe7Ktv5dnQ/QnZy/ODN9NCL+ExGHo7s33R5fcd76GcJHPtv/ZbP26+f/pUvafj4XMDvT3fKKC3GnJucnt/q8gYh7NyOers7/PZjtWT7/L63/SYP6n+b31XW2sf+522ebHVs7/4F2qXwdcahh/X/c3U5afz7HWLU/MJb3CnKPewDPfPj5983al/9QnLT+D7TO/96k/vN65iIWN3D+noh4caFcaXZ8s/3/nuTNrvz8qQ8m5+evjUf0JKdX75/YQMCwh+X5kOdLmv+Hn209/rfU/6/Lw/5o8HegyQjd/x4N/tosHvUfipPm/1Tr+j+8vP5vYCU/xe3hH5q1f3Zd9f9YtaYfzvYY/4N6qz+PY72ZWki4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCEK0XEvyIpjS6tl0qjoxGDEfHfGCjNzM7NP39+9r0rU+mx6v3/S/mdfodq20l+///huu2J5dv9aVv7IuKLrv7q8dFzszNTRT95AAAAAAAAAAAAAAAAAAAA2CUGq9f8V3pXXv+f+q2r6OiAtitnX+U7dJ4s/z99e8OPrPRufzTATioXHQBQmPXnf3db4wB2XvP8f/CwUrWj4QA7SP8fOtcm89/bBbAHqP/QqdY5ptfX7jiAIqj/AAAAAACwp+w7eOfnJCIWX+6vLqme7JjJ/rC3lYoOACiMObzQucqzRUcAFMVrfCBZWvur4cX+zWf/J+0JCAAAAAAAAAAAAABY5dAB1/9Dp2p9/b+5/bCXtbj+v5r85XV/O/CkaX7rD7Uf9rqVr/HrCrwbfkGHWKvau/4fAAAAAAAAAAAAAHaBvuuXJmdmpq/NLTx5K6/ujjA2trI4ueb3dMfuCLXVSn9ELO151J62uiNi+89cLvpHt46V/CM4Cgyj4L9LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkn8CAAD//0vxInQ=")

931.836405ms ago: executing program 6 (id=5307):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x1f, &(0x7f00000004c0)={0x0}, 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x4e24, 0x8, @remote, 0x3}, 0x1c)
r3 = syz_io_uring_setup(0x7d9b, &(0x7f00000008c0)={0x0, 0x34c, 0x10100, 0xfffffffe, 0x21a}, &(0x7f0000000980)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000240)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r2, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[], 0x14a8}})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)

604.104609ms ago: executing program 3 (id=5310):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000"], 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, r2)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000019c0)={0x28, r3, 0xacf5e67dd0b583a1, 0x70bd29, 0x0, {{0x5}, {@val={0x7}, @val={0xc}}}}, 0x28}}, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, 0x1402, 0x1, 0x70bd26, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x24000004)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/18, @ANYRES32=r6, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003000f"], 0x48}}, 0x40000)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100002c34c027000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
r8 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')
close(r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, 0x0, 0x20000010)

554.38176ms ago: executing program 3 (id=5311):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0x2000000000000209, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
statfs(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000380)=""/168)

500.088811ms ago: executing program 3 (id=5313):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x4, 0xf7, 0x7, 0x1, 0x14, @mcast1, @remote, 0x700, 0x1, 0x2, 0x4}})
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

287.877525ms ago: executing program 8 (id=5314):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, &(0x7f00000001c0)=""/59}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
unshare(0x2040400)
r2 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r2, 0x0, 0x0)

287.720895ms ago: executing program 3 (id=5315):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa10000000000000701", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

282.447545ms ago: executing program 9 (id=5316):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
statfs(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000380)=""/168)

279.267665ms ago: executing program 8 (id=5317):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000000)=0x1, 0x4)
sendmmsg(r0, 0x0, 0x0, 0x0)

227.502676ms ago: executing program 9 (id=5318):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x8800, 0x0)
socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000140000e0b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0xfed8)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x10012, r4, 0x0)
socket$netlink(0x10, 0x3, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10)

176.855437ms ago: executing program 8 (id=5319):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0x2000000000000209, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
statfs(&(0x7f0000000040)='./cgroup.net/cgroup.procs\x00', 0x0)

176.347037ms ago: executing program 8 (id=5320):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000"], 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, r2)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000019c0)={0x28, r3, 0xacf5e67dd0b583a1, 0x70bd29, 0x0, {{0x5}, {@val={0x7}, @val={0xc}}}}, 0x28}}, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, 0x1402, 0x1, 0x70bd26, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x24000004)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/18, @ANYRES32=r6, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003000f"], 0x48}}, 0x40000)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100002c34c027000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
r8 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')
close(r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd2d, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0xc080}, 0x20000010)

110.730217ms ago: executing program 9 (id=5321):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000"], 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, r2)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000019c0)={0x28, r3, 0xacf5e67dd0b583a1, 0x70bd29, 0x0, {{0x5}, {@val={0x7}, @val={0xc}}}}, 0x28}}, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, 0x1402, 0x1, 0x70bd26, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x24000004)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/18, @ANYRES32=r6, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003000f"], 0x48}}, 0x40000)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100002c34c027000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
r8 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')
close(r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, 0x0, 0x20000010)

99.590468ms ago: executing program 8 (id=5322):
syz_io_uring_setup(0x88b, &(0x7f0000000280)={0x0, 0xaedf, 0x8, 0xfffffffd, 0x25d}, &(0x7f0000000140)=<r0=>0x0, &(0x7f00000000c0))
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = memfd_secret(0x80000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) (fail_nth: 6)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'sh\x00', 0x13, 0x84, 0x47}, 0x2c)
fcntl$setlease(r1, 0x400, 0x0)
close(r1)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, 0x0, &(0x7f00000005c0)=r5}, 0x20)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x100, &(0x7f0000000080)=0x3, 0x0, 0x4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x1, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000010000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)

96.554977ms ago: executing program 6 (id=5323):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) (async)

86.640048ms ago: executing program 3 (id=5324):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x2040400)
r1 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r1, 0x0, 0x0)

28.007899ms ago: executing program 8 (id=5325):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
eventfd(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000021c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x0)
socketpair(0x27, 0x3, 0x5, &(0x7f0000000000))
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f08000000480100100000000019002b000a0001000500000000000072080003000500000000", 0x39}], 0x1)

217.229µs ago: executing program 3 (id=5326):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x4, 0xf7, 0x7, 0x1, 0x14, @mcast1, @remote, 0x700, 0x1, 0x2, 0x4}})
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b036800e0ff64000200475400", 0xd, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

0s ago: executing program 6 (id=5327):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000400)={r0, 0x0, &(0x7f00000001c0)=""/59}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
unshare(0x2040400)
r2 = fsopen(&(0x7f0000000440)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.049588][T16643] loop8: detected capacity change from 0 to 1024
[  287.088884][T16643] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.136658][T16653] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4650'.
[  287.273853][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.315401][T16658] SELinux: ebitmap: truncated map
[  287.321590][T16658] SELinux: failed to load policy
[  287.365551][T16664] loop2: detected capacity change from 0 to 2048
[  287.392681][T16674] loop9: detected capacity change from 0 to 512
[  287.399628][T16664]  loop2: p3 p4 < >
[  287.417883][T16674] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  287.443366][T16674] EXT4-fs (loop9): 1 truncate cleaned up
[  287.449731][T16674] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  287.488709][T16687] tipc: Enabling of bearer <th:lo> rejected, media not registered
[  287.536713][T16691] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.4659' sets config #1
[  287.584541][T16698] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4665'.
[  287.801371][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.594591][T16716] FAULT_INJECTION: forcing a failure.
[  288.594591][T16716] name failslab, interval 1, probability 0, space 0, times 0
[  288.607345][T16716] CPU: 0 UID: 0 PID: 16716 Comm: syz.9.4673 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  288.607382][T16716] Tainted: [W]=WARN
[  288.607391][T16716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  288.607407][T16716] Call Trace:
[  288.607415][T16716]  <TASK>
[  288.607426][T16716]  dump_stack_lvl+0xf2/0x150
[  288.607527][T16716]  dump_stack+0x15/0x1a
[  288.607593][T16716]  should_fail_ex+0x24a/0x260
[  288.607632][T16716]  should_failslab+0x8f/0xb0
[  288.607677][T16716]  kmem_cache_alloc_node_noprof+0x59/0x320
[  288.607738][T16716]  ? __alloc_skb+0x10b/0x310
[  288.607774][T16716]  __alloc_skb+0x10b/0x310
[  288.607800][T16716]  netlink_alloc_large_skb+0xad/0xe0
[  288.607840][T16716]  netlink_sendmsg+0x3b4/0x6e0
[  288.607869][T16716]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.607904][T16716]  __sock_sendmsg+0x140/0x180
[  288.607938][T16716]  ____sys_sendmsg+0x326/0x4b0
[  288.608013][T16716]  __sys_sendmsg+0x19d/0x230
[  288.608064][T16716]  __x64_sys_sendmsg+0x46/0x50
[  288.608094][T16716]  x64_sys_call+0x2734/0x2dc0
[  288.608121][T16716]  do_syscall_64+0xc9/0x1c0
[  288.608229][T16716]  ? clear_bhb_loop+0x55/0xb0
[  288.608264][T16716]  ? clear_bhb_loop+0x55/0xb0
[  288.608355][T16716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.608387][T16716] RIP: 0033:0x7f3a8106d169
[  288.608405][T16716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.608425][T16716] RSP: 002b:00007f3a7f6d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  288.608443][T16716] RAX: ffffffffffffffda RBX: 00007f3a81285fa0 RCX: 00007f3a8106d169
[  288.608495][T16716] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[  288.608510][T16716] RBP: 00007f3a7f6d7090 R08: 0000000000000000 R09: 0000000000000000
[  288.608533][T16716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.608544][T16716] R13: 0000000000000000 R14: 00007f3a81285fa0 R15: 00007fff2e0c26a8
[  288.608563][T16716]  </TASK>
[  288.874438][   T29] kauditd_printk_skb: 136 callbacks suppressed
[  288.874458][   T29] audit: type=1326 audit(1742744730.377:14539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16720 comm="syz.6.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  288.906728][   T29] audit: type=1326 audit(1742744730.377:14540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16720 comm="syz.6.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  288.931547][   T29] audit: type=1326 audit(1742744730.387:14541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16720 comm="syz.6.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  288.941899][T16725] loop9: detected capacity change from 0 to 512
[  288.955527][   T29] audit: type=1326 audit(1742744730.387:14542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16720 comm="syz.6.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  288.967136][T16725] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  288.985327][   T29] audit: type=1326 audit(1742744730.387:14543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16720 comm="syz.6.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  288.985362][   T29] audit: type=1326 audit(1742744730.387:14544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16720 comm="syz.6.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  289.042746][   T29] audit: type=1326 audit(1742744730.387:14545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16720 comm="syz.6.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  289.066364][   T29] audit: type=1326 audit(1742744730.387:14546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16720 comm="syz.6.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  289.069135][T16729] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4677'.
[  289.090388][   T29] audit: type=1326 audit(1742744730.387:14547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16720 comm="syz.6.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  289.090435][   T29] audit: type=1326 audit(1742744730.387:14548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16720 comm="syz.6.4675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  289.326279][T16732] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4678'.
[  289.335705][T16732] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4678'.
[  289.364330][T16732] loop2: detected capacity change from 0 to 512
[  289.377136][T16725] EXT4-fs (loop9): 1 truncate cleaned up
[  289.385099][T16725] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.399434][T16732] EXT4-fs (loop2): orphan cleanup on readonly fs
[  289.425196][T16732] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4678: bg 0: block 248: padding at end of block bitmap is not set
[  289.459431][T16740] loop8: detected capacity change from 0 to 512
[  289.479050][T16732] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.4678: Failed to acquire dquot type 1
[  289.501626][T16740] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  289.532783][T16732] EXT4-fs (loop2): 1 truncate cleaned up
[  289.541547][T16740] EXT4-fs (loop8): 1 truncate cleaned up
[  289.547825][T16740] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.562292][T16732] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  289.589475][T16740] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.622962][T11902] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.657711][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.932177][T16758] loop9: detected capacity change from 0 to 512
[  289.932292][T16756] netlink: 'syz.2.4681': attribute type 21 has an invalid length.
[  289.962624][T16756] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4681'.
[  289.975508][T16758] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.991878][T16758] ext4 filesystem being mounted at /205/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  290.027327][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.201187][T16779] vlan2: entered promiscuous mode
[  290.248412][T16782] loop9: detected capacity change from 0 to 512
[  290.258185][T16782] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  290.270113][T16782] EXT4-fs (loop9): 1 truncate cleaned up
[  290.277319][T16782] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.332957][T16776] loop8: detected capacity change from 0 to 512
[  290.355627][T16776] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  290.382273][T16776] EXT4-fs (loop8): 1 truncate cleaned up
[  290.403316][T16776] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.476330][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.499087][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.515102][T16793] loop9: detected capacity change from 0 to 512
[  290.524624][T16793] EXT4-fs: Ignoring removed oldalloc option
[  290.536457][T16795] netlink: 'syz.2.4698': attribute type 21 has an invalid length.
[  290.544753][T16793] EXT4-fs error (device loop9): ext4_xattr_inode_iget:436: comm syz.9.4696: Parent and EA inode have the same ino 15
[  290.546061][T16798] loop8: detected capacity change from 0 to 2048
[  290.560099][T16793] EXT4-fs error (device loop9): ext4_xattr_inode_iget:436: comm syz.9.4696: Parent and EA inode have the same ino 15
[  290.578712][T16793] EXT4-fs (loop9): 1 orphan inode deleted
[  290.585082][T16793] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.599037][T16798]  loop8: p3 p4 < >
[  290.613748][T16800] netlink: 'syz.2.4699': attribute type 7 has an invalid length.
[  290.621562][T16800] netlink: 'syz.2.4699': attribute type 8 has an invalid length.
[  290.629970][T16800] netlink: 'syz.2.4699': attribute type 7 has an invalid length.
[  290.637884][T16800] netlink: 'syz.2.4699': attribute type 8 has an invalid length.
[  290.646944][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.675982][T16802] netlink: 'syz.2.4701': attribute type 1 has an invalid length.
[  290.685938][T16806] FAULT_INJECTION: forcing a failure.
[  290.685938][T16806] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  290.700673][T16806] CPU: 0 UID: 0 PID: 16806 Comm: syz.8.4702 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  290.700773][T16806] Tainted: [W]=WARN
[  290.700783][T16806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  290.700848][T16806] Call Trace:
[  290.700856][T16806]  <TASK>
[  290.700865][T16806]  dump_stack_lvl+0xf2/0x150
[  290.700899][T16806]  dump_stack+0x15/0x1a
[  290.700923][T16806]  should_fail_ex+0x24a/0x260
[  290.701031][T16806]  should_fail+0xb/0x10
[  290.701067][T16806]  should_fail_usercopy+0x1a/0x20
[  290.701151][T16806]  strncpy_from_user+0x25/0x210
[  290.701198][T16806]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  290.701224][T16806]  ? getname_flags+0x81/0x3b0
[  290.701272][T16806]  getname_flags+0xb0/0x3b0
[  290.701385][T16806]  user_path_at+0x26/0x120
[  290.701411][T16806]  __se_sys_move_mount+0x13c/0x730
[  290.701496][T16806]  ? fput+0x1c4/0x200
[  290.701523][T16806]  __x64_sys_move_mount+0x67/0x80
[  290.701561][T16806]  x64_sys_call+0x2608/0x2dc0
[  290.701592][T16806]  do_syscall_64+0xc9/0x1c0
[  290.701698][T16806]  ? clear_bhb_loop+0x55/0xb0
[  290.701730][T16806]  ? clear_bhb_loop+0x55/0xb0
[  290.701765][T16806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.701873][T16806] RIP: 0033:0x7f93a1d6d169
[  290.701890][T16806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.701910][T16806] RSP: 002b:00007f93a03d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[  290.701932][T16806] RAX: ffffffffffffffda RBX: 00007f93a1f85fa0 RCX: 00007f93a1d6d169
[  290.701946][T16806] RDX: 0000000000000003 RSI: 00002000000000c0 RDI: 0000000000000003
[  290.701959][T16806] RBP: 00007f93a03d7090 R08: 0000000000000261 R09: 0000000000000000
[  290.701973][T16806] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000002
[  290.701986][T16806] R13: 0000000000000000 R14: 00007f93a1f85fa0 R15: 00007fff5df4da08
[  290.702007][T16806]  </TASK>
[  290.913898][T16802] 8021q: adding VLAN 0 to HW filter on device bond2
[  290.926011][T16809] gretap1: entered promiscuous mode
[  290.935774][T16809] bond2: (slave gretap1): making interface the new active one
[  290.944357][T16809] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  291.106902][T16824] __nla_validate_parse: 8 callbacks suppressed
[  291.106999][T16824] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4709'.
[  291.122701][T16824] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4709'.
[  291.138171][T16827] netlink: 'syz.9.4710': attribute type 21 has an invalid length.
[  291.146986][T16824] loop2: detected capacity change from 0 to 512
[  291.153390][T16827] netlink: 132 bytes leftover after parsing attributes in process `syz.9.4710'.
[  291.167539][T16824] EXT4-fs (loop2): orphan cleanup on readonly fs
[  291.169182][T16829] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4711'.
[  291.183162][T16829] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4711'.
[  291.185304][T16831] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  291.199692][T16829] loop6: detected capacity change from 0 to 512
[  291.203068][T16824] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4709: bg 0: block 248: padding at end of block bitmap is not set
[  291.221573][T16831] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  291.231777][T16834] program syz.9.4712 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  291.240229][T16829] EXT4-fs (loop6): orphan cleanup on readonly fs
[  291.247908][T16824] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.4709: Failed to acquire dquot type 1
[  291.259905][T16829] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4711: bg 0: block 248: padding at end of block bitmap is not set
[  291.272453][T16834] netlink: 16 bytes leftover after parsing attributes in process `syz.9.4712'.
[  291.277475][T16829] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.4711: Failed to acquire dquot type 1
[  291.283294][T16834] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4712'.
[  291.301273][T16824] EXT4-fs (loop2): 1 truncate cleaned up
[  291.306677][T16829] EXT4-fs (loop6): 1 truncate cleaned up
[  291.318816][T16829] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  291.330655][T16824] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  291.356476][T16836] netlink: 43 bytes leftover after parsing attributes in process `syz.3.4713'.
[  291.366313][T16836] tipc: Started in network mode
[  291.371516][T16836] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[  291.379719][T16836] tipc: Enabled bearer <eth:vlan0>, priority 10
[  291.428104][T16362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.438655][T11902] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.551091][T16856] netlink: 148 bytes leftover after parsing attributes in process `syz.6.4720'.
[  291.627197][T16860] netlink: 'syz.6.4722': attribute type 21 has an invalid length.
[  291.642422][T16866] loop2: detected capacity change from 0 to 512
[  291.649423][T16860] netlink: 132 bytes leftover after parsing attributes in process `syz.6.4722'.
[  291.650356][T16866] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  291.690718][T16866] EXT4-fs (loop2): 1 truncate cleaned up
[  291.696837][T16866] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.724653][T16870] tipc: Started in network mode
[  291.729702][T16870] tipc: Node identity 2a22544bad99, cluster identity 4711
[  291.736908][T16870] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  291.810802][T16868] tipc: Resetting bearer <eth:syzkaller0>
[  291.822363][T16868] tipc: Disabling bearer <eth:syzkaller0>
[  291.867195][T11902] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.909786][T16875] loop2: detected capacity change from 0 to 1024
[  291.926790][T16875] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0003]
[  291.940793][T16875] System zones: 0-1, 3-36
[  291.946637][T16875] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.965391][T16882] 9p: Unknown access argument : -22
[  291.975109][T11902] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.078462][T16899] netlink: 'syz.2.4735': attribute type 21 has an invalid length.
[  292.144544][T16905] FAULT_INJECTION: forcing a failure.
[  292.144544][T16905] name failslab, interval 1, probability 0, space 0, times 0
[  292.157317][T16905] CPU: 1 UID: 0 PID: 16905 Comm: syz.2.4738 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  292.157349][T16905] Tainted: [W]=WARN
[  292.157357][T16905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  292.157372][T16905] Call Trace:
[  292.157400][T16905]  <TASK>
[  292.157408][T16905]  dump_stack_lvl+0xf2/0x150
[  292.157444][T16905]  dump_stack+0x15/0x1a
[  292.157471][T16905]  should_fail_ex+0x24a/0x260
[  292.157510][T16905]  should_failslab+0x8f/0xb0
[  292.157561][T16905]  kmem_cache_alloc_noprof+0x52/0x320
[  292.157638][T16905]  ? getname_flags+0x81/0x3b0
[  292.157688][T16905]  ? should_fail_ex+0xd7/0x260
[  292.157732][T16905]  getname_flags+0x81/0x3b0
[  292.157766][T16905]  user_path_at+0x26/0x120
[  292.157840][T16905]  __se_sys_mount+0x24b/0x2d0
[  292.157871][T16905]  ? fput+0x1c4/0x200
[  292.157892][T16905]  __x64_sys_mount+0x67/0x80
[  292.157923][T16905]  x64_sys_call+0x2c84/0x2dc0
[  292.157966][T16905]  do_syscall_64+0xc9/0x1c0
[  292.158006][T16905]  ? clear_bhb_loop+0x55/0xb0
[  292.158088][T16905]  ? clear_bhb_loop+0x55/0xb0
[  292.158122][T16905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.158163][T16905] RIP: 0033:0x7f4e49e3d169
[  292.158182][T16905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.158258][T16905] RSP: 002b:00007f4e484a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  292.158280][T16905] RAX: ffffffffffffffda RBX: 00007f4e4a055fa0 RCX: 00007f4e49e3d169
[  292.158295][T16905] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[  292.158310][T16905] RBP: 00007f4e484a7090 R08: 0000200000000500 R09: 0000000000000000
[  292.158325][T16905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  292.158339][T16905] R13: 0000000000000000 R14: 00007f4e4a055fa0 R15: 00007ffc527e8888
[  292.158362][T16905]  </TASK>
[  292.353852][T16903] loop6: detected capacity change from 0 to 128
[  292.475467][T16910] loop8: detected capacity change from 0 to 1024
[  292.487736][T16912] loop9: detected capacity change from 0 to 512
[  292.504316][ T3375] tipc: Node number set to 10005162
[  292.512441][T16910] EXT4-fs: Ignoring removed orlov option
[  292.518271][T16910] EXT4-fs: Ignoring removed bh option
[  292.523721][T16910] EXT4-fs: Ignoring removed nomblk_io_submit option
[  292.536080][T16912] ext4: Unknown parameter 'uid>00000000000000000000'
[  292.569875][T16903] bio_check_eod: 104 callbacks suppressed
[  292.569983][T16903] syz.6.4737: attempt to access beyond end of device
[  292.569983][T16903] loop6: rw=2049, sector=145, nr_sectors = 224 limit=128
[  292.633759][T16910] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  292.721696][T16938] loop2: detected capacity change from 0 to 512
[  292.723371][T16937] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.739343][T16937] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  292.748073][T16938] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  292.756232][T16938] System zones: 0-2, 18-18, 34-35
[  292.757679][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.762364][T16938] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.783229][T16938] ext4 filesystem being mounted at /346/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.797597][T16938] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.964098][T16937] lo speed is unknown, defaulting to 1000
[  292.972305][T16937] lo speed is unknown, defaulting to 1000
[  293.603377][T16969] loop9: detected capacity change from 0 to 2048
[  293.628583][T16969] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.654896][T16969] ext4 filesystem being mounted at /222/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.914138][   T29] kauditd_printk_skb: 599 callbacks suppressed
[  293.914154][   T29] audit: type=1400 audit(1742744735.417:15142): avc:  denied  { create } for  pid=17012 comm="syz.8.4775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  293.947267][   T29] audit: type=1400 audit(1742744735.447:15143): avc:  denied  { connect } for  pid=17012 comm="syz.8.4775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  294.090124][T13298] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm kworker/u8:19: bg 0: block 345: padding at end of block bitmap is not set
[  294.107156][T13298] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117
[  294.119841][T13298] EXT4-fs (loop9): This should not happen!! Data will be lost
[  294.119841][T13298] 
[  294.149962][T13326] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28
[  294.162777][T13326] EXT4-fs (loop9): This should not happen!! Data will be lost
[  294.162777][T13326] 
[  294.173007][T13326] EXT4-fs (loop9): Total free blocks count 0
[  294.179003][T13326] EXT4-fs (loop9): Free/Dirty block details
[  294.185726][T13326] EXT4-fs (loop9): free_blocks=0
[  294.190812][T13326] EXT4-fs (loop9): dirty_blocks=2048
[  294.192720][   T29] audit: type=1326 audit(1742744735.697:15144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.4777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  294.196198][T13326] EXT4-fs (loop9): Block reservation details
[  294.219815][   T29] audit: type=1326 audit(1742744735.697:15145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.4777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  294.219851][   T29] audit: type=1326 audit(1742744735.697:15146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.4777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  294.219947][   T29] audit: type=1326 audit(1742744735.697:15147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17019 comm="syz.2.4777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  294.394584][   T29] audit: type=1400 audit(1742744735.897:15148): avc:  denied  { create } for  pid=17030 comm="syz.9.4781" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  294.417332][   T29] audit: type=1400 audit(1742744735.927:15149): avc:  denied  { bind } for  pid=17030 comm="syz.9.4781" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  294.477892][   T29] audit: type=1400 audit(1742744735.987:15150): avc:  denied  { create } for  pid=17037 comm="syz.3.4783" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  294.499831][   T29] audit: type=1400 audit(1742744735.987:15151): avc:  denied  { write } for  pid=17037 comm="syz.3.4783" path="socket:[54571]" dev="sockfs" ino=54571 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  294.577175][ T3376] Process accounting resumed
[  294.877813][T17057] loop8: detected capacity change from 0 to 512
[  294.895463][T17057] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  294.916990][T17057] EXT4-fs (loop8): 1 orphan inode deleted
[  294.923200][T17057] EXT4-fs (loop8): 1 truncate cleaned up
[  294.943629][T17057] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.992012][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.046855][T17075] validate_nla: 5 callbacks suppressed
[  295.046873][T17075] netlink: 'syz.8.4798': attribute type 21 has an invalid length.
[  295.079390][T17079] loop9: detected capacity change from 0 to 1024
[  295.118594][T17083] FAULT_INJECTION: forcing a failure.
[  295.118594][T17083] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.132055][T17083] CPU: 0 UID: 0 PID: 17083 Comm: syz.8.4802 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  295.132155][T17083] Tainted: [W]=WARN
[  295.132163][T17083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  295.132242][T17083] Call Trace:
[  295.132251][T17083]  <TASK>
[  295.132260][T17083]  dump_stack_lvl+0xf2/0x150
[  295.132288][T17083]  dump_stack+0x15/0x1a
[  295.132310][T17083]  should_fail_ex+0x24a/0x260
[  295.132348][T17083]  should_fail+0xb/0x10
[  295.132444][T17083]  should_fail_usercopy+0x1a/0x20
[  295.132485][T17083]  _copy_from_user+0x1c/0xa0
[  295.132508][T17083]  copy_from_bpfptr+0x5e/0x90
[  295.132547][T17083]  bpf_prog_load+0x6fd/0x1050
[  295.132604][T17083]  __sys_bpf+0x463/0x7a0
[  295.132648][T17083]  __x64_sys_bpf+0x43/0x50
[  295.132681][T17083]  x64_sys_call+0x2914/0x2dc0
[  295.132708][T17083]  do_syscall_64+0xc9/0x1c0
[  295.132808][T17083]  ? clear_bhb_loop+0x55/0xb0
[  295.132919][T17083]  ? clear_bhb_loop+0x55/0xb0
[  295.132954][T17083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.132982][T17083] RIP: 0033:0x7f93a1d6d169
[  295.132997][T17083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.133087][T17083] RSP: 002b:00007f93a03d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  295.133105][T17083] RAX: ffffffffffffffda RBX: 00007f93a1f85fa0 RCX: 00007f93a1d6d169
[  295.133121][T17083] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[  295.133136][T17083] RBP: 00007f93a03d7090 R08: 0000000000000000 R09: 0000000000000000
[  295.133178][T17083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  295.133193][T17083] R13: 0000000000000000 R14: 00007f93a1f85fa0 R15: 00007fff5df4da08
[  295.133216][T17083]  </TASK>
[  295.397172][T17102] xt_TPROXY: Can be used only with -p tcp or -p udp
[  295.450390][T17106] netlink: 'syz.9.4812': attribute type 21 has an invalid length.
[  295.556544][T17110] infiniband syz!: set active
[  295.561309][T17110] infiniband syz!: added team_slave_0
[  295.590314][T17110] RDS/IB: syz!: added
[  295.605657][T17110] smc: adding ib device syz! with port count 1
[  295.612092][T17110] smc:    ib device syz! port 1 has pnetid 
[  295.641236][T17104] loop8: detected capacity change from 0 to 764
[  295.656977][T17104] iso9660: Unknown parameter 'GPL'
[  295.674621][T17104] loop8: detected capacity change from 0 to 512
[  295.723959][T17104] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.754617][T17104] ext4 filesystem being mounted at /343/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  296.022578][T17141] netlink: 'syz.9.4824': attribute type 21 has an invalid length.
[  296.036926][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.097982][T17146] loop6: detected capacity change from 0 to 512
[  296.118658][T17146] EXT4-fs (loop6): orphan cleanup on readonly fs
[  296.136634][T17146] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4827: bg 0: block 248: padding at end of block bitmap is not set
[  296.154231][T17146] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.4827: Failed to acquire dquot type 1
[  296.167316][T17146] EXT4-fs (loop6): 1 truncate cleaned up
[  296.179161][T17146] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  296.231903][T16362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.232306][T17158] lo speed is unknown, defaulting to 1000
[  296.250218][T17148] lo speed is unknown, defaulting to 1000
[  296.259921][T17158] lo speed is unknown, defaulting to 1000
[  296.270163][T17148] lo speed is unknown, defaulting to 1000
[  296.417392][T17163] loop6: detected capacity change from 0 to 512
[  296.442270][T17163] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  296.466587][T17163] EXT4-fs (loop6): 1 orphan inode deleted
[  296.472546][T17163] EXT4-fs (loop6): 1 truncate cleaned up
[  296.482584][T17163] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.504179][T17163] EXT4-fs error (device loop6): ext4_check_all_de:656: inode #12: block 7: comm syz.6.4832: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=124 fake=0
[  296.552801][T17163] EXT4-fs (loop6): Remounting filesystem read-only
[  296.598394][T16362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.658242][T17171] IPv6: NLM_F_CREATE should be specified when creating new route
[  296.686486][T17173] __nla_validate_parse: 23 callbacks suppressed
[  296.686508][T17173] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4836'.
[  296.717681][T17175] loop6: detected capacity change from 0 to 512
[  296.724750][T17175] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  296.739172][T17175] EXT4-fs (loop6): 1 truncate cleaned up
[  296.748114][T17179] netlink: 'syz.9.4838': attribute type 21 has an invalid length.
[  296.752207][T17175] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.756208][T17179] netlink: 132 bytes leftover after parsing attributes in process `syz.9.4838'.
[  296.938198][T17182] loop9: detected capacity change from 0 to 8192
[  296.946953][T17182] syz.9.4839: attempt to access beyond end of device
[  296.946953][T17182] loop9: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  296.961077][T17182] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000e1b1)
[  296.969011][T17182] FAT-fs (loop9): Filesystem has been set read-only
[  297.026441][T17182] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000e1b1)
[  297.036825][T17182] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000e1b1)
[  297.050359][T16362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.159327][T17190] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4841'.
[  297.168410][T17190] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4841'.
[  297.204262][T17190] loop6: detected capacity change from 0 to 512
[  297.212607][T17200] FAULT_INJECTION: forcing a failure.
[  297.212607][T17200] name failslab, interval 1, probability 0, space 0, times 0
[  297.225472][T17200] CPU: 0 UID: 0 PID: 17200 Comm: syz.9.4846 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  297.225530][T17200] Tainted: [W]=WARN
[  297.225537][T17200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  297.225550][T17200] Call Trace:
[  297.225557][T17200]  <TASK>
[  297.225565][T17200]  dump_stack_lvl+0xf2/0x150
[  297.225596][T17200]  dump_stack+0x15/0x1a
[  297.225617][T17200]  should_fail_ex+0x24a/0x260
[  297.225698][T17200]  ? percpu_ref_init+0x96/0x240
[  297.225732][T17200]  should_failslab+0x8f/0xb0
[  297.225770][T17200]  ? __pfx_free_ioctx_reqs+0x10/0x10
[  297.225801][T17200]  __kmalloc_cache_noprof+0x4e/0x320
[  297.225827][T17200]  ? __pfx_free_ioctx_reqs+0x10/0x10
[  297.225927][T17200]  percpu_ref_init+0x96/0x240
[  297.225963][T17200]  ioctx_alloc+0x1fe/0x4c0
[  297.226065][T17200]  __se_sys_io_setup+0x6b/0x1b0
[  297.226093][T17200]  __x64_sys_io_setup+0x31/0x40
[  297.226128][T17200]  x64_sys_call+0x160f/0x2dc0
[  297.226161][T17200]  do_syscall_64+0xc9/0x1c0
[  297.226201][T17200]  ? clear_bhb_loop+0x55/0xb0
[  297.226233][T17200]  ? clear_bhb_loop+0x55/0xb0
[  297.226404][T17200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.226492][T17200] RIP: 0033:0x7f3a8106d169
[  297.226510][T17200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.226573][T17200] RSP: 002b:00007f3a7f6d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  297.226591][T17200] RAX: ffffffffffffffda RBX: 00007f3a81285fa0 RCX: 00007f3a8106d169
[  297.226604][T17200] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[  297.226616][T17200] RBP: 00007f3a7f6d7090 R08: 0000000000000000 R09: 0000000000000000
[  297.226627][T17200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.226639][T17200] R13: 0000000000000000 R14: 00007f3a81285fa0 R15: 00007fff2e0c26a8
[  297.226661][T17200]  </TASK>
[  297.268731][T17203] FAULT_INJECTION: forcing a failure.
[  297.268731][T17203] name failslab, interval 1, probability 0, space 0, times 0
[  297.343429][T17206] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4848'.
[  297.345186][T17203] CPU: 1 UID: 0 PID: 17203 Comm: syz.8.4845 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  297.345221][T17203] Tainted: [W]=WARN
[  297.345230][T17203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  297.345245][T17203] Call Trace:
[  297.345323][T17203]  <TASK>
[  297.345335][T17203]  dump_stack_lvl+0xf2/0x150
[  297.345443][T17203]  dump_stack+0x15/0x1a
[  297.345471][T17203]  should_fail_ex+0x24a/0x260
[  297.345512][T17203]  should_failslab+0x8f/0xb0
[  297.345551][T17203]  kmem_cache_alloc_node_noprof+0x59/0x320
[  297.345645][T17203]  ? __alloc_skb+0x10b/0x310
[  297.345675][T17203]  __alloc_skb+0x10b/0x310
[  297.345702][T17203]  ? audit_log_start+0x34c/0x6b0
[  297.345771][T17203]  audit_log_start+0x368/0x6b0
[  297.345812][T17203]  ? kmem_cache_free+0xdc/0x2d0
[  297.345845][T17203]  audit_seccomp+0x4b/0x130
[  297.345896][T17203]  __seccomp_filter+0x6fa/0x1180
[  297.345928][T17203]  ? __perf_event_task_sched_out+0x138/0x1010
[  297.345963][T17203]  ? __dequeue_entity+0x22/0x310
[  297.346038][T17203]  __secure_computing+0x9f/0x1c0
[  297.346065][T17203]  syscall_trace_enter+0xd1/0x1f0
[  297.346242][T17203]  do_syscall_64+0xaa/0x1c0
[  297.346284][T17203]  ? clear_bhb_loop+0x55/0xb0
[  297.346318][T17203]  ? clear_bhb_loop+0x55/0xb0
[  297.346353][T17203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.346457][T17203] RIP: 0033:0x7f93a1d6bb7c
[  297.346477][T17203] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  297.346501][T17203] RSP: 002b:00007f93a03b6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  297.346524][T17203] RAX: ffffffffffffffda RBX: 00007f93a1f86080 RCX: 00007f93a1d6bb7c
[  297.346541][T17203] RDX: 000000000000000f RSI: 00007f93a03b60a0 RDI: 0000000000000004
[  297.346556][T17203] RBP: 00007f93a03b6090 R08: 0000000000000000 R09: 0000000000000000
[  297.346572][T17203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.346587][T17203] R13: 0000000000000000 R14: 00007f93a1f86080 R15: 00007fff5df4da08
[  297.346628][T17203]  </TASK>
[  297.528803][T17190] EXT4-fs (loop6): orphan cleanup on readonly fs
[  297.533453][T17206] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4848'.
[  297.693600][T17190] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4841: bg 0: block 248: padding at end of block bitmap is not set
[  297.723660][T17190] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.4841: Failed to acquire dquot type 1
[  297.738861][T17190] EXT4-fs (loop6): 1 truncate cleaned up
[  297.747486][T17190] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  297.799576][T16362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.854411][T17228] loop6: detected capacity change from 0 to 1024
[  297.863882][T17228] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  297.874372][T17228] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  297.927917][T17228] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  297.937063][T17228] EXT4-fs (loop6): orphan cleanup on readonly fs
[  297.948527][T17228] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  297.970511][T17228] EXT4-fs error (device loop6): ext4_dirty_inode:6042: inode #3: comm syz.6.4853: mark_inode_dirty error
[  298.006712][T17228] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4853: Invalid block bitmap block 3 in block_group 0
[  298.030788][T17228] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4853: Invalid block bitmap block 3 in block_group 0
[  298.049502][T17228] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.4853: Invalid block bitmap block 3 in block_group 0
[  298.072052][T17228] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  298.082943][T17235] loop2: detected capacity change from 0 to 2048
[  298.089729][T17228] EXT4-fs error (device loop6): ext4_dirty_inode:6042: inode #3: comm syz.6.4853: mark_inode_dirty error
[  298.101801][T17228] EXT4-fs error (device loop6): ext4_map_blocks:671: inode #3: block 1: comm syz.6.4853: lblock 6 mapped to illegal pblock 1 (length 1)
[  298.117029][T17228] EXT4-fs error (device loop6): ext4_map_blocks:671: inode #3: block 48: comm syz.6.4853: lblock 0 mapped to illegal pblock 48 (length 1)
[  298.131939][T17228] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.4853: Failed to acquire dquot type 0
[  298.143890][T17228] EXT4-fs error (device loop6): ext4_map_blocks:671: inode #3: block 49: comm syz.6.4853: lblock 1 mapped to illegal pblock 49 (length 1)
[  298.158806][T17235]  loop2: p3 p4 < >
[  298.167280][T17228] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.4853: Failed to acquire dquot type 0
[  298.184486][T17228] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5838: Corrupt filesystem
[  298.190659][T17240] FAULT_INJECTION: forcing a failure.
[  298.190659][T17240] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.207005][T17240] CPU: 0 UID: 0 PID: 17240 Comm: syz.9.4860 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  298.207043][T17240] Tainted: [W]=WARN
[  298.207067][T17240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  298.207103][T17240] Call Trace:
[  298.207111][T17240]  <TASK>
[  298.207121][T17240]  dump_stack_lvl+0xf2/0x150
[  298.207155][T17240]  dump_stack+0x15/0x1a
[  298.207182][T17240]  should_fail_ex+0x24a/0x260
[  298.207296][T17240]  should_fail+0xb/0x10
[  298.207329][T17240]  should_fail_usercopy+0x1a/0x20
[  298.207368][T17240]  _copy_to_user+0x20/0xa0
[  298.207393][T17240]  simple_read_from_buffer+0xa0/0x110
[  298.207475][T17240]  proc_fail_nth_read+0xf9/0x140
[  298.207506][T17240]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  298.207535][T17240]  vfs_read+0x19b/0x6f0
[  298.207560][T17240]  ? __rcu_read_unlock+0x4e/0x70
[  298.207643][T17240]  ? __fget_files+0x17c/0x1c0
[  298.207685][T17240]  ksys_read+0xe8/0x1b0
[  298.207717][T17240]  __x64_sys_read+0x42/0x50
[  298.207756][T17240]  x64_sys_call+0x2874/0x2dc0
[  298.207783][T17240]  do_syscall_64+0xc9/0x1c0
[  298.207882][T17240]  ? clear_bhb_loop+0x55/0xb0
[  298.207915][T17240]  ? clear_bhb_loop+0x55/0xb0
[  298.208051][T17240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.208019][T17228] EXT4-fs error (device loop6): ext4_evict_inode:256: inode #15: comm syz.6.4853: mark_inode_dirty error
[  298.208083][T17240] RIP: 0033:0x7f3a8106bb7c
[  298.208102][T17240] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  298.208121][T17240] RSP: 002b:00007f3a7f6d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  298.208197][T17240] RAX: ffffffffffffffda RBX: 00007f3a81285fa0 RCX: 00007f3a8106bb7c
[  298.208215][T17240] RDX: 000000000000000f RSI: 00007f3a7f6d70a0 RDI: 0000000000000004
[  298.208232][T17240] RBP: 00007f3a7f6d7090 R08: 0000000000000000 R09: 0000000000000000
[  298.208249][T17240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  298.208266][T17240] R13: 0000000000000000 R14: 00007f3a81285fa0 R15: 00007fff2e0c26a8
[  298.208290][T17240]  </TASK>
[  298.425998][T17228] EXT4-fs warning (device loop6): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  298.436873][T17228] EXT4-fs (loop6): 1 orphan inode deleted
[  298.437313][T17228] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  298.469545][T17249] loop9: detected capacity change from 0 to 512
[  298.477299][T17249] journal_path: Non-blockdev passed as './bus'
[  298.483520][T17249] EXT4-fs: error: could not find journal device path
[  298.490804][T17252] FAULT_INJECTION: forcing a failure.
[  298.490804][T17252] name failslab, interval 1, probability 0, space 0, times 0
[  298.490846][T17252] CPU: 0 UID: 0 PID: 17252 Comm: syz.2.4865 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  298.490909][T17252] Tainted: [W]=WARN
[  298.490918][T17252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  298.490934][T17252] Call Trace:
[  298.490941][T17252]  <TASK>
[  298.490950][T17252]  dump_stack_lvl+0xf2/0x150
[  298.490984][T17252]  dump_stack+0x15/0x1a
[  298.491005][T17252]  should_fail_ex+0x24a/0x260
[  298.491055][T17252]  should_failslab+0x8f/0xb0
[  298.491098][T17252]  __kmalloc_node_noprof+0xad/0x410
[  298.491130][T17252]  ? __kvmalloc_node_noprof+0x72/0x170
[  298.491171][T17252]  __kvmalloc_node_noprof+0x72/0x170
[  298.491284][T17252]  io_alloc_cache_init+0x33/0xa0
[  298.491325][T17252]  io_ring_ctx_alloc+0x360/0x730
[  298.491368][T17252]  io_uring_create+0x40/0x6d0
[  298.491520][T17252]  __se_sys_io_uring_setup+0x1d2/0x1e0
[  298.491554][T17252]  __x64_sys_io_uring_setup+0x31/0x40
[  298.491580][T17252]  x64_sys_call+0x270c/0x2dc0
[  298.491614][T17252]  do_syscall_64+0xc9/0x1c0
[  298.491741][T17252]  ? clear_bhb_loop+0x55/0xb0
[  298.491807][T17252]  ? clear_bhb_loop+0x55/0xb0
[  298.491848][T17252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.491944][T17252] RIP: 0033:0x7f4e49e3d169
[  298.491964][T17252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.491987][T17252] RSP: 002b:00007f4e484a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  298.492011][T17252] RAX: ffffffffffffffda RBX: 00007f4e4a055fa0 RCX: 00007f4e49e3d169
[  298.492027][T17252] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000001de0
[  298.492044][T17252] RBP: 00007f4e484a7090 R08: 0000000000000000 R09: 0000000000000000
[  298.492060][T17252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.492101][T17252] R13: 0000000000000000 R14: 00007f4e4a055fa0 R15: 00007ffc527e8888
[  298.492124][T17252]  </TASK>
[  298.712562][T16362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.768226][T17267] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4871'.
[  298.802918][T17271] loop8: detected capacity change from 0 to 2048
[  298.849664][T17271]  loop8: p3 p4 < >
[  298.870040][T17274] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4873'.
[  298.879201][T17274] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4873'.
[  298.907528][T17274] loop6: detected capacity change from 0 to 512
[  298.932055][T17274] EXT4-fs (loop6): orphan cleanup on readonly fs
[  298.932552][T17279] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4874'.
[  298.941115][T17274] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4873: bg 0: block 248: padding at end of block bitmap is not set
[  298.970307][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  298.970327][   T29] audit: type=1326 audit(1742744740.477:15217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba7ce2d169 code=0x7ffc0000
[  299.000162][   T29] audit: type=1326 audit(1742744740.477:15218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba7ce2d169 code=0x7ffc0000
[  299.025642][   T29] audit: type=1326 audit(1742744740.537:15219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba7ce2d169 code=0x7ffc0000
[  299.046557][T17274] Quota error (device loop6): write_blk: dquota write failed
[  299.049531][   T29] audit: type=1326 audit(1742744740.537:15220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba7ce2d169 code=0x7ffc0000
[  299.057653][T17274] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  299.080858][   T29] audit: type=1326 audit(1742744740.537:15221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba7ce2d169 code=0x7ffc0000
[  299.091462][T17274] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.4873: Failed to acquire dquot type 1
[  299.163560][T17290] netlink: 'syz.9.4881': attribute type 21 has an invalid length.
[  299.171617][   T29] audit: type=1326 audit(1742744740.537:15222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fba7ce2d169 code=0x7ffc0000
[  299.195735][   T29] audit: type=1326 audit(1742744740.537:15223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba7ce2d169 code=0x7ffc0000
[  299.219717][   T29] audit: type=1326 audit(1742744740.537:15224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17276 comm="syz.3.4875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba7ce2d169 code=0x7ffc0000
[  299.229440][T17274] EXT4-fs (loop6): 1 truncate cleaned up
[  299.302796][T17297] FAULT_INJECTION: forcing a failure.
[  299.302796][T17297] name failslab, interval 1, probability 0, space 0, times 0
[  299.316345][T17297] CPU: 1 UID: 0 PID: 17297 Comm: syz.9.4883 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  299.316376][T17297] Tainted: [W]=WARN
[  299.316382][T17297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  299.316416][T17297] Call Trace:
[  299.316423][T17297]  <TASK>
[  299.316431][T17297]  dump_stack_lvl+0xf2/0x150
[  299.316460][T17297]  dump_stack+0x15/0x1a
[  299.316494][T17297]  should_fail_ex+0x24a/0x260
[  299.316532][T17297]  should_failslab+0x8f/0xb0
[  299.316633][T17297]  kmem_cache_alloc_noprof+0x52/0x320
[  299.316660][T17297]  ? copy_sighand+0x52/0x1b0
[  299.316793][T17297]  copy_sighand+0x52/0x1b0
[  299.316829][T17297]  copy_process+0xcb8/0x1f50
[  299.316895][T17297]  kernel_clone+0x167/0x5e0
[  299.316952][T17297]  ? vfs_write+0x644/0x920
[  299.316980][T17297]  __x64_sys_clone+0xe7/0x120
[  299.317025][T17297]  x64_sys_call+0x2d7e/0x2dc0
[  299.317067][T17297]  do_syscall_64+0xc9/0x1c0
[  299.317103][T17297]  ? clear_bhb_loop+0x55/0xb0
[  299.317143][T17297]  ? clear_bhb_loop+0x55/0xb0
[  299.317172][T17297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.317199][T17297] RIP: 0033:0x7f3a8106d169
[  299.317216][T17297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.317239][T17297] RSP: 002b:00007f3a7f6d6fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  299.317261][T17297] RAX: ffffffffffffffda RBX: 00007f3a81285fa0 RCX: 00007f3a8106d169
[  299.317276][T17297] RDX: 0000000000000000 RSI: 0000000000009000 RDI: 0000000004021400
[  299.317327][T17297] RBP: 00007f3a7f6d7090 R08: 0000000000000000 R09: 0000000000000000
[  299.317343][T17297] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  299.317357][T17297] R13: 0000000000000000 R14: 00007f3a81285fa0 R15: 00007fff2e0c26a8
[  299.317381][T17297]  </TASK>
[  299.615570][T17309] IPv6: Can't replace route, no match found
[  299.618341][T17308] loop9: detected capacity change from 0 to 2048
[  299.675676][T17308]  loop9: p3 p4 < >
[  299.719107][T17319] netlink: 'syz.9.4893': attribute type 21 has an invalid length.
[  299.800674][T17330] vhci_hcd: invalid port number 15
[  299.806638][T17330] vhci_hcd: invalid port number 15
[  299.951986][T17348] 9pnet_fd: Insufficient options for proto=fd
[  299.996610][T17348] lo speed is unknown, defaulting to 1000
[  300.002770][T17348] lo speed is unknown, defaulting to 1000
[  300.204341][T17369] netlink: 'syz.8.4905': attribute type 21 has an invalid length.
[  300.268801][T17376] loop8: detected capacity change from 0 to 256
[  300.279014][T17376] vfat: Unknown parameter 'ÿÿÿÿÿÿÿ'
[  300.288635][T17376] FAULT_INJECTION: forcing a failure.
[  300.288635][T17376] name failslab, interval 1, probability 0, space 0, times 0
[  300.301393][T17376] CPU: 0 UID: 0 PID: 17376 Comm: syz.8.4907 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  300.301432][T17376] Tainted: [W]=WARN
[  300.301441][T17376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  300.301454][T17376] Call Trace:
[  300.301462][T17376]  <TASK>
[  300.301469][T17376]  dump_stack_lvl+0xf2/0x150
[  300.301499][T17376]  dump_stack+0x15/0x1a
[  300.301532][T17376]  should_fail_ex+0x24a/0x260
[  300.301637][T17376]  should_failslab+0x8f/0xb0
[  300.301671][T17376]  kmem_cache_alloc_node_noprof+0x59/0x320
[  300.301701][T17376]  ? alloc_vmap_area+0x1e1/0x1830
[  300.301756][T17376]  alloc_vmap_area+0x1e1/0x1830
[  300.301785][T17376]  ? __schedule+0x75b/0x990
[  300.301809][T17376]  ? should_fail_ex+0xd7/0x260
[  300.301857][T17376]  ? should_failslab+0x8f/0xb0
[  300.301937][T17376]  ? __kmalloc_cache_node_noprof+0x18c/0x320
[  300.301970][T17376]  __get_vm_area_node+0x162/0x1c0
[  300.302006][T17376]  __vmalloc_node_range_noprof+0x280/0xe70
[  300.302042][T17376]  ? xt_counters_alloc+0x40/0x50
[  300.302143][T17376]  ? kvfree+0x39/0x40
[  300.302177][T17376]  ? kfree+0x247/0x2f0
[  300.302205][T17376]  ? xt_counters_alloc+0x40/0x50
[  300.302242][T17376]  vzalloc_noprof+0x5e/0x70
[  300.302353][T17376]  ? xt_counters_alloc+0x40/0x50
[  300.302387][T17376]  xt_counters_alloc+0x40/0x50
[  300.302422][T17376]  __do_replace+0x50/0x620
[  300.302470][T17376]  ? should_fail_ex+0xd7/0x260
[  300.302505][T17376]  ? _copy_from_user+0x89/0xa0
[  300.302543][T17376]  do_arpt_set_ctl+0x8cd/0xa20
[  300.302585][T17376]  ? _raw_spin_unlock_bh+0x36/0x40
[  300.302673][T17376]  nf_setsockopt+0x195/0x1b0
[  300.302699][T17376]  ip_setsockopt+0xea/0x100
[  300.302769][T17376]  udp_setsockopt+0x95/0xb0
[  300.302793][T17376]  sock_common_setsockopt+0x64/0x80
[  300.302866][T17376]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  300.302911][T17376]  __sys_setsockopt+0x187/0x200
[  300.303023][T17376]  __x64_sys_setsockopt+0x66/0x80
[  300.303056][T17376]  x64_sys_call+0x282e/0x2dc0
[  300.303089][T17376]  do_syscall_64+0xc9/0x1c0
[  300.303130][T17376]  ? clear_bhb_loop+0x55/0xb0
[  300.303208][T17376]  ? clear_bhb_loop+0x55/0xb0
[  300.303235][T17376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.303262][T17376] RIP: 0033:0x7f93a1d6d169
[  300.303281][T17376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.303304][T17376] RSP: 002b:00007f93a03d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  300.303356][T17376] RAX: ffffffffffffffda RBX: 00007f93a1f85fa0 RCX: 00007f93a1d6d169
[  300.303370][T17376] RDX: 0000000000000060 RSI: 0a02000000000000 RDI: 0000000000000003
[  300.303382][T17376] RBP: 00007f93a03d7090 R08: 0000000000000438 R09: 0000000000000000
[  300.303394][T17376] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.303406][T17376] R13: 0000000000000000 R14: 00007f93a1f85fa0 R15: 00007fff5df4da08
[  300.303428][T17376]  </TASK>
[  300.303440][T17376] syz.8.4907: vmalloc error: size 50747072, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  300.613561][T17376] CPU: 0 UID: 0 PID: 17376 Comm: syz.8.4907 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  300.613597][T17376] Tainted: [W]=WARN
[  300.613603][T17376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  300.613616][T17376] Call Trace:
[  300.613625][T17376]  <TASK>
[  300.613635][T17376]  dump_stack_lvl+0xf2/0x150
[  300.613668][T17376]  dump_stack+0x15/0x1a
[  300.613770][T17376]  warn_alloc+0x145/0x1b0
[  300.613881][T17376]  __vmalloc_node_range_noprof+0x2a5/0xe70
[  300.613924][T17376]  ? kvfree+0x39/0x40
[  300.613964][T17376]  ? kfree+0x247/0x2f0
[  300.613989][T17376]  ? xt_counters_alloc+0x40/0x50
[  300.614052][T17376]  vzalloc_noprof+0x5e/0x70
[  300.614185][T17376]  ? xt_counters_alloc+0x40/0x50
[  300.614222][T17376]  xt_counters_alloc+0x40/0x50
[  300.614255][T17376]  __do_replace+0x50/0x620
[  300.614287][T17376]  ? should_fail_ex+0xd7/0x260
[  300.614344][T17376]  ? _copy_from_user+0x89/0xa0
[  300.614370][T17376]  do_arpt_set_ctl+0x8cd/0xa20
[  300.614415][T17376]  ? _raw_spin_unlock_bh+0x36/0x40
[  300.614444][T17376]  nf_setsockopt+0x195/0x1b0
[  300.614532][T17376]  ip_setsockopt+0xea/0x100
[  300.614600][T17376]  udp_setsockopt+0x95/0xb0
[  300.614631][T17376]  sock_common_setsockopt+0x64/0x80
[  300.614668][T17376]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  300.614707][T17376]  __sys_setsockopt+0x187/0x200
[  300.614806][T17376]  __x64_sys_setsockopt+0x66/0x80
[  300.614832][T17376]  x64_sys_call+0x282e/0x2dc0
[  300.614864][T17376]  do_syscall_64+0xc9/0x1c0
[  300.614904][T17376]  ? clear_bhb_loop+0x55/0xb0
[  300.614996][T17376]  ? clear_bhb_loop+0x55/0xb0
[  300.615028][T17376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.615059][T17376] RIP: 0033:0x7f93a1d6d169
[  300.615104][T17376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.615127][T17376] RSP: 002b:00007f93a03d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  300.615150][T17376] RAX: ffffffffffffffda RBX: 00007f93a1f85fa0 RCX: 00007f93a1d6d169
[  300.615166][T17376] RDX: 0000000000000060 RSI: 0a02000000000000 RDI: 0000000000000003
[  300.615181][T17376] RBP: 00007f93a03d7090 R08: 0000000000000438 R09: 0000000000000000
[  300.615251][T17376] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.615266][T17376] R13: 0000000000000000 R14: 00007f93a1f85fa0 R15: 00007fff5df4da08
[  300.615288][T17376]  </TASK>
[  300.858768][T17376] Mem-Info:
[  300.862688][T17376] active_anon:29258 inactive_anon:10 isolated_anon:0
[  300.862688][T17376]  active_file:19903 inactive_file:2616 isolated_file:0
[  300.862688][T17376]  unevictable:0 dirty:617 writeback:0
[  300.862688][T17376]  slab_reclaimable:3290 slab_unreclaimable:30248
[  300.862688][T17376]  mapped:35758 shmem:26001 pagetables:931
[  300.862688][T17376]  sec_pagetables:0 bounce:0
[  300.862688][T17376]  kernel_misc_reclaimable:0
[  300.862688][T17376]  free:1836222 free_pcp:14490 free_cma:0
[  300.908241][T17376] Node 0 active_anon:117032kB inactive_anon:40kB active_file:79612kB inactive_file:10464kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:143032kB dirty:2468kB writeback:0kB shmem:104004kB writeback_tmp:0kB kernel_stack:3984kB pagetables:3724kB sec_pagetables:0kB all_unreclaimable? no
[  300.936758][T17376] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  300.963804][T17376] lowmem_reserve[]: 0 2885 7863 7863
[  300.969404][T17376] Node 0 DMA32 free:2950720kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2954352kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB
[  300.998138][T17376] lowmem_reserve[]: 0 0 4978 4978
[  301.003533][T17376] Node 0 Normal free:4378808kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:117032kB inactive_anon:40kB active_file:79612kB inactive_file:10464kB unevictable:0kB writepending:2468kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:54360kB local_pcp:36184kB free_cma:0kB
[  301.034382][T17376] lowmem_reserve[]: 0 0 0 0
[  301.039280][T17376] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  301.052346][T17376] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 1*16kB (M) 3*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950720kB
[  301.068729][T17376] Node 0 Normal: 496*4kB (UE) 135*8kB (UM) 293*16kB (UME) 594*32kB (UME) 640*64kB (UM) 138*128kB (UM) 25*256kB (UM) 93*512kB (UME) 200*1024kB (UME) 88*2048kB (UM) 940*4096kB (UM) = 4374664kB
[  301.088334][T17376] Node 0 hugepages_total=6 hugepages_free=5 hugepages_surp=2 hugepages_size=2048kB
[  301.098109][T17376] 48531 total pagecache pages
[  301.103010][T17376] 12 pages in swap cache
[  301.108545][T17376] Free swap  = 124904kB
[  301.113561][T17376] Total swap = 124996kB
[  301.118014][T17376] 2097051 pages RAM
[  301.122032][T17376] 0 pages HighMem/MovableOnly
[  301.126977][T17376] 80071 pages reserved
[  301.562159][T17403] FAULT_INJECTION: forcing a failure.
[  301.562159][T17403] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.576098][T17403] CPU: 1 UID: 0 PID: 17403 Comm: syz.9.4917 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  301.576176][T17403] Tainted: [W]=WARN
[  301.576185][T17403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  301.576200][T17403] Call Trace:
[  301.576208][T17403]  <TASK>
[  301.576216][T17403]  dump_stack_lvl+0xf2/0x150
[  301.576247][T17403]  dump_stack+0x15/0x1a
[  301.576274][T17403]  should_fail_ex+0x24a/0x260
[  301.576321][T17403]  should_fail+0xb/0x10
[  301.576389][T17403]  should_fail_usercopy+0x1a/0x20
[  301.576430][T17403]  _copy_to_user+0x20/0xa0
[  301.576455][T17403]  simple_read_from_buffer+0xa0/0x110
[  301.576492][T17403]  proc_fail_nth_read+0xf9/0x140
[  301.576576][T17403]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  301.576611][T17403]  vfs_read+0x19b/0x6f0
[  301.576636][T17403]  ? __rcu_read_unlock+0x4e/0x70
[  301.576663][T17403]  ? __fget_files+0x17c/0x1c0
[  301.576727][T17403]  ksys_read+0xe8/0x1b0
[  301.576757][T17403]  __x64_sys_read+0x42/0x50
[  301.576788][T17403]  x64_sys_call+0x2874/0x2dc0
[  301.576819][T17403]  do_syscall_64+0xc9/0x1c0
[  301.576926][T17403]  ? clear_bhb_loop+0x55/0xb0
[  301.577038][T17403]  ? clear_bhb_loop+0x55/0xb0
[  301.577073][T17403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.577107][T17403] RIP: 0033:0x7f3a8106bb7c
[  301.577123][T17403] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  301.577179][T17403] RSP: 002b:00007f3a7f6d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  301.577197][T17403] RAX: ffffffffffffffda RBX: 00007f3a81285fa0 RCX: 00007f3a8106bb7c
[  301.577210][T17403] RDX: 000000000000000f RSI: 00007f3a7f6d70a0 RDI: 0000000000000004
[  301.577222][T17403] RBP: 00007f3a7f6d7090 R08: 0000000000000000 R09: 0000000000000000
[  301.577244][T17403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  301.577256][T17403] R13: 0000000000000000 R14: 00007f3a81285fa0 R15: 00007fff2e0c26a8
[  301.577295][T17403]  </TASK>
[  301.801591][T17405] netlink: 'syz.2.4918': attribute type 21 has an invalid length.
[  301.854959][T17405] __nla_validate_parse: 5 callbacks suppressed
[  301.854978][T17405] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4918'.
[  301.892209][T17408] loop9: detected capacity change from 0 to 256
[  301.901731][T17408] vfat: Unknown parameter 'ÿÿÿÿÿÿÿ'
[  302.261369][T17431] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  302.267928][T17431] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  302.276214][T17431] vhci_hcd vhci_hcd.0: Device attached
[  302.284538][T17433] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.297688][T17433] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  302.315624][T17434] vhci_hcd: connection closed
[  302.315853][ T3419] vhci_hcd: stop threads
[  302.325852][ T3419] vhci_hcd: release socket
[  302.330390][ T3419] vhci_hcd: disconnect device
[  302.345980][T17433] loop9: detected capacity change from 0 to 512
[  302.353207][T17433] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  302.362816][T17433] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  302.375381][T17433] EXT4-fs (loop9): warning: mounting unchecked fs, running e2fsck is recommended
[  302.385387][T17433] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  302.393471][T17433] System zones: 0-2, 18-18, 34-35
[  302.403588][T17433] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4928'.
[  302.412795][T17440] bond0: (slave veth1_vlan): Error: Device is in use and cannot be enslaved
[  302.535923][T17440] netlink: 'syz.6.4929': attribute type 6 has an invalid length.
[  302.843171][T17443] netlink: 'syz.2.4930': attribute type 21 has an invalid length.
[  302.851323][T17443] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4930'.
[  302.982119][T17454] netlink: 52 bytes leftover after parsing attributes in process `syz.9.4935'.
[  303.114668][T17472] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4942'.
[  303.135294][T17472] siw: device registration error -23
[  303.144157][T17476] netlink: 14568 bytes leftover after parsing attributes in process `syz.9.4944'.
[  303.202344][T17480] loop9: detected capacity change from 0 to 512
[  303.224155][T17480] loop9: detected capacity change from 0 to 512
[  303.240693][T17482] loop8: detected capacity change from 0 to 128
[  303.241632][T17480] EXT4-fs (loop9): orphan cleanup on readonly fs
[  303.256089][T17482] msdos: Unknown parameter 'sys_enter'
[  303.266881][T17480] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.4946: bg 0: block 248: padding at end of block bitmap is not set
[  303.295137][T17480] EXT4-fs error (device loop9): ext4_acquire_dquot:6927: comm syz.9.4946: Failed to acquire dquot type 1
[  303.309359][T17480] EXT4-fs (loop9): 1 truncate cleaned up
[  303.321500][T17480] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  303.347611][T17480] EXT4-fs error (device loop9): ext4_acquire_dquot:6927: comm syz.9.4946: Failed to acquire dquot type 1
[  303.369309][T17480] EXT4-fs warning (device loop9): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix.
[  304.189081][   T29] kauditd_printk_skb: 402 callbacks suppressed
[  304.189099][   T29] audit: type=1326 audit(1742744745.697:15623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17493 comm="syz.9.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a8106d169 code=0x7ffc0000
[  304.386899][   T29] audit: type=1326 audit(1742744745.787:15624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17493 comm="syz.9.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f3a8106d169 code=0x7ffc0000
[  304.411356][   T29] audit: type=1326 audit(1742744745.787:15625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17493 comm="syz.9.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a8106d169 code=0x7ffc0000
[  304.435756][   T29] audit: type=1326 audit(1742744745.787:15626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17493 comm="syz.9.4950" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a8106d169 code=0x7ffc0000
[  304.460020][   T29] audit: type=1326 audit(1742744745.827:15627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17500 comm="syz.2.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  304.484350][   T29] audit: type=1326 audit(1742744745.827:15628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17500 comm="syz.2.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  304.508609][   T29] audit: type=1326 audit(1742744745.827:15629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17500 comm="syz.2.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  304.532826][   T29] audit: type=1326 audit(1742744745.827:15630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17500 comm="syz.2.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  304.557141][   T29] audit: type=1326 audit(1742744745.827:15631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17500 comm="syz.2.4952" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  304.814908][T17510] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4955'.
[  304.839190][T17510] siw: device registration error -23
[  305.071872][T17519] loop6: detected capacity change from 0 to 2048
[  305.125354][T17519]  loop6: p3 p4 < >
[  305.266284][   T29] audit: type=1326 audit(1742744746.777:15632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17532 comm="syz.9.4964" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a8106d169 code=0x7ffc0000
[  305.317131][T17548] loop9: detected capacity change from 0 to 512
[  305.318500][T17538] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  305.328170][T17544] loop8: detected capacity change from 0 to 512
[  305.333523][T17538] SELinux: failed to load policy
[  305.342980][T17548] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  305.347401][T17538] SELinux: ebitmap: truncated map
[  305.359460][T17550] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0
[  305.359554][T17546] IPVS: stopping master sync thread 17550 ...
[  305.375951][T17538] SELinux: failed to load policy
[  305.378903][T17548] EXT4-fs (loop9): 1 truncate cleaned up
[  305.386850][T17544] EXT4-fs (loop8): orphan cleanup on readonly fs
[  305.396956][T17544] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.4968: bg 0: block 248: padding at end of block bitmap is not set
[  305.428320][T17544] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.4968: Failed to acquire dquot type 1
[  305.451056][T17544] EXT4-fs (loop8): 1 truncate cleaned up
[  305.495764][T17562] netlink: 'syz.3.4973': attribute type 1 has an invalid length.
[  305.503945][T17562] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4973'.
[  305.511724][T17566] loop8: detected capacity change from 0 to 512
[  305.556088][T17566] EXT4-fs: Ignoring removed oldalloc option
[  305.579673][T17566] EXT4-fs error (device loop8): ext4_xattr_inode_iget:436: comm syz.8.4974: Parent and EA inode have the same ino 15
[  305.605405][T17566] EXT4-fs error (device loop8): ext4_xattr_inode_iget:436: comm syz.8.4974: Parent and EA inode have the same ino 15
[  305.632309][T17566] EXT4-fs (loop8): 1 orphan inode deleted
[  305.800789][T17599] loop8: detected capacity change from 0 to 512
[  305.813802][T17601] loop9: detected capacity change from 0 to 512
[  305.822218][T17601] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  305.823072][T17599] EXT4-fs (loop8): orphan cleanup on readonly fs
[  305.840069][T17599] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.4984: bg 0: block 248: padding at end of block bitmap is not set
[  305.856404][T17601] EXT4-fs (loop9): 1 truncate cleaned up
[  305.857445][T17599] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.4984: Failed to acquire dquot type 1
[  305.888514][T17599] EXT4-fs (loop8): 1 truncate cleaned up
[  306.068384][T17621] FAULT_INJECTION: forcing a failure.
[  306.068384][T17621] name failslab, interval 1, probability 0, space 0, times 0
[  306.083147][T17621] CPU: 1 UID: 0 PID: 17621 Comm: syz.6.4992 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  306.083184][T17621] Tainted: [W]=WARN
[  306.083191][T17621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  306.083203][T17621] Call Trace:
[  306.083210][T17621]  <TASK>
[  306.083219][T17621]  dump_stack_lvl+0xf2/0x150
[  306.083291][T17621]  dump_stack+0x15/0x1a
[  306.083318][T17621]  should_fail_ex+0x24a/0x260
[  306.083371][T17621]  should_failslab+0x8f/0xb0
[  306.083409][T17621]  __kmalloc_node_noprof+0xad/0x410
[  306.083448][T17621]  ? __kvmalloc_node_noprof+0x72/0x170
[  306.083486][T17621]  __kvmalloc_node_noprof+0x72/0x170
[  306.083594][T17621]  io_alloc_cache_init+0x33/0xa0
[  306.083636][T17621]  io_ring_ctx_alloc+0x360/0x730
[  306.083677][T17621]  io_uring_create+0x40/0x6d0
[  306.083713][T17621]  __se_sys_io_uring_setup+0x1d2/0x1e0
[  306.083809][T17621]  __x64_sys_io_uring_setup+0x31/0x40
[  306.083831][T17621]  x64_sys_call+0x270c/0x2dc0
[  306.083860][T17621]  do_syscall_64+0xc9/0x1c0
[  306.083921][T17621]  ? clear_bhb_loop+0x55/0xb0
[  306.083954][T17621]  ? clear_bhb_loop+0x55/0xb0
[  306.084005][T17621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.084039][T17621] RIP: 0033:0x7feb232bd169
[  306.084057][T17621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.084076][T17621] RSP: 002b:00007feb21927038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  306.084096][T17621] RAX: ffffffffffffffda RBX: 00007feb234d5fa0 RCX: 00007feb232bd169
[  306.084111][T17621] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000001de0
[  306.084174][T17621] RBP: 00007feb21927090 R08: 0000000000000000 R09: 0000000000000000
[  306.084188][T17621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  306.084203][T17621] R13: 0000000000000000 R14: 00007feb234d5fa0 R15: 00007ffc8be9ac58
[  306.084226][T17621]  </TASK>
[  306.397937][T17627] loop6: detected capacity change from 0 to 512
[  306.412776][T17627] EXT4-fs (loop6): orphan cleanup on readonly fs
[  306.419769][T17629] FAULT_INJECTION: forcing a failure.
[  306.419769][T17629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  306.433245][T17629] CPU: 0 UID: 0 PID: 17629 Comm: syz.9.4995 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  306.433277][T17629] Tainted: [W]=WARN
[  306.433283][T17629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  306.433296][T17629] Call Trace:
[  306.433302][T17629]  <TASK>
[  306.433309][T17629]  dump_stack_lvl+0xf2/0x150
[  306.433337][T17629]  dump_stack+0x15/0x1a
[  306.433391][T17629]  should_fail_ex+0x24a/0x260
[  306.433425][T17629]  should_fail+0xb/0x10
[  306.433456][T17629]  should_fail_usercopy+0x1a/0x20
[  306.433549][T17629]  _copy_from_user+0x1c/0xa0
[  306.433569][T17629]  do_seccomp+0x15b/0xa60
[  306.433592][T17629]  ? cap_task_prctl+0x237/0x600
[  306.433687][T17629]  prctl_set_seccomp+0x4d/0x70
[  306.433768][T17629]  __se_sys_prctl+0x1e2/0x24c0
[  306.433792][T17629]  ? _parse_integer+0x27/0x30
[  306.433817][T17629]  ? kstrtoull+0x110/0x140
[  306.433916][T17629]  ? kstrtouint+0x77/0xc0
[  306.433946][T17629]  ? kstrtouint_from_user+0xb0/0xe0
[  306.433978][T17629]  ? 0xffffffff81000000
[  306.434013][T17629]  ? selinux_file_permission+0x22a/0x360
[  306.434049][T17629]  ? __rcu_read_unlock+0x4e/0x70
[  306.434076][T17629]  ? get_pid_task+0x8e/0xc0
[  306.434107][T17629]  ? proc_fail_nth_write+0x12a/0x150
[  306.434224][T17629]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  306.434261][T17629]  ? vfs_write+0x644/0x920
[  306.434287][T17629]  ? putname+0xcf/0xf0
[  306.434304][T17629]  ? __fget_files+0x17c/0x1c0
[  306.434423][T17629]  ? fput+0x1c4/0x200
[  306.434444][T17629]  ? ksys_write+0x176/0x1b0
[  306.434471][T17629]  __x64_sys_prctl+0x67/0x80
[  306.434491][T17629]  x64_sys_call+0xff7/0x2dc0
[  306.434520][T17629]  do_syscall_64+0xc9/0x1c0
[  306.434631][T17629]  ? clear_bhb_loop+0x55/0xb0
[  306.434659][T17629]  ? clear_bhb_loop+0x55/0xb0
[  306.434689][T17629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.434745][T17629] RIP: 0033:0x7f3a8106d169
[  306.434760][T17629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.434812][T17629] RSP: 002b:00007f3a7f6d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  306.434834][T17629] RAX: ffffffffffffffda RBX: 00007f3a81285fa0 RCX: 00007f3a8106d169
[  306.434849][T17629] RDX: 0000200000000000 RSI: 0000000000000002 RDI: 0000000000000016
[  306.434864][T17629] RBP: 00007f3a7f6d7090 R08: 0000000000000000 R09: 0000000000000000
[  306.434878][T17629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  306.434930][T17629] R13: 0000000000000000 R14: 00007f3a81285fa0 R15: 00007fff2e0c26a8
[  306.434953][T17629]  </TASK>
[  306.448374][T17631] lo speed is unknown, defaulting to 1000
[  306.468299][T17627] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4997: bg 0: block 248: padding at end of block bitmap is not set
[  306.468698][T17627] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.4997: Failed to acquire dquot type 1
[  306.469918][T17627] EXT4-fs (loop6): 1 truncate cleaned up
[  306.491456][T17631] lo speed is unknown, defaulting to 1000
[  306.500832][T17632] lo speed is unknown, defaulting to 1000
[  306.701171][T17645] netlink: 6 bytes leftover after parsing attributes in process `syz.9.5000'.
[  306.763469][T17644] loop9: detected capacity change from 0 to 512
[  306.769866][T17632] lo speed is unknown, defaulting to 1000
[  306.788088][T17644] ext4 filesystem being mounted at /297/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  306.905014][T17656] netlink: 'syz.3.5005': attribute type 32 has an invalid length.
[  306.912965][T17656] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5005'.
[  306.947623][T17656] (unnamed net_device) (uninitialized): option coupled_control: invalid value (17)
[  307.326576][T17692] loop2: detected capacity change from 0 to 1024
[  307.343671][T17692] EXT4-fs: Ignoring removed nomblk_io_submit option
[  307.370419][T17692] EXT4-fs (loop2): shut down requested (0)
[  307.453132][T17701] loop2: detected capacity change from 0 to 512
[  307.466725][T17701] loop2: detected capacity change from 0 to 512
[  307.796250][T17701] EXT4-fs (loop2): orphan cleanup on readonly fs
[  307.817705][T17701] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.5021: bg 0: block 248: padding at end of block bitmap is not set
[  307.876912][T17701] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.5021: Failed to acquire dquot type 1
[  307.920924][T17701] EXT4-fs (loop2): 1 truncate cleaned up
[  308.012430][T17701] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  308.057050][T17701] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.5021: Failed to acquire dquot type 1
[  308.098252][T17701] EXT4-fs warning (device loop2): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix.
[  308.389377][T17719] 9pnet_fd: Insufficient options for proto=fd
[  308.475388][T17726] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5031'.
[  308.521645][T17731] loop9: detected capacity change from 0 to 512
[  308.627502][T17731] ext4 filesystem being mounted at /305/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  308.709492][T17731] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5033: bg 0: block 424: padding at end of block bitmap is not set
[  309.323686][T17811] lo speed is unknown, defaulting to 1000
[  309.334655][T17811] lo speed is unknown, defaulting to 1000
[  309.350740][   T29] kauditd_printk_skb: 224 callbacks suppressed
[  309.350756][   T29] audit: type=1400 audit(1742744750.857:15847): avc:  denied  { ioctl } for  pid=17809 comm="syz.3.5048" path="socket:[56617]" dev="sockfs" ino=56617 ioctlcmd=0x9362 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  309.487118][   T29] audit: type=1400 audit(1742744750.977:15848): avc:  denied  { cpu } for  pid=17822 comm="syz.9.5042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  309.543027][   T29] audit: type=1326 audit(1742744751.047:15849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17846 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  309.568098][   T29] audit: type=1326 audit(1742744751.047:15850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17846 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  309.599438][   T29] audit: type=1326 audit(1742744751.047:15851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17846 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  309.624328][   T29] audit: type=1326 audit(1742744751.047:15852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17846 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  309.648004][   T29] audit: type=1326 audit(1742744751.077:15853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17846 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  309.676874][   T29] audit: type=1400 audit(1742744751.107:15854): avc:  denied  { bind } for  pid=17848 comm="syz.6.5052" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  309.787639][T17865] loop8: detected capacity change from 0 to 1024
[  309.817346][T17867] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  309.829587][T17865] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  309.842555][T17865] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  309.872332][T17865] JBD2: no valid journal superblock found
[  309.872357][T17865] EXT4-fs (loop8): Could not load journal inode
[  309.900121][   T29] audit: type=1400 audit(1742744751.407:15855): avc:  denied  { ioctl } for  pid=17875 comm="syz.3.5061" path="socket:[56774]" dev="sockfs" ino=56774 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  309.980772][   T29] audit: type=1326 audit(1742744751.487:15856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17881 comm="syz.2.5063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  310.483353][T17918] loop8: detected capacity change from 0 to 256
[  310.510905][T17905] netlink: 256 bytes leftover after parsing attributes in process `syz.2.5073'.
[  310.580264][T17922] x_tables: duplicate underflow at hook 2
[  310.609761][T17921] lo speed is unknown, defaulting to 1000
[  310.624452][T17921] lo speed is unknown, defaulting to 1000
[  310.831434][T17927] binfmt_misc: register: failed to install interpreter file ./file2
[  310.898863][T17933] IPv6: NLM_F_CREATE should be specified when creating new route
[  310.918085][T17933] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  310.955802][T17933] loop9: detected capacity change from 0 to 164
[  310.977119][T17933] Unable to read rock-ridge attributes
[  311.285242][T17946] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  311.593935][T17952] netlink: 72 bytes leftover after parsing attributes in process `syz.3.5093'.
[  312.039444][T17965] loop9: detected capacity change from 0 to 512
[  312.085317][T17965] EXT4-fs (loop9): orphan cleanup on readonly fs
[  312.092505][T17965] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5098: bg 0: block 248: padding at end of block bitmap is not set
[  312.133371][T17965] EXT4-fs error (device loop9): ext4_acquire_dquot:6927: comm syz.9.5098: Failed to acquire dquot type 1
[  312.148953][T17965] EXT4-fs (loop9): 1 truncate cleaned up
[  312.180046][T17974] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5102'.
[  312.251917][T17978] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5104'.
[  312.467144][T17984] loop8: detected capacity change from 0 to 512
[  312.519003][T17984] EXT4-fs mount: 26 callbacks suppressed
[  312.519025][T17984] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.587478][T17984] ext4 filesystem being mounted at /395/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  312.821339][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.836743][T17965] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  312.931006][T17996] rdma_op ffff8881183ced80 conn xmit_rdma 0000000000000000
[  312.958508][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.971077][T17999] syz.2.5108: vmalloc error: size 8192, failed to allocate pages, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  312.987917][T17999] CPU: 0 UID: 0 PID: 17999 Comm: syz.2.5108 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  312.987953][T17999] Tainted: [W]=WARN
[  312.987961][T17999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  312.987995][T17999] Call Trace:
[  312.988004][T17999]  <TASK>
[  312.988013][T17999]  dump_stack_lvl+0xf2/0x150
[  312.988047][T17999]  dump_stack+0x15/0x1a
[  312.988073][T17999]  warn_alloc+0x145/0x1b0
[  312.988193][T17999]  ? __vmalloc_node_range_noprof+0xc0e/0xe70
[  312.988262][T17999]  ? __rcu_read_unlock+0x4e/0x70
[  312.988287][T17999]  __vmalloc_node_range_noprof+0xd8c/0xe70
[  312.988372][T17999]  ? bpf_prog_alloc_no_stats+0x49/0x380
[  312.988439][T17999]  __vmalloc_noprof+0x5e/0x70
[  312.988472][T17999]  ? bpf_prog_alloc_no_stats+0x49/0x380
[  312.988502][T17999]  bpf_prog_alloc_no_stats+0x49/0x380
[  312.988575][T17999]  ? bpf_prog_alloc+0x28/0x150
[  312.988612][T17999]  bpf_prog_alloc+0x3a/0x150
[  312.988647][T17999]  __get_filter+0x90/0x220
[  312.988674][T17999]  sk_reuseport_attach_filter+0x22/0x140
[  312.988705][T17999]  sk_setsockopt+0x1744/0x1f00
[  312.988837][T17999]  sock_setsockopt+0x3c/0x50
[  312.988865][T17999]  __sys_setsockopt+0x13d/0x200
[  312.988899][T17999]  __x64_sys_setsockopt+0x66/0x80
[  312.988925][T17999]  x64_sys_call+0x282e/0x2dc0
[  312.988976][T17999]  do_syscall_64+0xc9/0x1c0
[  312.989070][T17999]  ? clear_bhb_loop+0x55/0xb0
[  312.989098][T17999]  ? clear_bhb_loop+0x55/0xb0
[  312.989286][T17999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.989315][T17999] RIP: 0033:0x7f4e49e3d169
[  312.989334][T17999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.989431][T17999] RSP: 002b:00007f4e484a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  312.989453][T17999] RAX: ffffffffffffffda RBX: 00007f4e4a055fa0 RCX: 00007f4e49e3d169
[  312.989469][T17999] RDX: 0000000000000033 RSI: 0000000000000001 RDI: 0000000000000006
[  312.989483][T17999] RBP: 00007f4e484a7090 R08: 0000000000000010 R09: 0000000000000000
[  312.989522][T17999] R10: 000020000002eff0 R11: 0000000000000246 R12: 0000000000000001
[  312.989566][T17999] R13: 0000000000000000 R14: 00007f4e4a055fa0 R15: 00007ffc527e8888
[  312.989585][T17999]  </TASK>
[  312.989591][T17999] Mem-Info:
[  313.025138][T18001] loop8: detected capacity change from 0 to 512
[  313.027710][T17999] active_anon:24411 inactive_anon:194 isolated_anon:0
[  313.027710][T17999]  active_file:19798 inactive_file:2638 isolated_file:0
[  313.027710][T17999]  unevictable:0 dirty:30 writeback:24
[  313.027710][T17999]  slab_reclaimable:3287 slab_unreclaimable:31351
[  313.027710][T17999]  mapped:33940 shmem:21524 pagetables:953
[  313.027710][T17999]  sec_pagetables:0 bounce:0
[  313.027710][T17999]  kernel_misc_reclaimable:0
[  313.027710][T17999]  free:1765362 free_pcp:13397 free_cma:0
[  313.054051][T18001] loop8: detected capacity change from 0 to 512
[  313.058766][T17999] Node 0 active_anon:98108kB inactive_anon:544kB active_file:79192kB inactive_file:10552kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:136108kB dirty:120kB writeback:96kB shmem:85980kB writeback_tmp:0kB kernel_stack:3920kB pagetables:3812kB sec_pagetables:0kB all_unreclaimable? no
[  313.058829][T17999] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  313.058958][T17999] lowmem_reserve[]: 0 2885 7863 7863
[  313.058990][T17999] Node 0 DMA32 free:2950720kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2954352kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB
[  313.059130][T17999] lowmem_reserve[]: 0 0 4978 4978
[  313.059160][T17999] Node 0 Normal free:4095368kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:98108kB inactive_anon:544kB active_file:79192kB inactive_file:10552kB unevictable:0kB writepending:100kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:49992kB local_pcp:35568kB free_cma:0kB
[  313.059300][T17999] lowmem_reserve[]: 0 0 0 0
[  313.059331][T17999] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  313.059528][T17999] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 1*16kB (M) 3*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950720kB
[  313.059742][T17999] Node 0 Normal: 1952*4kB (UME) 1379*8kB (UM) 807*16kB (UME) 452*32kB (UME) 486*64kB (UME) 115*128kB (UM) 74*256kB (UM) 92*512kB (UME) 199*1024kB (UME) 7*2048kB (UM) 908*4096kB (UM) = 4095368kB
[  313.059983][T17999] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  313.060004][T17999] 43943 total pagecache pages
[  313.060012][T17999] 13 pages in swap cache
[  313.060020][T17999] Free swap  = 108684kB
[  313.060074][T17999] Total swap = 124996kB
[  313.060082][T17999] 2097051 pages RAM
[  313.060090][T17999] 0 pages HighMem/MovableOnly
[  313.060098][T17999] 80071 pages reserved
[  313.598815][T18001] EXT4-fs (loop8): orphan cleanup on readonly fs
[  313.621273][T18001] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.5110: bg 0: block 248: padding at end of block bitmap is not set
[  313.699459][T18001] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.5110: Failed to acquire dquot type 1
[  313.739380][T18001] EXT4-fs (loop8): 1 truncate cleaned up
[  313.767484][T18001] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  313.803255][T18001] EXT4-fs (loop8): warning: mounting fs with errors, running e2fsck is recommended
[  313.827343][T18001] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.5110: Failed to acquire dquot type 1
[  313.852525][T18001] EXT4-fs warning (device loop8): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix.
[  313.891470][T17980] syz.3.5102 (17980) used greatest stack depth: 6176 bytes left
[  313.951872][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.978716][T18024] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5118'.
[  314.003013][T18027] netlink: 'syz.2.5121': attribute type 10 has an invalid length.
[  314.014667][T18024] siw: device registration error -23
[  314.022935][T18031] loop8: detected capacity change from 0 to 512
[  314.023370][T18029] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5122'.
[  314.057176][T18031] EXT4-fs (loop8): orphan cleanup on readonly fs
[  314.069303][T18029] batadv0: entered promiscuous mode
[  314.081102][T18031] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.5120: bg 0: block 248: padding at end of block bitmap is not set
[  314.083864][T18029] macvtap1: entered promiscuous mode
[  314.100850][T18029] macvtap1: entered allmulticast mode
[  314.108325][T18029] batadv0: entered allmulticast mode
[  314.122184][T18031] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.5120: Failed to acquire dquot type 1
[  314.137579][T18029] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  314.158057][T18031] EXT4-fs (loop8): 1 truncate cleaned up
[  314.183809][T18031] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  314.250260][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.263642][T18045] loop9: detected capacity change from 0 to 2048
[  314.305667][T18045]  loop9: p3 p4 < >
[  314.360866][T18053] loop8: detected capacity change from 0 to 512
[  314.386869][T18053] EXT4-fs (loop8): orphan cleanup on readonly fs
[  314.391294][T18059] FAULT_INJECTION: forcing a failure.
[  314.391294][T18059] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.408447][T18059] CPU: 1 UID: 0 PID: 18059 Comm: syz.2.5132 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  314.408491][T18059] Tainted: [W]=WARN
[  314.408499][T18059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  314.408512][T18059] Call Trace:
[  314.408519][T18059]  <TASK>
[  314.408527][T18059]  dump_stack_lvl+0xf2/0x150
[  314.408623][T18059]  dump_stack+0x15/0x1a
[  314.408657][T18059]  should_fail_ex+0x24a/0x260
[  314.408687][T18059]  should_fail+0xb/0x10
[  314.408716][T18059]  should_fail_usercopy+0x1a/0x20
[  314.408767][T18059]  _copy_from_user+0x1c/0xa0
[  314.408792][T18059]  copy_msghdr_from_user+0x54/0x2a0
[  314.408905][T18059]  ? __fget_files+0x17c/0x1c0
[  314.408984][T18059]  __sys_sendmsg+0x13e/0x230
[  314.409025][T18059]  __x64_sys_sendmsg+0x46/0x50
[  314.409058][T18059]  x64_sys_call+0x2734/0x2dc0
[  314.409127][T18059]  do_syscall_64+0xc9/0x1c0
[  314.409170][T18059]  ? clear_bhb_loop+0x55/0xb0
[  314.409197][T18059]  ? clear_bhb_loop+0x55/0xb0
[  314.409277][T18059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.409309][T18059] RIP: 0033:0x7f4e49e3d169
[  314.409324][T18059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.409344][T18059] RSP: 002b:00007f4e484a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.409366][T18059] RAX: ffffffffffffffda RBX: 00007f4e4a055fa0 RCX: 00007f4e49e3d169
[  314.409382][T18059] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  314.409397][T18059] RBP: 00007f4e484a7090 R08: 0000000000000000 R09: 0000000000000000
[  314.409493][T18059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.409508][T18059] R13: 0000000000000000 R14: 00007f4e4a055fa0 R15: 00007ffc527e8888
[  314.409531][T18059]  </TASK>
[  314.581185][T18053] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.5140: bg 0: block 248: padding at end of block bitmap is not set
[  314.617509][T18053] __quota_error: 212 callbacks suppressed
[  314.617531][T18053] Quota error (device loop8): write_blk: dquota write failed
[  314.627921][T18062] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5134'.
[  314.630758][T18053] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  314.645827][T18062] siw: device registration error -23
[  314.649987][T18053] EXT4-fs error (device loop8): ext4_acquire_dquot:6927: comm syz.8.5140: Failed to acquire dquot type 1
[  314.668580][T18056] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  314.677254][T18053] EXT4-fs (loop8): 1 truncate cleaned up
[  314.685557][T18053] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  314.778464][   T29] audit: type=1400 audit(1742744756.277:16061): avc:  denied  { read } for  pid=18075 comm="syz.9.5141" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  314.779914][T18076] lo speed is unknown, defaulting to 1000
[  314.805894][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.817607][T18076] lo speed is unknown, defaulting to 1000
[  314.826413][T18078] usb usb1: check_ctrlrecip: process 18078 (syz.2.5139) requesting ep 01 but needs 81
[  314.836213][T18078] usb usb1: usbfs: process 18078 (syz.2.5139) did not claim interface 0 before use
[  314.850829][T18080] loop6: detected capacity change from 0 to 256
[  314.890867][T18082] loop8: detected capacity change from 0 to 512
[  314.917318][T18082] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  314.943275][   T29] audit: type=1326 audit(1742744756.447:16062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18088 comm="syz.2.5146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  314.970312][T18091] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5147'.
[  314.995819][T18082] EXT4-fs (loop8): 1 truncate cleaned up
[  315.001910][T18082] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.003571][   T29] audit: type=1326 audit(1742744756.447:16063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18088 comm="syz.2.5146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  315.038517][   T29] audit: type=1326 audit(1742744756.457:16064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18088 comm="syz.2.5146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  315.041290][T18091] siw: device registration error -23
[  315.064492][   T29] audit: type=1326 audit(1742744756.457:16065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18088 comm="syz.2.5146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  315.094643][   T29] audit: type=1326 audit(1742744756.457:16066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18088 comm="syz.2.5146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e49e3d169 code=0x7ffc0000
[  315.177503][T18101] loop9: detected capacity change from 0 to 512
[  315.200333][T18101] EXT4-fs (loop9): orphan cleanup on readonly fs
[  315.337698][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.354687][T18101] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5152: bg 0: block 248: padding at end of block bitmap is not set
[  315.369496][T18101] Quota error (device loop9): write_blk: dquota write failed
[  315.377030][T18101] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  315.387016][T18101] EXT4-fs error (device loop9): ext4_acquire_dquot:6927: comm syz.9.5152: Failed to acquire dquot type 1
[  315.400801][T18101] EXT4-fs (loop9): 1 truncate cleaned up
[  315.473302][T18112] lo speed is unknown, defaulting to 1000
[  315.481632][T18112] lo speed is unknown, defaulting to 1000
[  315.879431][T18101] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  315.949724][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.307311][T18134] loop6: detected capacity change from 0 to 512
[  316.336467][T18134] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  316.363007][T18134] EXT4-fs (loop6): 1 truncate cleaned up
[  316.363365][T18134] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.468754][T18144] loop9: detected capacity change from 0 to 512
[  316.487452][T18144] EXT4-fs (loop9): orphan cleanup on readonly fs
[  316.488021][T18144] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5168: bg 0: block 248: padding at end of block bitmap is not set
[  316.488192][T18144] EXT4-fs error (device loop9): ext4_acquire_dquot:6927: comm syz.9.5168: Failed to acquire dquot type 1
[  316.488876][T18144] EXT4-fs (loop9): 1 truncate cleaned up
[  316.489486][T18144] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  316.550319][T16362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.551379][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.555066][T18149] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  316.879896][T18172] FAULT_INJECTION: forcing a failure.
[  316.879896][T18172] name failslab, interval 1, probability 0, space 0, times 0
[  316.894308][T18172] CPU: 1 UID: 0 PID: 18172 Comm: syz.9.5176 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  316.894349][T18172] Tainted: [W]=WARN
[  316.894358][T18172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  316.894373][T18172] Call Trace:
[  316.894397][T18172]  <TASK>
[  316.894406][T18172]  dump_stack_lvl+0xf2/0x150
[  316.894438][T18172]  dump_stack+0x15/0x1a
[  316.894466][T18172]  should_fail_ex+0x24a/0x260
[  316.894548][T18172]  ? nf_tables_parse_netdev_hooks+0xe3/0x450
[  316.894618][T18172]  should_failslab+0x8f/0xb0
[  316.894655][T18172]  __kmalloc_cache_noprof+0x4e/0x320
[  316.894687][T18172]  nf_tables_parse_netdev_hooks+0xe3/0x450
[  316.894720][T18172]  nft_flowtable_parse_hook+0x2c5/0x400
[  316.894837][T18172]  nf_tables_delflowtable+0x765/0xd00
[  316.894888][T18172]  nfnetlink_rcv+0xb3e/0x15d0
[  316.894935][T18172]  netlink_unicast+0x599/0x670
[  316.895013][T18172]  netlink_sendmsg+0x5cc/0x6e0
[  316.895036][T18172]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.895055][T18172]  __sock_sendmsg+0x140/0x180
[  316.895092][T18172]  ____sys_sendmsg+0x326/0x4b0
[  316.895150][T18172]  __sys_sendmsg+0x19d/0x230
[  316.895198][T18172]  __x64_sys_sendmsg+0x46/0x50
[  316.895225][T18172]  x64_sys_call+0x2734/0x2dc0
[  316.895256][T18172]  do_syscall_64+0xc9/0x1c0
[  316.895343][T18172]  ? clear_bhb_loop+0x55/0xb0
[  316.895426][T18172]  ? clear_bhb_loop+0x55/0xb0
[  316.895460][T18172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.895573][T18172] RIP: 0033:0x7f3a8106d169
[  316.895592][T18172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.895615][T18172] RSP: 002b:00007f3a7f6d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  316.895636][T18172] RAX: ffffffffffffffda RBX: 00007f3a81285fa0 RCX: 00007f3a8106d169
[  316.895649][T18172] RDX: 0000000020008000 RSI: 0000200000000500 RDI: 0000000000000003
[  316.895661][T18172] RBP: 00007f3a7f6d7090 R08: 0000000000000000 R09: 0000000000000000
[  316.895701][T18172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.895714][T18172] R13: 0000000000000000 R14: 00007f3a81285fa0 R15: 00007fff2e0c26a8
[  316.895733][T18172]  </TASK>
[  317.363216][T18184] loop8: detected capacity change from 0 to 512
[  317.394120][T18184] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  317.492984][T18184] EXT4-fs (loop8): 1 truncate cleaned up
[  317.551010][T18184] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  317.572823][T18188] loop6: detected capacity change from 0 to 512
[  317.619220][T18188] EXT4-fs (loop6): orphan cleanup on readonly fs
[  317.673672][T18188] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5182: bg 0: block 248: padding at end of block bitmap is not set
[  317.791583][T18188] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.5182: Failed to acquire dquot type 1
[  317.825012][T11639] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.887471][T18188] EXT4-fs (loop6): 1 truncate cleaned up
[  317.923265][T18188] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  318.105057][T16362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.401746][T18221] loop6: detected capacity change from 0 to 512
[  318.418661][T18221] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  318.482095][T18221] EXT4-fs (loop6): 1 truncate cleaned up
[  318.488324][T18221] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.564495][T18234] loop9: detected capacity change from 0 to 512
[  318.664551][T18234] EXT4-fs (loop9): orphan cleanup on readonly fs
[  318.671695][T18234] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5199: bg 0: block 248: padding at end of block bitmap is not set
[  318.687860][T18234] EXT4-fs error (device loop9): ext4_acquire_dquot:6927: comm syz.9.5199: Failed to acquire dquot type 1
[  318.700476][T18234] EXT4-fs (loop9): 1 truncate cleaned up
[  318.708397][T18234] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  318.765044][T18240] FAULT_INJECTION: forcing a failure.
[  318.765044][T18240] name failslab, interval 1, probability 0, space 0, times 0
[  318.777713][T18240] CPU: 0 UID: 0 PID: 18240 Comm: syz.8.5200 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  318.777749][T18240] Tainted: [W]=WARN
[  318.777757][T18240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  318.777773][T18240] Call Trace:
[  318.777781][T18240]  <TASK>
[  318.777791][T18240]  dump_stack_lvl+0xf2/0x150
[  318.777823][T18240]  dump_stack+0x15/0x1a
[  318.777845][T18240]  should_fail_ex+0x24a/0x260
[  318.777883][T18240]  should_failslab+0x8f/0xb0
[  318.777921][T18240]  kmem_cache_alloc_noprof+0x52/0x320
[  318.777943][T18240]  ? vm_area_dup+0x98/0x130
[  318.777969][T18240]  vm_area_dup+0x98/0x130
[  318.777998][T18240]  copy_mm+0x749/0x12d0
[  318.778031][T18240]  copy_process+0xd06/0x1f50
[  318.778065][T18240]  kernel_clone+0x167/0x5e0
[  318.778106][T18240]  ? vfs_write+0x644/0x920
[  318.778137][T18240]  ? find_lock_lowest_rq+0x35/0x120
[  318.778169][T18240]  __x64_sys_clone+0xe7/0x120
[  318.778205][T18240]  x64_sys_call+0x2d7e/0x2dc0
[  318.778234][T18240]  do_syscall_64+0xc9/0x1c0
[  318.778275][T18240]  ? clear_bhb_loop+0x55/0xb0
[  318.778309][T18240]  ? clear_bhb_loop+0x55/0xb0
[  318.778339][T18240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.778369][T18240] RIP: 0033:0x7f93a1d6d169
[  318.778388][T18240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.778411][T18240] RSP: 002b:00007f93a0394fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  318.778434][T18240] RAX: ffffffffffffffda RBX: 00007f93a1f86160 RCX: 00007f93a1d6d169
[  318.778449][T18240] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
[  318.778464][T18240] RBP: 00007f93a0395090 R08: 0000000000000000 R09: 0000000000000000
[  318.778475][T18240] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  318.778487][T18240] R13: 0000000000000000 R14: 00007f93a1f86160 R15: 00007fff5df4da08
[  318.778507][T18240]  </TASK>
[  319.123011][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.159659][T16362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.391517][T18258] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5208'.
[  319.397414][T18252] lo speed is unknown, defaulting to 1000
[  319.421839][T18252] lo speed is unknown, defaulting to 1000
[  319.474545][T18263] siw: device registration error -23
[  319.529175][T18268] netlink: 100 bytes leftover after parsing attributes in process `syz.2.5212'.
[  319.633536][   T29] kauditd_printk_skb: 94 callbacks suppressed
[  319.633553][   T29] audit: type=1400 audit(1742744761.137:16155): avc:  denied  { write } for  pid=18270 comm="syz.3.5213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  319.680063][   T29] audit: type=1400 audit(1742744761.187:16156): avc:  denied  { ioctl } for  pid=18270 comm="syz.3.5213" path="socket:[58431]" dev="sockfs" ino=58431 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  319.721646][T18286] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5217'.
[  319.730818][T18286] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5217'.
[  319.749207][T18281] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  319.764415][T18289] loop9: detected capacity change from 0 to 512
[  319.771217][   T29] audit: type=1326 audit(1742744761.257:16157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18283 comm="syz.6.5218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  319.796915][   T29] audit: type=1326 audit(1742744761.257:16158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18283 comm="syz.6.5218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  319.822710][   T29] audit: type=1326 audit(1742744761.257:16159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18283 comm="syz.6.5218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  319.826561][T18289] EXT4-fs (loop9): orphan cleanup on readonly fs
[  319.848595][   T29] audit: type=1326 audit(1742744761.257:16160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18283 comm="syz.6.5218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  319.856269][T18289] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5217: bg 0: block 248: padding at end of block bitmap is not set
[  319.878825][   T29] audit: type=1326 audit(1742744761.257:16161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18283 comm="syz.6.5218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  319.918124][   T29] audit: type=1326 audit(1742744761.257:16162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18283 comm="syz.6.5218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  319.943750][   T29] audit: type=1326 audit(1742744761.257:16163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18283 comm="syz.6.5218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb232bd169 code=0x7ffc0000
[  319.968106][T18289] Quota error (device loop9): write_blk: dquota write failed
[  319.968142][T18289] EXT4-fs error (device loop9): ext4_acquire_dquot:6927: comm syz.9.5217: Failed to acquire dquot type 1
[  319.969011][T18289] EXT4-fs (loop9): 1 truncate cleaned up
[  319.970191][T18289] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  320.018696][T18287] FAULT_INJECTION: forcing a failure.
[  320.018696][T18287] name failslab, interval 1, probability 0, space 0, times 0
[  320.032734][T18287] CPU: 1 UID: 0 PID: 18287 Comm: syz.6.5218 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  320.032765][T18287] Tainted: [W]=WARN
[  320.032774][T18287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  320.032788][T18287] Call Trace:
[  320.032795][T18287]  <TASK>
[  320.032805][T18287]  dump_stack_lvl+0xf2/0x150
[  320.032837][T18287]  dump_stack+0x15/0x1a
[  320.032872][T18287]  should_fail_ex+0x24a/0x260
[  320.032908][T18287]  should_failslab+0x8f/0xb0
[  320.032945][T18287]  kmem_cache_alloc_noprof+0x52/0x320
[  320.032979][T18287]  ? mas_alloc_nodes+0x1e3/0x490
[  320.033016][T18287]  mas_alloc_nodes+0x1e3/0x490
[  320.033052][T18287]  mas_preallocate+0x44a/0x650
[  320.033090][T18287]  __split_vma+0x244/0x6a0
[  320.033120][T18287]  vma_modify+0x105/0x200
[  320.033141][T18287]  vma_modify_policy+0xeb/0x120
[  320.033167][T18287]  mbind_range+0x1d8/0x490
[  320.033199][T18287]  __se_sys_mbind+0x95c/0x11c0
[  320.033236][T18287]  __x64_sys_mbind+0x78/0x90
[  320.033261][T18287]  x64_sys_call+0x2662/0x2dc0
[  320.033292][T18287]  do_syscall_64+0xc9/0x1c0
[  320.033330][T18287]  ? clear_bhb_loop+0x55/0xb0
[  320.033363][T18287]  ? clear_bhb_loop+0x55/0xb0
[  320.033395][T18287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.033428][T18287] RIP: 0033:0x7feb232bd169
[  320.033446][T18287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.033467][T18287] RSP: 002b:00007feb21927038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  320.033488][T18287] RAX: ffffffffffffffda RBX: 00007feb234d5fa0 RCX: 00007feb232bd169
[  320.033503][T18287] RDX: 0000000000000004 RSI: 0000000000800000 RDI: 0000200000001000
[  320.033516][T18287] RBP: 00007feb21927090 R08: 0000000000000000 R09: 0000000000000002
[  320.033530][T18287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.033544][T18287] R13: 0000000000000000 R14: 00007feb234d5fa0 R15: 00007ffc8be9ac58
[  320.033565][T18287]  </TASK>
[  320.258231][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.303313][T18301] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5223'.
[  320.317440][T18301] siw: device registration error -23
[  320.515666][T18316] loop6: detected capacity change from 0 to 2048
[  320.554064][T18316] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.571563][T18316] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  320.589145][T18316] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[  320.601627][T18316] EXT4-fs (loop6): This should not happen!! Data will be lost
[  320.601627][T18316] 
[  320.611321][T18316] EXT4-fs (loop6): Total free blocks count 0
[  320.617346][T18316] EXT4-fs (loop6): Free/Dirty block details
[  320.623287][T18316] EXT4-fs (loop6): free_blocks=2415919104
[  320.629116][T18316] EXT4-fs (loop6): dirty_blocks=32
[  320.634232][T18316] EXT4-fs (loop6): Block reservation details
[  320.640270][T18316] EXT4-fs (loop6): i_reserved_data_blocks=2
[  320.689632][T16362] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.715544][T18331] loop6: detected capacity change from 0 to 512
[  320.773238][T18335] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5237'.
[  320.782769][T18335] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5237'.
[  320.791888][T18335] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5237'.
[  320.803117][T18335] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (2878)
[  320.812548][T18335] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  320.884600][T18336] loop8: detected capacity change from 0 to 2048
[  320.900743][T18336] FAULT_INJECTION: forcing a failure.
[  320.900743][T18336] name failslab, interval 1, probability 0, space 0, times 0
[  320.916201][T18336] CPU: 1 UID: 0 PID: 18336 Comm: syz.8.5235 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  320.916232][T18336] Tainted: [W]=WARN
[  320.916239][T18336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  320.916279][T18336] Call Trace:
[  320.916287][T18336]  <TASK>
[  320.916295][T18336]  dump_stack_lvl+0xf2/0x150
[  320.916330][T18336]  dump_stack+0x15/0x1a
[  320.916387][T18336]  should_fail_ex+0x24a/0x260
[  320.916419][T18336]  should_failslab+0x8f/0xb0
[  320.916453][T18336]  __kmalloc_noprof+0xab/0x3f0
[  320.916480][T18336]  ? kobject_get_path+0x8f/0x1c0
[  320.916511][T18336]  kobject_get_path+0x8f/0x1c0
[  320.916535][T18336]  kobject_uevent_env+0x1b9/0x550
[  320.916563][T18336]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  320.916594][T18336]  ? device_pm_check_callbacks+0x632/0x650
[  320.916705][T18336]  kobject_uevent+0x1c/0x30
[  320.916770][T18336]  device_del+0x6fa/0x780
[  320.916797][T18336]  ? mntput+0x49/0x70
[  320.916826][T18336]  device_unregister+0x15/0x40
[  320.916863][T18336]  bdi_unregister+0x307/0x3a0
[  320.916901][T18336]  del_gendisk+0x2f4/0x5f0
[  320.916930][T18336]  loop_control_ioctl+0x3ae/0x440
[  320.917079][T18336]  ? __pfx_loop_control_ioctl+0x10/0x10
[  320.917109][T18336]  __se_sys_ioctl+0xc9/0x140
[  320.917139][T18336]  __x64_sys_ioctl+0x43/0x50
[  320.917177][T18336]  x64_sys_call+0x1690/0x2dc0
[  320.917257][T18336]  do_syscall_64+0xc9/0x1c0
[  320.917297][T18336]  ? clear_bhb_loop+0x55/0xb0
[  320.917330][T18336]  ? clear_bhb_loop+0x55/0xb0
[  320.917357][T18336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.917430][T18336] RIP: 0033:0x7f93a1d6d169
[  320.917497][T18336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.917519][T18336] RSP: 002b:00007f93a03b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  320.917600][T18336] RAX: ffffffffffffffda RBX: 00007f93a1f86080 RCX: 00007f93a1d6d169
[  320.917616][T18336] RDX: 0000000000000003 RSI: 0000000000004c81 RDI: 0000000000000006
[  320.917630][T18336] RBP: 00007f93a03b6090 R08: 0000000000000000 R09: 0000000000000000
[  320.917650][T18336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.917723][T18336] R13: 0000000000000000 R14: 00007f93a1f86080 R15: 00007fff5df4da08
[  320.917741][T18336]  </TASK>
[  321.257148][T18358] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5244'.
[  321.272118][T18358] veth1_macvtap: left promiscuous mode
[  321.676722][T18405] lo speed is unknown, defaulting to 1000
[  321.682946][T18405] lo speed is unknown, defaulting to 1000
[  321.738889][T18416] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5273'.
[  321.753248][T18414] loop8: detected capacity change from 0 to 1024
[  321.762807][T18417] IPVS: set_ctl: invalid protocol: 115 10.1.1.1:20001
[  321.772903][T18414] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  321.790461][T18419] netlink: 'syz.6.5273': attribute type 2 has an invalid length.
[  321.894147][T18426] FAULT_INJECTION: forcing a failure.
[  321.894147][T18426] name failslab, interval 1, probability 0, space 0, times 0
[  321.909162][T18426] CPU: 1 UID: 0 PID: 18426 Comm: syz.8.5276 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  321.909248][T18426] Tainted: [W]=WARN
[  321.909255][T18426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  321.909267][T18426] Call Trace:
[  321.909274][T18426]  <TASK>
[  321.909282][T18426]  dump_stack_lvl+0xf2/0x150
[  321.909315][T18426]  dump_stack+0x15/0x1a
[  321.909362][T18426]  should_fail_ex+0x24a/0x260
[  321.909463][T18426]  should_failslab+0x8f/0xb0
[  321.909578][T18426]  kmem_cache_alloc_node_noprof+0x59/0x320
[  321.909609][T18426]  ? perf_event_alloc+0x157/0x12d0
[  321.909636][T18426]  perf_event_alloc+0x157/0x12d0
[  321.909665][T18426]  __se_sys_perf_event_open+0x7f2/0x2230
[  321.909737][T18426]  ? from_kuid+0xf0/0x340
[  321.909769][T18426]  ? bpf_trace_run2+0x123/0x1d0
[  321.909840][T18426]  __x64_sys_perf_event_open+0x67/0x80
[  321.909906][T18426]  x64_sys_call+0x1deb/0x2dc0
[  321.909939][T18426]  do_syscall_64+0xc9/0x1c0
[  321.910046][T18426]  ? clear_bhb_loop+0x55/0xb0
[  321.910073][T18426]  ? clear_bhb_loop+0x55/0xb0
[  321.910105][T18426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.910175][T18426] RIP: 0033:0x7f93a1d6d169
[  321.910194][T18426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.910217][T18426] RSP: 002b:00007f93a03d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  321.910240][T18426] RAX: ffffffffffffffda RBX: 00007f93a1f85fa0 RCX: 00007f93a1d6d169
[  321.910256][T18426] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  321.910272][T18426] RBP: 00007f93a03d7090 R08: 0000000000000003 R09: 0000000000000000
[  321.910284][T18426] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[  321.910313][T18426] R13: 0000000000000000 R14: 00007f93a1f85fa0 R15: 00007fff5df4da08
[  321.910332][T18426]  </TASK>
[  322.869112][T18449] netlink: 'syz.8.5286': attribute type 21 has an invalid length.
[  322.900415][T18449] netlink: 'syz.8.5286': attribute type 1 has an invalid length.
[  323.080594][T18454] pimreg: entered allmulticast mode
[  323.146660][T18454] pimreg: left allmulticast mode
[  323.173502][T18465] SELinux:  policydb magic number 0x2329ca8c does not match expected magic number 0xf97cff8c
[  323.215138][T18454] loop9: detected capacity change from 0 to 512
[  323.223461][T18465] SELinux: failed to load policy
[  323.245048][T18454] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  323.278721][T18465] tap0: tun_chr_ioctl cmd 35111
[  323.307944][T18454] EXT4-fs (loop9): 1 truncate cleaned up
[  323.331423][T18454] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.408367][T18454] sd 0:0:1:0: device reset
[  323.482093][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.543843][T18483] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  323.543893][T18483] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.584616][T18483] lo speed is unknown, defaulting to 1000
[  323.589587][T18483] lo speed is unknown, defaulting to 1000
[  324.508562][T18516] __nla_validate_parse: 5 callbacks suppressed
[  324.508581][T18516] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5310'.
[  324.729477][T18523] netlink: 'syz.8.5312': attribute type 2 has an invalid length.
[  324.909624][T18533] loop9: detected capacity change from 0 to 2048
[  324.925990][T18533] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.943466][T18533] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  324.943593][T18533] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[  324.943638][T18533] EXT4-fs (loop9): This should not happen!! Data will be lost
[  324.943638][T18533] 
[  324.943713][T18533] EXT4-fs (loop9): Total free blocks count 0
[  324.943726][T18533] EXT4-fs (loop9): Free/Dirty block details
[  324.943737][T18533] EXT4-fs (loop9): free_blocks=2415919104
[  324.943750][T18533] EXT4-fs (loop9): dirty_blocks=32
[  324.943761][T18533] EXT4-fs (loop9): Block reservation details
[  324.943771][T18533] EXT4-fs (loop9): i_reserved_data_blocks=2
[  324.951656][T18540] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5320'.
[  324.956656][T18540] siw: device registration error -23
[  324.988922][T13585] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.006011][T18542] FAULT_INJECTION: forcing a failure.
[  325.006011][T18542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  325.006046][T18542] CPU: 1 UID: 0 PID: 18542 Comm: syz.8.5322 Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  325.006152][T18542] Tainted: [W]=WARN
[  325.006159][T18542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  325.006174][T18542] Call Trace:
[  325.006223][T18542]  <TASK>
[  325.006232][T18542]  dump_stack_lvl+0xf2/0x150
[  325.006264][T18542]  dump_stack+0x15/0x1a
[  325.006284][T18542]  should_fail_ex+0x24a/0x260
[  325.006354][T18542]  should_fail+0xb/0x10
[  325.006389][T18542]  should_fail_usercopy+0x1a/0x20
[  325.006494][T18542]  _copy_from_user+0x1c/0xa0
[  325.006518][T18542]  copy_msghdr_from_user+0x54/0x2a0
[  325.006561][T18542]  ? __fget_files+0x17c/0x1c0
[  325.006604][T18542]  __sys_sendmmsg+0x1e8/0x4b0
[  325.006687][T18542]  __x64_sys_sendmmsg+0x57/0x70
[  325.006720][T18542]  x64_sys_call+0x29aa/0x2dc0
[  325.006754][T18542]  do_syscall_64+0xc9/0x1c0
[  325.006811][   T29] kauditd_printk_skb: 557 callbacks suppressed
[  325.006805][T18542]  ? clear_bhb_loop+0x55/0xb0
[  325.006835][T18542]  ? clear_bhb_loop+0x55/0xb0
[  325.006907][   T29] audit: type=1326 audit(1742744766.507:16720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18541 comm="syz.8.5322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93a1d6d169 code=0x7ffc0000
[  325.006906][T18542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.006949][T18542] RIP: 0033:0x7f93a1d6d169
[  325.006967][T18542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.007029][T18542] RSP: 002b:00007f93a03d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  325.007041][   T29] audit: type=1326 audit(1742744766.507:16721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18541 comm="syz.8.5322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93a1d6d169 code=0x7ffc0000
[  325.007053][T18542] RAX: ffffffffffffffda RBX: 00007f93a1f85fa0 RCX: 00007f93a1d6d169
[  325.007076][T18542] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000007
[  325.007095][T18542] RBP: 00007f93a03d7090 R08: 0000000000000000 R09: 0000000000000000
[  325.007110][T18542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  325.007124][   T29] ==================================================================
[  325.007124][T18542] R13: 0000000000000000 R14: 00007f93a1f85fa0 R15: 00007fff5df4da08
[  325.007147][T18542]  </TASK>
[  325.007163][   T29] BUG: KCSAN: data-race in data_push_tail / number
[  325.007211][   T29] 
[  325.007217][   T29] write to 0xffffffff88be3e4d of 1 bytes by task 18542 on cpu 1:
[  325.007232][   T29]  number+0x88c/0xac0
[  325.007256][   T29]  vsnprintf+0x6ae/0x890
[  325.007282][   T29]  vscnprintf+0x42/0x90
[  325.007309][   T29]  printk_sprint+0x30/0x2d0
[  325.007331][   T29]  vprintk_store+0x589/0x870
[  325.007352][   T29]  vprintk_emit+0x168/0x690
[  325.007374][   T29]  vprintk_default+0x26/0x30
[  325.007394][   T29]  vprintk+0x1d/0x30
[  325.007421][   T29]  _printk+0x7a/0xa0
[  325.007451][   T29]  __show_regs+0x86/0x450
[  325.007472][   T29]  show_trace_log_lvl+0x348/0x400
[  325.007505][   T29]  dump_stack_lvl+0xf2/0x150
[  325.007532][   T29]  dump_stack+0x15/0x1a
[  325.007558][   T29]  should_fail_ex+0x24a/0x260
[  325.007602][   T29]  should_fail+0xb/0x10
[  325.007628][   T29]  should_fail_usercopy+0x1a/0x20
[  325.007658][   T29]  _copy_from_user+0x1c/0xa0
[  325.007679][   T29]  copy_msghdr_from_user+0x54/0x2a0
[  325.007717][   T29]  __sys_sendmmsg+0x1e8/0x4b0
[  325.007747][   T29]  __x64_sys_sendmmsg+0x57/0x70
[  325.007777][   T29]  x64_sys_call+0x29aa/0x2dc0
[  325.007809][   T29]  do_syscall_64+0xc9/0x1c0
[  325.007839][   T29]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.007864][   T29] 
[  325.007869][   T29] read to 0xffffffff88be3e48 of 8 bytes by task 29 on cpu 0:
[  325.007887][   T29]  data_push_tail+0x102/0x430
[  325.007927][   T29]  data_alloc+0xbe/0x2c0
[  325.007962][   T29]  prb_reserve+0x85e/0xb60
[  325.007998][   T29]  vprintk_store+0x558/0x870
[  325.008014][   T29]  vprintk_emit+0x168/0x690
[  325.008030][   T29]  vprintk_default+0x26/0x30
[  325.008048][   T29]  vprintk+0x1d/0x30
[  325.008071][   T29]  _printk+0x7a/0xa0
[  325.008101][   T29]  kauditd_hold_skb+0x1a3/0x1b0
[  325.008126][   T29]  kauditd_send_queue+0x288/0x2e0
[  325.008146][   T29]  kauditd_thread+0x42a/0x650
[  325.008163][   T29]  kthread+0x4ae/0x520
[  325.008188][   T29]  ret_from_fork+0x4b/0x60
[  325.008214][   T29]  ret_from_fork_asm+0x1a/0x30
[  325.008247][   T29] 
[  325.008252][   T29] value changed: 0x00000001000009b3 -> 0x000000203a584152
[  325.008265][   T29] 
[  325.008270][   T29] Reported by Kernel Concurrency Sanitizer on:
[  325.008283][   T29] CPU: 0 UID: 0 PID: 29 Comm: kauditd Tainted: G        W          6.14.0-rc7-syzkaller-00202-g183601b78a9b #0
[  325.008317][   T29] Tainted: [W]=WARN
[  325.008325][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  325.008337][   T29] ==================================================================
[  325.008479][   T29] audit: type=1326 audit(1742744766.507:16722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18541 comm="syz.8.5322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93a1d6d169 code=0x7ffc0000
[  325.008531][   T29] audit: type=1326 audit(1742744766.507:16723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18541 comm="syz.8.5322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f93a1d6d169 code=0x7ffc0000
[  325.008566][   T29] audit: type=1326 audit(1742744766.507:16724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18541 comm="syz.8.5322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93a1d6d169 code=0x7ffc0000
[  325.008627][   T29] audit: type=1326 audit(1742744766.507:16725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18541 comm="syz.8.5322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93a1d6d169 code=0x7ffc0000
[  325.008655][   T29] audit: type=1326 audit(1742744766.507:16726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18541 comm="syz.8.5322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93a1d6d169 code=0x7ffc0000
[  325.008727][   T29] audit: type=1326 audit(1742744766.507:16727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18541 comm="syz.8.5322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f93a1d6d169 code=0x7ffc0000
[  325.008759][   T29] audit: type=1326 audit(1742744766.507:16728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18541 comm="syz.8.5322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93a1d6d169 code=0x7ffc0000
[  325.008795][   T29] audit: type=1326 audit(1742744766.507:16729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18541 comm="syz.8.5322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f93a1d6d169 code=0x7ffc0000
[  325.009003][ T3376] IPVS: starting estimator thread 0...
[  325.055810][T18548] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5321'.
[  325.073488][T18554] sit0: entered promiscuous mode
[  325.118754][T18543] IPVS: using max 2064 ests per chain, 103200 per kthread
[  325.929905][T18554] netlink: 'syz.8.5325': attribute type 1 has an invalid length.
[  325.929924][T18554] netlink: 1 bytes leftover after parsing attributes in process `syz.8.5325'.